libkrun
crun
libkrun | crun | |
---|---|---|
8 | 31 | |
924 | 3,080 | |
5.7% | 1.8% | |
9.0 | 9.4 | |
5 days ago | 8 days ago | |
Rust | C | |
Apache License 2.0 | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
libkrun
-
Hyperlight: Virtual machine-based security for functions at scale
libkrun (on Linux) is probably a closer comparison (though still not quite the same). https://github.com/containers/libkrun
- My VM is lighter (and safer) than your container
-
Krunvm – Create MicroVMs from OCI Images
These specific microVMs are managed by: https://github.com/containers/libkrun#goals-and-non-goals (linked directly to project scopes).
In summary though (others redacted):
# Goals
- Execute Docker Containers as QEMU MicroVMs
-
Show HN: krunvm – Create and run lightweight VMs from OCI images
The key is that libkrun (https://github.com/containers/libkrun), the library that krunvm uses for running the VMs, as recently integrated support for Hypervisor.framework on ARM64, in addition to KVM.
As for buildah, the Homebrew repo contains a build that includes this PR (https://github.com/containers/storage/pull/811).
crun
-
RunCVM: An open-source Docker runtime for launching container images in VMs
Podman supports this since quite a while with the krun variant of the crun runtime (https://github.com/containers/crun/blob/main/krun.1), provided in Fedora by the "crun-krun" package. Just add "--runtime=krun" to your podman command line along the other arguments and you'll get the container running inside a VM powered by libkrun.
-
Show HN: dockerc – Docker image to static executable "compiler"
Yep pretty much.
The executables bundle crun (a container runtime)[0], and a fuse implementation of squashfs and overlayfs. Appended to that is a squashfs of the image.
At runtime the squashfs and overlayfs are mounted and the container is started.
[0]: https://github.com/containers/crun
- Howto: WASM runtimes in Docker / Colima
-
Google assigns a CVE for libwebp and gives it a 10.0 score
On this note, I was really surprised to find Red Hat's OCI runtime is written in C: https://github.com/containers/crun
Is anyone working on a Rust version?
-
US Cybersecurity: The Urgent Need for Memory Safety in Software Products
It's interesting that, in light of things like this, you still see large software companies adding support for new components written in non-memory safe languages (e.g. C)
As an example Red Hat OpenShift added support for crun(https://github.com/containers/crun) this year(https://cloud.redhat.com/blog/whats-new-in-red-hat-openshift...), which is written in C as an alternative to runc, which is written in Go(https://github.com/opencontainers/runc)...
- Barco: Linux Containers from Scratch in C
-
Crun: Fast and lightweight OCI runtime and C library for running containers
Kubernetes needs an OCI runtime to run containers with. Crun is one implementation it can use.
Docker also appears to be able to use crun for it's engine as well. https://github.com/containers/crun/issues/37
-
Best virtualization solution with Ubuntu 22.04
crun
- Why did the Krustlet project die?
What are some alternatives?
firecracker - Secure and fast microVMs for serverless computing.
runc - CLI tool for spawning and running containers according to the OCI specification
libkrunfw - A dynamic library bundling the guest payload consumed by libkrun
youki - A container runtime written in Rust
harvester - Open source hyperconverged infrastructure (HCI) software
cri-o - Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
slim - Build and run tiny vms from Dockerfiles. Small and sleek.
podman - Podman: A tool for managing OCI containers and pods.
krunvm - Create microVMs from OCI images
wasm-micro-runtime - WebAssembly Micro Runtime (WAMR)
kwarantine - Kwarantine can run strongly isolated containers in a multi-tenant setting
runtime-tools - OCI Runtime Tools