mkosi
constellation
Our great sponsors
mkosi | constellation | |
---|---|---|
16 | 31 | |
1,039 | 863 | |
3.5% | 3.1% | |
9.9 | 9.9 | |
7 days ago | 7 days ago | |
Python | Go | |
GNU Lesser General Public License v3.0 only | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
mkosi
- Build Initramfs Rootless
-
Building minimal GNU/Linux operating system images using Systemd Mkosi
I work with a free and open-source software community called Fedora Project. I had the opportunity to moderate the talk of one of the maintainers of the Systemd suite during the annual contributor conference, Flock To Fedora 2023 where he talked about a tool named Mkosi.
- Mkosi: Build Bespoke OS Images
-
Seamlessly run other Linux distributions inside your terminal
For testing i prefer systemd-nspawn containers with mkosi. A neat tool for running your other fav. distro in a terminal. Works like a charm and integrates nicely in your system. Eg. logs and systemd services or CI testing.
- https://github.com/systemd/mkosi
- man:systemd-nspawn(1)
- man:machinectl(1)
-
Bootable Live USB (Debian)
you're gonna have to build this on an x86 pc. sudo dnf install arch-install-scripts bubblewrap gdisk qemu-user-static rsync systemd-container python3 -m pip install --user git+https://github.com/systemd/mkosi.git git clone https://github.com/leifliddy/asahi-fedora-usb.git cd asahi-fedora-usb
-
LAPAS: The story of how I made a distribution for LanPartyServers
There's also mkosi: https://github.com/systemd/mkosi. This one outputs an iso or similar image file and supports many base distributions.
-
systemd /boot/loader/entries/[entry].conf title default
[1] https://github.com/systemd/mkosi/issues/376
-
Crafting container images without Dockerfiles
System's mkosi is worth checking out too: https://github.com/systemd/mkosi I don't think it generates docker/OCI images directly, but it definitely can generate a tarball of the final image contents and then crane of a similar tool could package it up into an appropriate image. For just docker usage it's probably overkill, the main advantage would be it can build other image types like adding a kernel and init to be a fully bootable iso of VM image.
-
Rocket.Chat🚀+ Constellation💫 = most secure chat server ever (?!)
Constellation ensures that all K8s nodes run on AMD-based Confidential VMs (CVMs). CVMs are strongly isolated from the host and remain encrypted in memory at runtime. Constellation also ensures that all nodes run the same minimal mkosi-based node image.
-
AtomsDevs/Atoms - Easily manage Linux Chroot(s) and Containers
At first glance I thought your project is a frontend for mkosi but then I saw that you support non-systemd targets too. Mentioning it here because it may be relevant to other users/developers.
constellation
-
Using "Confidential Computing" with Hetzner? (Intel SGX/TDX, AMD SEV/SNP)
A lot happening in Europe, Enclaive provides encrypting containers (GitHub), Edgeless Systems provides a whole encrypted k8s with constellation (GitHub), then there are other players like scontain and secustack.
-
Mögliche Lösungen zu selbstzerstörenden Umgebungen mit einem Trigger
Aber schau dir bspw mal https://github.com/edgelesssys/constellation an.
-
Where are you hosting your Managed Kubernetes and why?
Would smth. like https://github.com/edgelesssys/constellation be helpful for those cases?
-
Why is K8 an issue when compliances become important for enterprises (HIPAA)
Hey u/Aztreix, we've recently released an open-source Kubernetes distribution that keeps all data always encrypted and isolates your workloads from cloud infrastructure. This solves many compliance requirements, at least for European companies. Feel free to check it out: https://github.com/edgelesssys/constellation.
- What Is Confidential Kubernetes?
-
Germany Forces a Microsoft 365 Ban Due to Privacy Concerns
Maybe they should deploy it via Constellation https://github.com/edgelesssys/constellation
- Constellation: Confidential Kubernetes
-
Setting up a "confidential" GitLab🦊🔒
Easy! I recently posted about our open-source project Constellation. Constellation is the first confidential Kubernetes distribution. Think Rancher Kubernetes Engine (RKE) or RedHat OpenShift for confidential computing.
-
What about Zero Trust Infrastructure?
Therefore, having such verifiable infrastructure seems paramount for a zero trust architecture. Constellation (https://github.com/edgelesssys/constellation) for example leverages Confidential Computing hardware to provide a fully-verifiable Kubernetes cluster. (Disclaimer: I work on that project)
-
What's your take on Zero Trust for Kubernetes?
Constellation does this as well btw: https://github.com/edgelesssys/constellation Disclaimer, I work on the project.
What are some alternatives?
ostree - Operating system and container binary deployment and upgrades
pocketbase - Open Source realtime backend in 1 file
efiboots - Manage EFI boot loader entries with this simple GUI
kcl - KCL Programming Language (CNCF Sandbox Project). https://kcl-lang.io
btdu - sampling disk usage profiler for btrfs
terraform - Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
dnfdragora - dnfdragora is a dnf frontend based on libyui abstraction
node_crunch - Allows to distribute computations across several nodes
nvidia-auto-installer-for-fedora-linux - A CLI tool which lets you install proprietary NVIDIA drivers and much more easily on Fedora Linux (32 or above and Rawhide)
Cromtit - Run Tomtit scenarios as cron jobs and more.
sig-security - 🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!
vscode-kcl - VS Code KCL Extension