snekbox VS sysbox

why not use a secure code execution engine like python-discord/snekbox or engineer-man/piston though?

Snekbox is conveniently available as a Docker image, so you can host it with any provider that supports Docker. All the big cloud providers (AWS, Azure, GCP, etc) all have a free tier available.

While trying to host snekbox according to this article: https://devcenter.heroku.com/articles/container-registry-and-runtime i got a module not found error regarding gunicorn? This script works fine on my computer so what do I have to change to get it to work on heroku?

https://github.com/python-discord/snekbox This is the github.

How can I edit the code of this repo: https://github.com/python-discord/snekbox so that snekbox always has access to a custom package like numpy? According to the github I can type:

Wanted to use a python eval bot in discord but you need to set up this api first: https://github.com/python-discord/snekbox. How can I do that on something like replit or heroku and how can I get a link to where it is hosted so I can actually use it?

Theres also Snekbox, which we used over at python discord for the eval bot command: https://github.com/python-discord/snekbox

I picked up python and software dev in general because I could not find a job after graduating with an elec eng degree. Python is so much fun! As for the people to bounce off ideas I would recommend Python discord server. They also have private chat rooms where I can talk 1-on-1 with people and explain your problems/ideas better.

You are probably referring to Sysbox (https://github.com/nestybox/sysbox), which I believe will meet your requirements (systemd, inner containers, security, etc).

Btw, Sysbox is already supported in Docker-Desktop (business tier only), so you can easily do what you want with this instruction:

$ docker run -it --rm -e SYSBOX_SYSCONT_MODE=TRUE nestybox/ubuntu-focal-systemd-docker:latest bash

Disclaimer: I'm Sysbox's co-creator and currently working for Docker.

One project in this space that looked quite promising to me is sysbox[0]. I've used them once for a gitlab runner set-up similar to what is described in their blog[1].

It's currently working great and I have not had any major crashes/incidents for at least the past 8 months.

[0]: https://github.com/nestybox/sysbox

[1]: https://blog.nestybox.com/2020/10/21/gitlab-dind.html

Today, things are very different. Docker-in-Docker has a more secure and safe approach with rootless containers and freemium tools like sysbox. Tools like sysbox let you run Docker-in-Docker without the -privileged flag and optimizes specific scenarios, like running multiple nodes of a Kubernetes cluster as ordinary containers.

Right now I am going with sysbox rootless containers. https://github.com/nestybox/sysbox

We’ve been using Sysbox (https://github.com/nestybox/sysbox) for our Buildkite based CI/CD setup, allows docker-in-docker without privileged containers. Paired with careful IAM/STS design we’ve ended up with isolated job containers with their own IAM roles limited to least-privilege.

A good alternative to the VM approach is to use Kubernetes + Sysbox (a next-gen "runc", free, open-source).

But nowadays there is an option to run such software in containers securely. It's called Sysbox, and it's a new "runc" (the piece of software that creates the containers). I am one of the developers, so I am biased, but I think you'll find it helpful.