#Oci

Open-source projects categorized as Oci | Edit details

Top 23 Oci Open-Source Projects

  • GitHub repo gvisor

    Application Kernel for Containers

    Project mention: holy shit lmao no generics | reddit.com/r/rustjerk | 2021-05-08
  • GitHub repo jib

    🏗 Build container images for your Java applications.

    Project mention: Is Docker Dead in the Water? | reddit.com/r/programming | 2021-05-07

    The docker utility isn't the only way to build and run containers. There's also cri-o, podman, and crun among others for running containers. For building there is podman again, Jib for Java applications, and bazel plus many others. The docker approach of using a client to connect to a daemon required to run as root has turned out to be slow and insecure.

  • GitHub repo containerd

    An open and reliable container runtime

    Project mention: Kubernetes vs Docker: Understanding Containers in 2021 | dev.to | 2021-04-19

    In its first iterations, Docker used Linux Containers (LXC) as the runtime backend. As the project evolved, LXC was replaced by containerd, Docker’s own implementation. A modern Docker installation is divided into two services: containerd, responsible for managing containers, and dockerd, which does all the rest.

  • GitHub repo runc

    CLI tool for spawning and running containers according to the OCI specification

    Project mention: I spent more than a week chasing on-prem PLEG unhealthy and sandbox timeouts. What I learned: Avoid runc 1.0.0-rc93 on Centos 7 | reddit.com/r/kubernetes | 2021-04-28

    yep, was fixed here but we're waiting for rc94, what was happening is there's a new pipe processing permissions and at a certain point it'll deadlock, causing docker to inspect to fail, causing PLEG timeouts. Containers launched with no new perms will start to fail at a certain point too, the tipping point is different depending on the environment.

  • GitHub repo clair

    Vulnerability Static Analysis for Containers

    Project mention: Docker Images Scanning | reddit.com/r/docker | 2021-03-31

    Check https://github.com/quay/clair

  • GitHub repo distribution

    The toolkit to pack, ship, store, and deliver container content

    Project mention: Looking for Tutorial on how to create and deploy a docker image without docker hub | reddit.com/r/docker | 2021-04-19

    The open source software powering Hub and many other registries - officially called Distribution, and recently donated to the CNCF - can be run yourself: https://github.com/distribution/distribution

  • GitHub repo buildkit

    concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit

    Project mention: Push and publish Docker images with GitHub Actions | dev.to | 2021-05-02

    docker/[email protected]: it builds and pushes Docker images with Buildx with the full support of the features provided by Moby BuildKit builder toolkit.

  • GitHub repo cri-o

    Open Container Initiative-based implementation of Kubernetes Container Runtime Interface

    Project mention: Is Docker Dead in the Water? | reddit.com/r/programming | 2021-05-07

    The docker utility isn't the only way to build and run containers. There's also cri-o, podman, and crun among others for running containers. For building there is podman again, Jib for Java applications, and bazel plus many others. The docker approach of using a client to connect to a daemon required to run as root has turned out to be slow and insecure.

  • GitHub repo dockerfile

    Dockerfile best-practices for writing production-worthy Docker images.

    Project mention: Dockerfile Best Practices | reddit.com/r/patient_hackernews | 2021-01-03
  • GitHub repo runtime

    Kata Containers version 1.x runtime (for version 2.x see https://github.com/kata-containers/kata-containers). (by kata-containers)

    Project mention: Set *minimum* CPU allocation for a service | reddit.com/r/linuxadmin | 2021-05-05

    in parts of prod we use a combination of cgroups (mentioned in the thread already), taskset https://man7.org/linux/man-pages/man1/taskset.1.html, and in other cases (HPC workloads on large clusters) Kata Containers to isolate and optimize application resources: https://katacontainers.io/

  • GitHub repo runtime-spec

    OCI Runtime Specification

    Project mention: Kubernetes vs Docker: Understanding Containers in 2021 | dev.to | 2021-04-19

    A runtime specification that describes how to unpack and run a container. OCI maintains a reference implementation called runc. Both containerd and CRI-O use runc in the background to spawn containers.

  • GitHub repo ignite

    Ignite a Firecracker microVM (by weaveworks)

    Project mention: Crun: Fully featured OCI runtime and C library for running containers | news.ycombinator.com | 2021-01-30

    Another Rust option is Firecracker, it manages micro VM but can be used for Docker, ala Fargate and https://github.com/weaveworks/ignite

  • GitHub repo image-spec

    OCI Image Format

    Project mention: Tiny Container Challenge: Building a 6kB Containerized HTTP Server | news.ycombinator.com | 2021-04-22

    The container, if it's `from SCRATCH` is basically just a gzip/zip archive.

    https://github.com/opencontainers/image-spec/blob/master/ima...

  • GitHub repo cloudsploit

    Cloud Security Posture Management (CSPM)

    Project mention: CloudSploit: Análisis de seguridad en la nube ☁☁ | reddit.com/r/u_esgeeks | 2021-03-16
  • GitHub repo firecracker-containerd

    firecracker-containerd enables containerd to manage containers as Firecracker microVMs

    Project mention: Docker Without Docker | news.ycombinator.com | 2021-04-08

    I'm really impressed by fly.io, and the candidness with which they share some of their really awesome technology. Being container-first is the next step for PaaS IMO and they are ahead of the pack.

    I aim to build a platform like theirs someday (probably not any time soon) but I don't think I'd do any of what they're doing -- it feels unnecessary. Bear with me as I recently learned that they use nomad[0] and some of these suggestions are kubernetes projects but I'd love to hear why the following technologies were decided against (if they were):

    - kata-containers[1] (it does the whole container -> VM flow for you, automatically, nemu, firecracker) with multiple VMM options[2]

    - linuxkit[3] (let's say you didn't go with kata-containers, this is another container->VM path)

    - firecracker-containerd[4] (very minimal keep-your-container-but-run-it-as-a-VM)

    - kubevirt[5] (if you just want to actually run VMs, regardless of how you built them)

    - Ceph[6] for storage -- make LVM pools and just give them to Ceph, you'll get blocks, distributed filesystems (CephFS), and object gateways (S3/Swift) out of it (in the k8s space Rook manages this)

    As an aside to all this, there's also LXD, which supports running "system" (user namespace isolated) containers, VMs (somewhat recent[7][8]), live migration via criu[9], management/migration of underlying filesystems, runs on LVM or zfs[10], it's basically all-in-one, but does fall behind in terms of ecosystem since everyone else is aboard the "cloud native"/"works-with-kubernetes" train.

    I've basically how I plan to run a service like fly.io if I ever did -- so maybe my secret is out, but I sure would like to know just how much of this fly.io got built on (if any of it), and/or what was turned down.

    [0]: https://news.ycombinator.com/item?id=26745514

    [1]: https://github.com/kata-containers/kata-containers

    [2]: https://github.com/kata-containers/kata-containers/blob/2fc7...

    [3]: https://github.com/linuxkit/linuxkit

    [4]: https://github.com/firecracker-microvm/firecracker-container...

    [5]: https://github.com/kubevirt/kubevirt

    [6]: https://docs.ceph.com/

    [7]: https://discuss.linuxcontainers.org/t/running-virtual-machin...

    [8]: https://github.com/lxc/lxd/issues/6205

    [9]: https://criu.org/Main_Page

    [10]: https://linuxcontainers.org/lxd/docs/master/storage

  • GitHub repo kata-containers

    Kata Containers version 2.x repository. Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/

    Project mention: Docker Without Docker | news.ycombinator.com | 2021-04-08

    I'm really impressed by fly.io, and the candidness with which they share some of their really awesome technology. Being container-first is the next step for PaaS IMO and they are ahead of the pack.

    I aim to build a platform like theirs someday (probably not any time soon) but I don't think I'd do any of what they're doing -- it feels unnecessary. Bear with me as I recently learned that they use nomad[0] and some of these suggestions are kubernetes projects but I'd love to hear why the following technologies were decided against (if they were):

    - kata-containers[1] (it does the whole container -> VM flow for you, automatically, nemu, firecracker) with multiple VMM options[2]

    - linuxkit[3] (let's say you didn't go with kata-containers, this is another container->VM path)

    - firecracker-containerd[4] (very minimal keep-your-container-but-run-it-as-a-VM)

    - kubevirt[5] (if you just want to actually run VMs, regardless of how you built them)

    - Ceph[6] for storage -- make LVM pools and just give them to Ceph, you'll get blocks, distributed filesystems (CephFS), and object gateways (S3/Swift) out of it (in the k8s space Rook manages this)

    As an aside to all this, there's also LXD, which supports running "system" (user namespace isolated) containers, VMs (somewhat recent[7][8]), live migration via criu[9], management/migration of underlying filesystems, runs on LVM or zfs[10], it's basically all-in-one, but does fall behind in terms of ecosystem since everyone else is aboard the "cloud native"/"works-with-kubernetes" train.

    I've basically how I plan to run a service like fly.io if I ever did -- so maybe my secret is out, but I sure would like to know just how much of this fly.io got built on (if any of it), and/or what was turned down.

    [0]: https://news.ycombinator.com/item?id=26745514

    [1]: https://github.com/kata-containers/kata-containers

    [2]: https://github.com/kata-containers/kata-containers/blob/2fc7...

    [3]: https://github.com/linuxkit/linuxkit

    [4]: https://github.com/firecracker-microvm/firecracker-container...

    [5]: https://github.com/kubevirt/kubevirt

    [6]: https://docs.ceph.com/

    [7]: https://discuss.linuxcontainers.org/t/running-virtual-machin...

    [8]: https://github.com/lxc/lxd/issues/6205

    [9]: https://criu.org/Main_Page

    [10]: https://linuxcontainers.org/lxd/docs/master/storage

  • GitHub repo crun

    A fast and lightweight fully featured OCI runtime and C library for running containers

    Project mention: Is Docker Dead in the Water? | reddit.com/r/programming | 2021-05-07

    The docker utility isn't the only way to build and run containers. There's also cri-o, podman, and crun among others for running containers. For building there is podman again, Jib for Java applications, and bazel plus many others. The docker approach of using a client to connect to a daemon required to run as root has turned out to be slow and insecure.

  • GitHub repo grype

    A vulnerability scanner for container images and filesystems

    Project mention: CVE Alerting Platform | news.ycombinator.com | 2021-04-13

    Or grype for checking your Docker images:

    https://github.com/anchore/grype

  • GitHub repo terraform-provider-oci

    Terraform Oracle Cloud Infrastructure provider

    Project mention: OCI Terraform help | reddit.com/r/Terraform | 2021-03-29

    Looks like it's objecting to target.bucket.name value not evaluating properly. IDK if that is supposed to be a terraform value or just has meaning to OCI. You can debug by generating a TRACE log by setting environment variable TF_LOG=TRACE this will show more info. You can also take a look at the terraform-provider-oci code located here https://github.com/terraform-providers/terraform-provider-oci. Also think about setting locals{} values so you can output them for debugging purposes.

  • GitHub repo oras

    OCI Registry As Storage

    Project mention: OCI Registry as Storage | news.ycombinator.com | 2020-12-22
  • GitHub repo runj

    runj is an experimental, proof-of-concept OCI-compatible runtime for FreeBSD jails.

    Project mention: Runj: Experimental, proof-of-concept OCI-compatible runtime for FreeBSD jails | reddit.com/r/freebsd | 2021-03-17
  • GitHub repo cloudblock

    Cloudblock deploys secure ad-blocking and VPN for all devices. Text and video guides included! 6 supported cloud providers, plus Ubuntu and Raspberry Pi. Cloudblock deploys Wireguard VPN, Pi-Hole DNS Ad-blocking, and DNS over HTTPS in a cloud provider - or locally - using Terraform and Ansible.

    Project mention: Which model pi do you use for pi hole? | reddit.com/r/pihole | 2021-04-24

    Here’s a direct link as well https://github.com/chadgeary/cloudblock/tree/master/gcp

  • GitHub repo distribution-spec

    OCI Distribution Specification

    Project mention: Developer tools for Cloud Run | dev.to | 2021-05-04

    Cloud Run is the next generation of serverless solution offered by Google Cloud. It allows you to execute an OCI image (Docker image for instance) of your choice on Google Cloud servers.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2021-05-08.

Index

What are some of the best open-source Oci projects? This list will help you:

Project Stars
1 gvisor 11,234
2 jib 10,550
3 containerd 8,279
4 runc 7,915
5 clair 7,776
6 distribution 6,125
7 buildkit 3,729
8 cri-o 3,341
9 dockerfile 3,163
10 runtime 2,094
11 runtime-spec 2,075
12 ignite 1,609
13 image-spec 1,496
14 cloudsploit 1,397
15 firecracker-containerd 1,168
16 kata-containers 1,160
17 crun 1,030
18 grype 484
19 terraform-provider-oci 415
20 oras 400
21 runj 286
22 cloudblock 277
23 distribution-spec 263