GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → boot2podman → boot2podman

boot2podman / boot2podman

Licence: Apache-2.0 license
Lightweight Linux for Podman

Programming Languages

shell
77523 projects
Makefile
30231 projects
Dockerfile
14818 projects
c
50402 projects - #5 most used programming language

Labels

kubernetescontainersocik8s

Projects that are alternatives of or similar to boot2podman

Runtime
Kata Containers version 1.x runtime (for version 2.x see https://github.com/kata-containers/kata-containers).
Stars: ✭ 2,103 (+2345.35%)
Mutual labels:  oci, k8s
Kata Containers
Kata Containers version 2.x repository. Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/
Stars: ✭ 1,053 (+1124.42%)
Mutual labels:  oci, k8s
k8s-deployer
Deploy Kubernetes service and store retrieved information in the Consul K/V store
Stars: ✭ 23 (-73.26%)
Mutual labels:  k8s
github-task-manager
receive github hook, notify agent, receive task results, notify github
Stars: ✭ 13 (-84.88%)
Mutual labels:  k8s
kahoy
Simple Kubernetes raw manifests deployment tool
Stars: ✭ 33 (-61.63%)
Mutual labels:  k8s
Helm-Cheat-Sheet
A cheat sheet for Helm commands.
Stars: ✭ 72 (-16.28%)
Mutual labels:  k8s
docker-alpine-sshd
A lightweight OpenSSH Docker Image built atop Alpine Linux.
Stars: ✭ 108 (+25.58%)
Mutual labels:  k8s
k8s-digester
Add digests to container and init container images in Kubernetes pod and pod template specs. Use either as a mutating admission webhook, or as a client-side KRM function with kpt or kustomize.
Stars: ✭ 65 (-24.42%)
Mutual labels:  k8s
Lecture k8s starter.kit
'쉽게 시작하는 쿠버네티스' 온라인 강의
Stars: ✭ 58 (-32.56%)
Mutual labels:  k8s
hcloud-ip-floater
k8s controller for Hetzner Cloud floating IPs
Stars: ✭ 43 (-50%)
Mutual labels:  k8s
micro-service-practice
OpenStack+Docker+RestAPI+OAuth/HMAC+RabbitMQ/ZMQ+OpenResty/HAProxy/Nginx/APIGateway+Bootstrap/AngularJS+Ansible+K8S/Mesos/Marathon构建/探索微服务最佳实践。
Stars: ✭ 25 (-70.93%)
Mutual labels:  k8s
db-sharding
Oracle Sharded database deployment automation and tools for use in client applications.
Stars: ✭ 30 (-65.12%)
Mutual labels:  oci
charts
Helm charts for creating reproducible and maintainable deployments of Polyaxon with Kubernetes.
Stars: ✭ 32 (-62.79%)
Mutual labels:  k8s
paas-templates
Bosh, CFAR, CFCR and OSB services templates for use with COA (cf-ops-automation) framework
Stars: ✭ 16 (-81.4%)
Mutual labels:  k8s
aegir
Validation Webhook for Kubernetes based on LIVR rules (https://livr-spec.org)
Stars: ✭ 50 (-41.86%)
Mutual labels:  k8s
k8s-metadata-injection
Kubernetes metadata injection for New Relic APM to make a linkage between APM and Infrastructure data.
Stars: ✭ 19 (-77.91%)
Mutual labels:  k8s
deploy
Deploy Development Builds of Open Cluster Management (OCM) on RedHat Openshift Container Platform
Stars: ✭ 133 (+54.65%)
Mutual labels:  k8s
k3s-vagrant
k3s k8s cluster playground
Stars: ✭ 39 (-54.65%)
Mutual labels:  k8s
kube-install
一鍵安裝部署高可用的多kubernetes集羣(二進位離線方式),支持定時安裝、添加與銷毀node、銷毀與修復master、一鍵卸載集羣等。One click offline installation of highly available multiple kubernetes cluster, supports schedule installation, addition of nodes, rebuild of kubernetes master, and uninstallation of clusters.
Stars: ✭ 336 (+290.7%)
Mutual labels:  k8s
fury-kubernetes-opa
Kubernetes Fury OPA. Policy enforcement for your Kubernetes Cluster
Stars: ✭ 34 (-60.47%)
Mutual labels:  k8s
View All Similar Projects ➔

DEPRECATED

Boot2podman is now deprecated. Users should try using Fedora instead.

Podman itself is only available for Linux systems, not Mac or Windows.

boot2podman logo

boot2podman

Boot2podman is a lightweight Linux distribution made specifically to run Linux containers. It runs completely from RAM, is a ~90MB download.

Features

  • Recent Linux Kernel, Podman / Buildah pre-installed and ready-to-use
  • Tools operate on Open Container Initiative (OCI) images and containers.
  • Container persistence via disk automount on /var/lib/containers
  • SSH keys persistence via disk automount (user keys and host keys)

Details

  • Linux 4.19, with support for cgroupfsand overlayfs configured
  • Podman and its dependencies like: runc, conmon, cni-plugins
  • Varlink support for running remotely (being tunneled over SSH)
  • Buildah support for building container images without daemon

Podman

Podman is a command line tool that allows for full management of a container's lifecycle from creation through removal. It supports multiple image formats including both the Docker and OCI image formats. Support for pods is provided allowing pods to manage groups of containers together.

Varlink

Varlink is an interface description format and protocol that aims to make services accessible to both humans and machines in the simplest feasible way. A varlink interface has a reverse-domain name and specifies which methods the interface implements. Each method has named and typed input and output parameters.

Buildah

The Buildah project provides a command line tool that be used to create an OCI or traditional Docker image format image and to then build a working container from the image. The container can be mounted and modified and then an image can be saved based on the updated container.

Skopeo

Skopeo is a command line tool that performs a variety of operations on container images and image repositories. Skopeo allows you to inspect an image showing its layers without requiring that the image be pulled. Skopeo also allows you to copy and delete an image from a repository.

For more details on the project relationship, see the Container Tools Guide.

Download

ISO can be found in: https://github.com/boot2podman/boot2podman/releases

Note that if you use podman-machine, it will download the ISO automatically...

Getting started

Please note that you should run podman and buildah using sudo!

In order to connect to the varlink socket (io.podman), you need root.

VirtualBox

For now you need to mount the CD-ROM image (ISO) as IDE, not as SATA.

There is currently no support for the VirtualBox Guest Additions (vboxsf).

QEMU/KVM

The default memory allocation (128 MiB) is too small to load everything:

qemu-system-x86_64 -enable-kvm -m 512 -cdrom boot2podman.iso

Sample session

Here showing a simple login session, from an early development version:

screenshot logo

Artwork

The boot2podman logo is based on the original podman logo and the Montserrat font.

The text logo is based on http://ascii.co.uk/art/seal and figlet -f ascii12 podman.

Installation

Currently based on CorePure64-10.1.iso, but with a custom kernel (4.19.10 -> 4.19.130)

We need support for cgroupfs (including "memory") and for overlayfs (on ext4).

Also need memory cgroup swap enabled, otherwise memory limits won't work properly.

CONFIG_MEMCG=y
CONFIG_MEMCG_SWAP=y
CONFIG_MEMCG_SWAP_ENABLED=y
CONFIG_OVERLAY_FS=y

We install the required go compiler environment by building from source code.

Then we install podman and other dependencies by building from source code.

  • runc
  • conmon
  • cni-plugins
  • cgroupfs-mount

The varlink command line tool can be installed by building from source code.

Support for running containers as a non-root user by building from source code.

We can also add buildah and its dependencies, by building from source code.

Optionally also skopeo for remote operations, by building from source code.

Kubernetes

Podman is run on a single host, Kubernetes is a cluster orchestration system.

We can install crio/crictl and k3s/kubectl by building from source code.

To include Kubernetes support, please use boot2podman-kubernetes.iso.

Start the server and agent with: sudo /usr/local/etc/init.d/k3s start

Podman can export Kubernetes config with: sudo podman generate kube

It can also import Kubernetes YAML config with: sudo podman play kube

Containers

It is also possible to run the build commands (detailed above) using containers.

Note that you need to use tce-load -wic, if not running privileged (mount).

Packages

Except for the kernel and some system dependencies, everything uses packages.

Here are the binary packages that are produced, after building from source code.

Build

These packages are used for building:

* total size, including dependencies (see .tree and .dep)

Runtime

These packages are used at runtime:

These .tcz files are bundled with the kernel in a initramfs, as per remastering TC.

Configuration

The software does not work after installation, without some mandatory registries and policy config done.

/etc/containers/registries.conf

[registries.search]
registries = ['docker.io', 'quay.io']

[registries.insecure]
registries = []

#blocked (docker only)
[registries.block]
registries = []

/etc/containers/policy.json

{
    "default": [
        {
            "type": "insecureAcceptAnything"
        }
    ],
    "transports":
        {
            "docker-daemon":
                {
                    "": [{"type":"insecureAcceptAnything"}]
                }
        }
}

/etc/containers/registries.d/default.yaml

# This is the default signature write location for docker registries.
default-docker:
  # sigstore: file:///var/lib/atomic/sigstore
  sigstore-staging: file:///var/lib/atomic/sigstore

We need to make sure to use "cgroupfs" (not systemd) and to disable "pivot_root" (if run under tmpfs).

/etc/containers/libpod.conf

# CGroup Manager - valid values are "systemd" and "cgroupfs"
cgroup_manager = "cgroupfs"
# Whether to use chroot instead of pivot_root in the runtime
no_pivot_root = true

Location of the configuration is currently hard-coded to /etc/containers, so it is not included in tcz...

Some information is currently not configurable, so it needs to be patched in to the source code directly.

Networking

Sample configuration, for /usr/local/etc/cni/net.d:

  • bridge
  • portmap
  • loopback

Example config files can be found at these locations:

Persist data

Boot2podman uses Tiny Core Linux, which runs from RAM and so does not persist filesystem changes by default.

When you run podman-machine create box, the tool auto-creates a disk that will be automounted and used to persist your docker data in /var/lib/containers and /var/lib/boot2podman. This virtual disk will be removed when you run podman-machine delete box. It will also persist the SSH keys of the machine. Changes outside of these directories will be lost after powering down or restarting the VM.

If you are not using the Podman Machine management tool, you can create an ext4 formatted partition with the label boot2podman-data (mkfs.ext4 -L boot2podman-data /dev/sdX5) to your VM or host, and Boot2podman will automount it on /mnt/sdX and then softlink /mnt/sdX/var/lib/containers to /var/lib/containers.

Inspiration

Boot2podman is inspired by Boot2Docker, which is a similar solution but for another popular container runtime.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].