Projects in the topic containers
Linux containers is a generic term for an implementation of operating system-level virtualization for the Linux operating system.

Add PIDs cgroup support to runC and Docker

an invention by cyphar

Currently, dealing with forkbombs and similar issues with Docker and runC is not very nice (you have to set a global limit for all Docker processes or you have to limit kernel memory which isn't very practical). I'm going to work on getting some [patches][2] merged into runC and Docker to enable PIDs support for Docker.

Updated about 3 years ago. 1 hackers ♥️.

Rootless Containers

an invention by cyphar

In many cases, people want to start containers on a system where the administrator is not happy about granting privileges to users or installing any new software. For example, when I was a researcher and wanted to run Python 3 on a computing cluster it was not possible to get the administrator to install Docker or Python 3. In recent Linux kernels, it has been possible to create containers without any privileges. All that's missing is a container runtime that allows you to do this. LXC is close but falls short (it requires certain privileged processes and PAM modules for everything to work).

Updated over 2 years ago. 1 hackers ♥️.

SLES/openSUSE integration for Clair

a project by tboerger

Clair is a static vulnerability analyzer for containers. Currently it supports containers based on Debian, Ubuntu and RedHat. I already started this project on the CSM workshop, now I want to finish the integration for openSUSE and SLES based container images. You can track the changes at

Updated over 5 years ago. No love.

OCI Image Distribution with RPMs

a project by cyphar

Currently the Open Container Initiative doesn't specify a distribution protocol or system, and the current "standard" format is the Docker registry protocol. Aside from technical reservations with Docker registry, it is also not an OCI-compliant system and will require a lot of work to integrate it into all of the openSUSE/SUSE tooling. So, a very insane idea I came up with is to convert OCI images to RPMs and then distribute them as simple RPMs. The idea would be to use capabilities (Provides: oci(...)) to implement the different names of images and then also the dependency graph of blobs (which would naturally be de-duplicated).

Updated about 3 years ago. 3 hacker ♥️.

Kubic Desktop - aka Sgt Peppers Read Only Hearts Club Band

a project by RBrownSUSE

The Kubic Project currently produces a "CaaSP-like" Tumbleweed OS, focused on Kubernetes clusters However many of the attributes of Kubic (read-only filesystem, transactional updates, containerised services) could be an interesting platform for another use A Chromebook-like Linux Desktop

Updated 4 months ago. 10 hacker ♥️.

Learn more about container from SUSE CaaS Platform

a project by xguo

How to deploy container - Docker based on SUSE CaaS Platform.

Updated 4 months ago. 2 hacker ♥️.

Kernel Boot/Testing Framework with LinuxKit

a project by vrothberg

Problem statement

Once a kernel is built, a developer/janitor may want to boot the kernel for various reasons, such as performing simple boot test or running tests and workloads from user space or simply playing around in a shell. However, an easy to use and a descriptive tool to perform those tasks doesn't exist to our knowledge.

Updated 4 months ago. 2 hacker ♥️.

move concourse instance from bare-metal to caasp production instance

a project by m_meister

Right now our concourse instance runs containerized (via docker-compose) on bare metal We already have a production caasp instance, so we can already move it there

Updated about 3 years ago. 1 hackers ♥️.

kubeojo: Health metrics for products and testsuites

a project by dmaiocchi

Updated 4 months ago. 2 hacker ♥️. 1 follower.

OpenShift Origin on Kubic

a project by RBrownSUSE

The incredible Neal Gompa has packaged Open Shift Origin (RH's core Docker + Kubernetes stack) for openSUSE Links:

Updated about 3 years ago. 1 hackers ♥️.

Architecting a Machine Learning project with SUSE CaaSP

an invention by jordimassaguerpla

The goal of this project is to get an overview of the state-of-the-art technology on training and deploying machine learning projects with kubernetes and apply that to a SUSE CaaSP cluster. With that in mind, we will train and deploy a model for summarizing github issues:

Updated over 2 years ago. 4 hacker ♥️. 2 followers.

Hammer an Envoy service mesh onto a SAP S4/HANA landscape and watch everything explode.

a project by STorresi

Although CNCF projects are almost exclusively related to Linux containers, some ideas, like wrapping all the services into network proxies to create a distributed data-plane and enable true observability, could perhaps be explored for some kind of backport in complex legacy distributed systems, like... say... S4/HANA?! I don't even know if this is feasible, but trying won't hurt... just stand at a safe distance from the cluster!

Updated over 2 years ago. 2 hacker ♥️. 2 followers.

Modernize Mash deployment

a project by seanmarlow

Mash is a Python based CI/CD pipeline for automated testing and publishing of public cloud images. Currently the production and development deployment for the package is inconsistent, slow and manual. This is a barrier to rapid development, deployment and testing. It also means the development workflow is different than production. This can lead to production issues which were not seen during development. In order to modernize the Mash workflow I plan to spend the week digging into a plethora of tools to first learn then build out a new workflow. The goal is to simplify deployment by choosing tools that provide consistency, modularity and repeatability. By leveraging the best tools available we can harden the code and accelerate the release cycle.

Updated over 2 years ago. No love. 2 followers.

Run VMs in CaaSP 4 cluster with SUSE-powered kubevirt

a project by jfehlig

This project aims to run VMs in a CaaSP 4 cluster using kubevirt and a libvirt+qemu container (aka compute container) based on SLES15 SP1/2. Compute containers based on openSUSE Leap15.1 and SLES15 SP1 already available in and respectively. VMs can be deployed to the cluster but there are several functional problems that need investigating, e.g. accessing the VM's serial and VNC consoles, proper network access, etc.

Updated over 2 years ago. 2 hacker ♥️. 2 followers.

Packaging libnvidia-containers and nvidia-container-runtime-hook

an invention by jordimassaguerpla

This is a follow up to In the last hackweek I learned that in order to run machine learning workflows on top of SUSE CaaSP, the missing piece is to have libnvidia-containers and nvidia-containers-runtime-hook packaged.

Updated over 2 years ago. 3 hacker ♥️. 1 follower.

Migrate suntorytimed/resourcespace container to an openSUSE base

a project by suntorytimed

Project Description

For quite some time I am providing a ResourceSpace container on Docker Hub. It is meanwhile pulled about 234K times but unfortunately still based on Ubuntu. Meanwhile I have updated the base to Ubuntu 20.04, but I would like to move it to openSUSE instead. With ResourceSpace 9.5 coming out soon I see a possibility of introducing this switch. Enno Gotthold also did a great job of packaging ResourceSpace on OBS, so this could be used as a starting point for the container.

Updated 4 months ago. 2 hacker ♥️. 2 followers.

Uyuni/SUSE Manager containerization project

a project by moio

Deploy Uyuni as an app from the Rancher marketplace - or install via Helm on any Kubernetes cluster, on any OS, or any Public Cloud.

The dream

Updated 4 months ago. 10 hacker ♥️. 13 followers.

containerizing MicroOS Desktop components

a project by fcrozat

Project Description

Moving as much as possible of MicroOS Desktop into containers.

Updated over 1 year ago. 5 hacker ♥️. 3 followers.

Rancher & Gardener: Stronger Together

an idea by mlnoga

Project Description

Gardener is SAP's portable Kubernetes distribution and management framework, which aims to create a common base layer for current and future SAP applications and services. Rancher is the leading management framework for arbitrary Kubernetes distributions. Wouldn't it be great if Rancher and Gardener could work together, and Gardner became a first-class citizen in Rancher?

Updated over 1 year ago. 1 hackers ♥️. 1 follower. Has no hacker: grab it!

Near-zero downtime upgrades for stateful services with Rancher

an idea by mlnoga

Project Description

Containers are great for scaling stateless services and making them robust. However, stateful services like databases continue to pose challenges. In particular, upgrading a running database service to a new version with near zero downtime is not trivial. Wouldn't it be great if a helm chart or K8S operator could automatically take care of this for you? This would allow you to fire up a database in your K8S cluster and consume it as-a-service. And put us one step closer to building a private cloud that runs anywhere, powered by pure open source.

Updated over 1 year ago. 2 hacker ♥️. 1 follower. Has no hacker: grab it!

Hack current YES Certification SCK with containers and/or public cloud, seperately SLE Micro

a project by Jackman1

Project Description

Using beta SCK 8.6, attempt to look at hacking options with containers and/or public cloud using Azure or AWS. Do the same thing, completely separate, but using SLE Micro. Probably be a hodgepodge during hack week; but I'll have to get some work done during the it will be perfect for me.

Updated over 1 year ago. 1 hackers ♥️. 2 followers.

multipath-tools: improve CI

a project by mwilck

Project Description

multipath-tools is in urgent need of better CI, both unit tests and "real world" tests. We a very basic set of unit tests, but the coverage is miserable. Also, there's some minimal github workflow code, which could be improved a lot while I'm learning about github workflows.

Updated over 1 year ago. 1 hackers ♥️. 1 follower.

WASM support for cloud native buildpacks

an idea by atgracey

Project Description

The wasm ecosystem is becoming more mature and feature rich. With this, I'd like to allow developers to run their code in wasm without needing to know how to set up their tooling or build the binary. Because of this, I think it would be interesting to extend cloud native buildpacks so you can build wasm-oci images in any of the platforms that support buildpacks.

Updated 4 months ago. 2 hacker ♥️. 3 followers. Has no hacker: grab it!

Uyuni/SUSE Manager Server Helm chart on k3s

a project by moio

Combined icons of k3s and Uyuni Building on the lessons learned in the previous HackWeek, attack the Server specifically to create a set of containers deployable on k3s via Helm.

Updated 3 months ago. 4 hacker ♥️. 3 followers.

Package docker compose v2

an idea by hennevogel

Package compose and compose-switch to replace the python-docker-compose.

Updated 2 months ago. No love. 1 follower. Has no hacker: grab it!