Add PIDs cgroup support to runC and Dockeran invention by cyphar Currently, dealing with forkbombs and similar issues with Docker and runC is not very nice (you have to set a global limit for all Docker processes or you have to limit kernel memory which isn't very practical). I'm going to work on getting some [patches][2] merged into runC and Docker to enable PIDs support for Docker. |
Rootless Containersan invention by cyphar In many cases, people want to start containers on a system where the administrator is not happy about granting privileges to users or installing any new software. For example, when I was a researcher and wanted to run Python 3 on a computing cluster it was not possible to get the administrator to install Docker or Python 3. In recent Linux kernels, it has been possible to create containers without any privileges. All that's missing is a container runtime that allows you to do this. LXC is close but falls short (it requires certain privileged processes and PAM modules for everything to work). |
SLES/openSUSE integration for Claira project by tboerger Clair is a static vulnerability analyzer for containers. Currently it supports containers based on Debian, Ubuntu and RedHat. I already started this project on the CSM workshop, now I want to finish the integration for openSUSE and SLES based container images. You can track the changes at https://github.com/coreos/clair/pull/199. |
OCI Image Distribution with RPMsa project by cyphar Currently the Open Container Initiative doesn't specify a distribution protocol or system, and the current "standard" format is the Docker registry protocol. Aside from technical reservations with Docker registry, it is also not an OCI-compliant system and will require a lot of work to integrate it into all of the openSUSE/SUSE tooling.
So, a very insane idea I came up with is to convert OCI images to RPMs and then distribute them as simple RPMs. The idea would be to use capabilities ( |
Kubic Desktop - aka Sgt Peppers Read Only Hearts Club Banda project by RBrownSUSE The Kubic Project currently produces a "CaaSP-like" Tumbleweed OS, focused on Kubernetes clusters However many of the attributes of Kubic (read-only filesystem, transactional updates, containerised services) could be an interesting platform for another use A Chromebook-like Linux Desktop |
Learn more about container from SUSE CaaS Platforma project by xguo How to deploy container - Docker based on SUSE CaaS Platform. |
Kernel Boot/Testing Framework with LinuxKita project by vrothberg Problem statementOnce a kernel is built, a developer/janitor may want to boot the kernel for various reasons, such as performing simple boot test or running tests and workloads from user space or simply playing around in a shell. However, an easy to use and a descriptive tool to perform those tasks doesn't exist to our knowledge. |
move concourse instance from bare-metal to caasp production instancea project by m_meister Right now our concourse instance http://salzbreze.suse.de:8080 runs containerized (via docker-compose) on bare metal We already have a production caasp instance, so we can already move it there |
kubeojo: Health metrics for products and testsuitesa project by dmaiocchi Updated about 2 years ago. 2 hacker ♥️. 1 follower. |
OpenShift Origin on Kubica project by RBrownSUSE The incredible Neal Gompa has packaged Open Shift Origin (RH's core Docker + Kubernetes stack) for openSUSE Links: |
Architecting a Machine Learning project with SUSE CaaSPan invention by jordimassaguerpla The goal of this project is to get an overview of the state-of-the-art technology on training and deploying machine learning projects with kubernetes and apply that to a SUSE CaaSP cluster. With that in mind, we will train and deploy a model for summarizing github issues: |
Hammer an Envoy service mesh onto a SAP S4/HANA landscape and watch everything explode.a project by STorresi Although CNCF projects are almost exclusively related to Linux containers, some ideas, like wrapping all the services into network proxies to create a distributed data-plane and enable true observability, could perhaps be explored for some kind of backport in complex legacy distributed systems, like... say... S4/HANA?! I don't even know if this is feasible, but trying won't hurt... just stand at a safe distance from the cluster! |
Modernize Mash deploymenta project by seanmarlow Mash is a Python based CI/CD pipeline for automated testing and publishing of public cloud images. Currently the production and development deployment for the package is inconsistent, slow and manual. This is a barrier to rapid development, deployment and testing. It also means the development workflow is different than production. This can lead to production issues which were not seen during development. In order to modernize the Mash workflow I plan to spend the week digging into a plethora of tools to first learn then build out a new workflow. The goal is to simplify deployment by choosing tools that provide consistency, modularity and repeatability. By leveraging the best tools available we can harden the code and accelerate the release cycle. |
Run VMs in CaaSP 4 cluster with SUSE-powered kubevirta project by jfehlig This project aims to run VMs in a CaaSP 4 cluster using kubevirt and a libvirt+qemu container (aka compute container) based on SLES15 SP1/2. Compute containers based on openSUSE Leap15.1 and SLES15 SP1 already available in registry.opensuse.org and registry.suse.com respectively. VMs can be deployed to the cluster but there are several functional problems that need investigating, e.g. accessing the VM's serial and VNC consoles, proper network access, etc. |
Packaging libnvidia-containers and nvidia-container-runtime-hookan invention by jordimassaguerpla This is a follow up to https://hackweek.suse.com/projects/architecting-a-machine-learning-project-with-suse-caasp. In the last hackweek I learned that in order to run machine learning workflows on top of SUSE CaaSP, the missing piece is to have libnvidia-containers and nvidia-containers-runtime-hook packaged. |
Migrate suntorytimed/resourcespace container to an openSUSE basea project by suntorytimed Project DescriptionFor quite some time I am providing a ResourceSpace container on Docker Hub. It is meanwhile pulled about 234K times but unfortunately still based on Ubuntu. Meanwhile I have updated the base to Ubuntu 20.04, but I would like to move it to openSUSE instead. With ResourceSpace 9.5 coming out soon I see a possibility of introducing this switch. Enno Gotthold also did a great job of packaging ResourceSpace on OBS, so this could be used as a starting point for the container. |
Uyuni/SUSE Manager containerization projecta project by moio Deploy Uyuni as an app from the Rancher marketplace - or install via Helm on any Kubernetes cluster, on any OS, or any Public Cloud. The dream |
containerizing MicroOS Desktop componentsa project by fcrozat Project DescriptionMoving as much as possible of MicroOS Desktop into containers. |
Rancher & Gardener: Stronger Togetheran idea by mlnoga Project DescriptionGardener is SAP's portable Kubernetes distribution and management framework, which aims to create a common base layer for current and future SAP applications and services. Rancher is the leading management framework for arbitrary Kubernetes distributions. Wouldn't it be great if Rancher and Gardener could work together, and Gardner became a first-class citizen in Rancher? |
Near-zero downtime upgrades for stateful services with Rancheran idea by mlnoga Project DescriptionContainers are great for scaling stateless services and making them robust. However, stateful services like databases continue to pose challenges. In particular, upgrading a running database service to a new version with near zero downtime is not trivial. Wouldn't it be great if a helm chart or K8S operator could automatically take care of this for you? This would allow you to fire up a database in your K8S cluster and consume it as-a-service. And put us one step closer to building a private cloud that runs anywhere, powered by pure open source. |
Hack current YES Certification SCK with containers and/or public cloud, seperately SLE Microa project by Jackman1 Project DescriptionUsing beta SCK 8.6, attempt to look at hacking options with containers and/or public cloud using Azure or AWS. Do the same thing, completely separate, but using SLE Micro. Probably be a hodgepodge during hack week; but I'll have to get some work done during the week...so it will be perfect for me. |
multipath-tools: improve CIa project by mwilck Project Descriptionmultipath-tools is in urgent need of better CI, both unit tests and "real world" tests. We a very basic set of unit tests, but the coverage is miserable. Also, there's some minimal github workflow code, which could be improved a lot while I'm learning about github workflows. |
WASM support for cloud native buildpacksan idea by atgracey Project DescriptionThe wasm ecosystem is becoming more mature and feature rich. With this, I'd like to allow developers to run their code in wasm without needing to know how to set up their tooling or build the binary. Because of this, I think it would be interesting to extend cloud native buildpacks so you can build wasm-oci images in any of the platforms that support buildpacks. |
Uyuni/SUSE Manager Server Helm chart on k3sa project by moio Building on the lessons learned in the previous HackWeek, attack the Server specifically to create a set of containers deployable on k3s via Helm. |
Package docker compose v2a record by hennevogel Package compose and compose-switch to replace the python-docker-compose. |
Containerized home mirrora project by lkocman I'm running a simple home mirror, but I managed to get into a situation where I have to use a bunch of custom excludes. I think we should be able to offer what people want nowadays.\ |
containerizing MicroOS Desktop components (reloaded)an invention by fcrozat Project DescriptionThis is a continuation of last year project: |
Family with MicroOSa project by xguo Project DescriptionTry to family with MicroOS for ALP Virtualization |
ignite.opensuse.orga project by lkocman Let's do what we can to get https://github.com/openSUSE/fuel-ignition running as ignite.opensuse.org respectively ignite-stage.opensuse.org Project Description |
Improve SLE Release Management Containera project by suntorytimed Project DescriptionIn this project I would like to extend the capabilities of the SLE Release Management Container. This container is used by some colleagues in the SLE Release Management team to have access to osc and other Release Management critical commands inside a container environment. This includes the beta-emails project to send our beta announcements. |
Humidity sensors with dashboarda project by joachimwerner Build a network of ("edge") humidity sensors using Raspberry Pis with SenseHats and additional cheaper sensorsFor our house, I want to make sure I can track the effectiveness of regularly ventilating the rooms by adding humidity sensors and tracking the measurements over time. |
Image generation AI in container using Radeon GPUan invention by tjyrinki_suse Project DescriptionI have casually investigated that recent open source image generation AI systems are relatively invasive of the host system if one starts to install them that way. Usually container is better but needs special configuration to access the needed hardware. I'd like to run something in a container utilizing the RDNA2 Radeon gfx card I have on my desktop computer. |
Containerfile / Dockerfile generator libraryan invention by amanzini Project DescriptionWriting container definition files is boring and error-prone: let's use power of a programming language to generate containers! |
Make iguana-workflow to support multiple container frontendsa project by oholecek Project DescriptionIguana is an attempt to have 100% stable initramfs which functionality is enhanced by containers. |
Run sandboxed Firefox with image and sound inside a containeran invention by nguyens Project DescriptionRunning a web browser from your PC can cause all sorts of security or anonymity issues; e-g: content downloaded could be run automatically from your PC, resulting in disk encryption or other unpleasant events. It would be great if we could run most of this in a container so that we have as much of the web browser sandboxed, and limit the PC's exposure to security events. |
Improve Docker registry listing toola project by rbranco Project Descriptionregview is a heavily modified fork of the (no longer maintained) reg tool by Jess Frazelle for listing images in a Docker registry. Some features of reg were removed (like the webserver, to make it only cli) and others added. Some bugs were fixed (and PR's submitted) and others added as well. |
Building a CNF solution for Edge environmenta project by lizhang Project DescriptionNetwork management is very important for cloud and Edge. CNF(cloud-native network function) is next-generation VNF. |
Container images for building the Uyuni docsan invention by juliogonzalezgil Project DescriptionThe Uyuni doc requires a lot of dependencies installed to be built. Keeping your system on the right versions or reinstalling can be a challenge. |
Man pages in a containeran idea by doreilly Project DescriptionMicroOS and Jeos images don't have their man pages installed to save space. This means having to switch to a browser or a full system just to look things up. |
image-tools: simple tool for mirror/save/load container images & KDM and chart image list generator.an invention by StarryWang Project DescriptionCurrently, the way to install Rancher in Air-Gap mode (with personal registry server) is using the |
K3S Control Planes as a servicea project by ademicev0 Project DescriptionWe know that Kubernetes clusters need control planes but running them in dedicated VMs might not be always efficient, instead, we can run them as pods within the management cluster. |
openSUSE MicroOS based NASa project by dmach Project DescriptionTry running openSUSE MicroOS on a home NAS. |
Samba in Kubernetes (for openSUSE)a project by dmulder Project DescriptionThe SINK project is a set of containers and tools for Samba in Kubernetes. The images and tooling for the project are designed for Fedora and RH systems. The ultimate goal of this project is to tweak the tooling for use with our build service, etc. |
Real-time container runtime supportan invention by a_faerber Project DescriptionAs per discussions in the SOAFEE SIG that SUSE is a founding member of, container users will be in need of running workloads with mixed criticality. |
Containerized git server/client for playground and tutorialsa project by mberti Project DescriptionCreate a set of container images for serving a mock git server and mock git clients in a Kubernetes cluster that can be used as building blocks for an interactive git playground. |
Hack on project MONAI (Medical Open Network for Artificial Intelligence)an invention by jordimassaguerpla Project DescriptionMONAI is a set of open-source, freely available collaborative frameworks built for accelerating research and clinical collaboration in Medical Imaging. The goal is to accelerate the pace of innovation and clinical translation by building a robust software framework that benefits nearly every level of medical imaging, deep learning research, and deployment. |
Generic Wrangler Controllersan invention by kjoiner Project DescriptionThe rancher/rancher project uses generated wrangler controllers to manage Kubernetes objects. |
A set of utilities to produce a "from scratch" OCI/Docker container using Opensuse/SLE rpmsa project by ldragon Project DescriptionI recently used melange and apko to build a from scratch image. The result was a set of auditable and easy to use container and apk repository. The toolkit reduces the work need to make from scratch images with minimal work on the actual docker container(which can be quite painful if you've tried making a from scratch image on your own). |
Package MONAI Machine Learning Models for Medical Applicationsan invention by jordimassaguerpla Project DescriptionMONAI Deploy aims to become the de-facto standard for developing packaging, testing, deploying, and running medical AI applications in clinical production. MONAI Deploy creates a set of intermediate steps where researchers and physicians can build confidence in the techniques and approaches used with AI — allowing for an iterative workflow. |
Exploring DPDK within containersa project by paolodepa Project DescriptionContainerization is here to stay and seems to be the next big thing also in the upcoming OSes releases. |