Clair is a static vulnerability analyzer for containers. Currently it supports containers based on Debian, Ubuntu and RedHat. I already started this project on the CSM workshop, now I want to finish the integration for openSUSE and SLES based container images. You can track the changes at https://github.com/coreos/clair/pull/199.

Currently the Open Container Initiative doesn't specify a distribution protocol or system, and the current "standard" format is the Docker registry protocol. Aside from technical reservations with Docker registry, it is also not an OCI-compliant system and will require a lot of work to integrate it into all of the openSUSE/SUSE tooling. So, a very insane idea I came up with is to convert OCI images to RPMs and then distribute them as simple RPMs. The idea would be to use capabilities (Provides: oci(...)) to implement the different names of images and then also the dependency graph of blobs (which would naturally be de-duplicated).

The Kubic Project currently produces a "CaaSP-like" Tumbleweed OS, focused on Kubernetes clusters However many of the attributes of Kubic (read-only filesystem, transactional updates, containerised services) could be an interesting platform for another use A Chromebook-like Linux Desktop

How to deploy container - Docker based on SUSE CaaS Platform.

Problem statement

Once a kernel is built, a developer/janitor may want to boot the kernel for various reasons, such as performing simple boot test or running tests and workloads from user space or simply playing around in a shell. However, an easy to use and a descriptive tool to perform those tasks doesn't exist to our knowledge.

Right now our concourse instance http://salzbreze.suse.de:8080 runs containerized (via docker-compose) on bare metal We already have a production caasp instance, so we can already move it there

kubeojo in 10 seconds-click-me to visualize-demo-link

code:

The incredible Neal Gompa has packaged Open Shift Origin (RH's core Docker + Kubernetes stack) for openSUSE Links:

Although CNCF projects are almost exclusively related to Linux containers, some ideas, like wrapping all the services into network proxies to create a distributed data-plane and enable true observability, could perhaps be explored for some kind of backport in complex legacy distributed systems, like... say... S4/HANA?! I don't even know if this is feasible, but trying won't hurt... just stand at a safe distance from the cluster!

Mash is a Python based CI/CD pipeline for automated testing and publishing of public cloud images. Currently the production and development deployment for the package is inconsistent, slow and manual. This is a barrier to rapid development, deployment and testing. It also means the development workflow is different than production. This can lead to production issues which were not seen during development. In order to modernize the Mash workflow I plan to spend the week digging into a plethora of tools to first learn then build out a new workflow. The goal is to simplify deployment by choosing tools that provide consistency, modularity and repeatability. By leveraging the best tools available we can harden the code and accelerate the release cycle.

This project aims to run VMs in a CaaSP 4 cluster using kubevirt and a libvirt+qemu container (aka compute container) based on SLES15 SP1/2. Compute containers based on openSUSE Leap15.1 and SLES15 SP1 already available in registry.opensuse.org and registry.suse.com respectively. VMs can be deployed to the cluster but there are several functional problems that need investigating, e.g. accessing the VM's serial and VNC consoles, proper network access, etc.

Project Description

For quite some time I am providing a ResourceSpace container on Docker Hub. It is meanwhile pulled about 234K times but unfortunately still based on Ubuntu. Meanwhile I have updated the base to Ubuntu 20.04, but I would like to move it to openSUSE instead. With ResourceSpace 9.5 coming out soon I see a possibility of introducing this switch. Enno Gotthold also did a great job of packaging ResourceSpace on OBS, so this could be used as a starting point for the container.

Deploy Uyuni as an app from the Rancher marketplace - or install via Helm on any Kubernetes cluster, on any OS, or any Public Cloud.

The dream

Project Description

Moving as much as possible of MicroOS Desktop into containers.

Project Description

Using beta SCK 8.6, attempt to look at hacking options with containers and/or public cloud using Azure or AWS. Do the same thing, completely separate, but using SLE Micro. Probably be a hodgepodge during hack week; but I'll have to get some work done during the week...so it will be perfect for me.

Project Description

multipath-tools is in urgent need of better CI, both unit tests and "real world" tests. We a very basic set of unit tests, but the coverage is miserable. Also, there's some minimal github workflow code, which could be improved a lot while I'm learning about github workflows.

Building on the lessons learned in the previous HackWeek, attack the Server specifically to create a set of containers deployable on k3s via Helm.

I'm running a simple home mirror, but I managed to get into a situation where I have to use a bunch of custom excludes. I think we should be able to offer what people want nowadays.\

Project Description

Try to family with MicroOS for ALP Virtualization

Let's do what we can to get https://github.com/openSUSE/fuel-ignition running as ignite.opensuse.org respectively ignite-stage.opensuse.org

Project Description

Project Description

In this project I would like to extend the capabilities of the SLE Release Management Container. This container is used by some colleagues in the SLE Release Management team to have access to osc and other Release Management critical commands inside a container environment. This includes the beta-emails project to send our beta announcements.

Build a network of ("edge") humidity sensors using Raspberry Pis with SenseHats and additional cheaper sensors

For our house, I want to make sure I can track the effectiveness of regularly ventilating the rooms by adding humidity sensors and tracking the measurements over time.

Project Description

Iguana is an attempt to have 100% stable initramfs which functionality is enhanced by containers.

Project Description

regview is a heavily modified fork of the (no longer maintained) reg tool by Jess Frazelle for listing images in a Docker registry. Some features of reg were removed (like the webserver, to make it only cli) and others added. Some bugs were fixed (and PR's submitted) and others added as well.

Project Description

Network management is very important for cloud and Edge. CNF(cloud-native network function) is next-generation VNF.

Project Description

We know that Kubernetes clusters need control planes but running them in dedicated VMs might not be always efficient, instead, we can run them as pods within the management cluster.

Project Description

Try running openSUSE MicroOS on a home NAS.

Project Description

The SINK project is a set of containers and tools for Samba in Kubernetes. The images and tooling for the project are designed for Fedora and RH systems. The ultimate goal of this project is to tweak the tooling for use with our build service, etc.

Project Description

Create a set of container images for serving a mock git server and mock git clients in a Kubernetes cluster that can be used as building blocks for an interactive git playground.

Project Description

I recently used melange and apko to build a from scratch image. The result was a set of auditable and easy to use container and apk repository. The toolkit reduces the work need to make from scratch images with minimal work on the actual docker container(which can be quite painful if you've tried making a from scratch image on your own).

Project Description

Containerization is here to stay and seems to be the next big thing also in the upcoming OSes releases.