
|
updating rpms in docker containersa project by jordimassaguerpla The docker way of updating containers is to build a new image with the updated binaries and files, which creates a security concern. The docker way is not anymore running "zypper update" in the containment but to update the whole image in the image registry (hub docker if we are talking about public registry) and then pull the image update from there, stop the outdated containments and replace them by starting new containments based on the new image. |
Discourse forum instance for internal usea project by kpimenov Discourse is a really great opensource forum, written in Ruby on Rails and Ember.js. We should try to use it to complement mailing lists and IRC in internal communication, when we need persistent, searchable discussions (with helpful links to the outside world) for a broad and offtopicky subjects. |
Work reports 2.0a project by kalabiyau Micro-service for - making a report |
Portus: build Docker images from Dockerfilea project by flavio_castelli Minimal objectiveThis is what we consider is the minimum result we can achieve at the end of the hackweek. |
Docker: Image Rebasingan invention by cyphar
|
Golang: Hack on DroneCIan idea by tboerger I want to spend some time on hacking missing features of the awesome CI tool Drone. It's written in Golang and is built around docker. |
Add PIDs cgroup support to runC and Dockeran invention by cyphar Currently, dealing with forkbombs and similar issues with Docker and runC is not very nice (you have to set a global limit for all Docker processes or you have to limit kernel memory which isn't very practical). I'm going to work on getting some [patches][2] merged into runC and Docker to enable PIDs support for Docker. |
zypper-docker with multiple backends and an APIa project by mssola During the last CSM workshop I started to refactor zypper-docker in a way that: - The CLI code and the "library" part got split. |
Rootless Containersan invention by cyphar In many cases, people want to start containers on a system where the administrator is not happy about granting privileges to users or installing any new software. For example, when I was a researcher and wanted to run Python 3 on a computing cluster it was not possible to get the administrator to install Docker or Python 3. In recent Linux kernels, it has been possible to create containers without any privileges. All that's missing is a container runtime that allows you to do this. LXC is close but falls short (it requires certain privileged processes and PAM modules for everything to work). |
Migrate drone plugins to new versiona project by tboerger As I'm already a maintainer of the plugins for Drone CI and we are nearby of a new releases which totally changed the structure of the plugins I would like to start migrating the existing plugins to the new structure. A list of pending plugins can be found here. For communication it makes sense to join the Gitter chat. |
Docker registry UI in Go and ReactJSa project by tboerger I would like to continue to work on a web UI for the Docker registry. I know we already got Portus which is based on Ruby on Rails, but I would prefer a project based on Golang with a singlepage application for the frontend based on RactJS. So because of the singlepage application we are forced to write proper APIs that gets consumed by the javascript application, beside that I also want to add a CLI client for managing the system. You can find the project at https://github.com/harborapp. |
SLES/openSUSE integration for Claira project by tboerger Clair is a static vulnerability analyzer for containers. Currently it supports containers based on Debian, Ubuntu and RedHat. I already started this project on the CSM workshop, now I want to finish the integration for openSUSE and SLES based container images. You can track the changes at https://github.com/coreos/clair/pull/199. |
|
zypper-docker reloadeda project by mssola The aim of this project is to finish up the work already done in previous editions of Hackweek in regards to zypper-docker. That being: - Separation of the CLI part and the library. |
|
|
|
|
|
monitor kubernetes and docker with prometheusan invention by dmaiocchi Starting from prometheus ( and grafana if needed), learn how to monitor kubernetes and docker and do some valid alert/graph etc. https://docs.docker.com/config/thirdparty/prometheus/ |
[unassigned] linter for containers, images, appliancesan idea by lnussel [kiwi generated] appliances, containers or any kind of image suffer from reoccuring problems like left over log files or UUIDs, e.g. /etc/machine-id |
SUSE Manager containerizationa project by mbologna Let's containerize SUSE Manager! This will open up different (and interesting) scenarios: - From a development perspective: learn about all the components that constitute SUSE Manager |
|
|