7 repositorios
Libraries and tools for communicating with container daemons via Unix domain sockets.
Distinguishing note: Focuses on low-level socket communication with container runtimes.
Explore 7 awesome GitHub repositories matching devops & infrastructure · Container Runtime Interfaces. Refine with filters or upvote what's useful.
Lazydocker is a terminal-based command-line utility that provides an interactive dashboard for monitoring and controlling containerized environments. It functions as a text-based user interface, allowing users to manage containers, images, and volumes directly within a terminal emulator through keyboard-driven navigation. The tool distinguishes itself by replacing manual command-line sequences with a unified workspace that communicates directly with the Docker daemon via the local Unix domain socket. It maintains state synchronization by listening to real-time container events and utilizes co
Interacts with the container runtime by sending and receiving structured data over the local Unix domain socket.
Awesome Compose is a collection of resources designed to demonstrate the orchestration of multi-container applications. It serves as a practical reference for using declarative configuration files to define, manage, and deploy complex software stacks, ensuring that services run consistently across development, testing, and production environments. The project highlights the capabilities of container lifecycle management by providing examples of how to bundle software with its dependencies into isolated, portable units. It emphasizes the use of multi-stage build pipelines to optimize image siz
Register additional execution environments to support specialized container formats or hardware requirements beyond the standard default runtime provided by the host system.
Docker Compose is a tool for defining and running multi-container applications through declarative configuration files. It functions as an application lifecycle manager, coordinating the startup, shutdown, and scaling of interconnected services within isolated environments. By using a standardized configuration format, it enables infrastructure as code, allowing developers to manage complex application stacks and their dependencies in a single, repeatable file. The project distinguishes itself by integrating directly with the broader Docker platform, leveraging a client-server architecture wh
Delegates low-level container execution to OCI-compliant runtimes for standardized process management.
Minikube is a command-line tool designed for local Kubernetes development, enabling users to provision and manage full-featured container clusters directly on a workstation. It serves as a local orchestrator that automates the lifecycle of isolated environments, allowing developers to start, stop, pause, and delete clusters to support testing and integration workflows. The project distinguishes itself through its flexible architecture, which supports multiple virtualization drivers and container runtimes to accommodate diverse host environments. It provides deep integration between the host a
Connects local development tools and container engines to the internal cluster environment for image building.
Tetragon es un conjunto de herramientas de observabilidad y seguridad en tiempo de ejecución basado en eBPF, diseñado para entornos Linux y Kubernetes. Funciona como un gestor de políticas de seguridad, agente de observabilidad y motor de cumplimiento que se conecta a funciones del kernel y tracepoints para detectar escalada de privilegios, escapes de contenedores y actividad no autorizada en el sistema. El proyecto se distingue por su capacidad de realizar cumplimiento en tiempo de ejecución dentro del kernel, lo que le permite terminar procesos maliciosos de forma síncrona o modificar los valores de retorno de funciones antes de que se complete una llamada al sistema. Ofrece una integración profunda con Kubernetes al sincronizar las identidades de los contenedores y mapear eventos de bajo nivel del kernel directamente a pods y namespaces. Sus capacidades más amplias cubren la auditoría integral de llamadas al sistema, el seguimiento de conexiones de red y el monitoreo de la integridad de archivos. El sistema admite la gestión dinámica de políticas y proporciona herramientas de diagnóstico para monitorear el rendimiento y la utilización de recursos de BPF. El despliegue es compatible con clústeres de Kubernetes mediante Helm charts, así como a través de contenedores independientes y paquetes nativos del sistema operativo.
Offers a programmatic interface to interrogate and update the internal runtime state of security agents.
Inspektor Gadget is an eBPF observability toolset and program framework designed for tracing Linux systems and debugging Kubernetes nodes. It provides a suite of tools to collect kernel-level telemetry and export system metrics via the OpenTelemetry standard. The project distinguishes itself by packaging inspection tools as OCI-compliant container images, allowing for standardized distribution and deployment across clusters and hosts. It employs a modular data processing pipeline that utilizes WebAssembly modules to transform and filter telemetry, and leverages Compile Once Run Everywhere for
Inspects containers by communicating with runtime APIs and sockets across various container platforms.
El AWS Lambda Runtime Interface Emulator es un servidor proxy diseñado para replicar el entorno de ejecución serverless basado en la nube dentro de un contenedor local. Funciona como una interfaz ligera que permite a los desarrolladores verificar la lógica de la función, el rendimiento y la integración de API simulando el plano de control remoto y el modelo de invocación de eventos en una máquina local. La herramienta opera interceptando solicitudes HTTP y traduciéndolas en los payloads de eventos JSON estructurados que esperan los manejadores de funciones serverless. Gestiona el ciclo de vida de la función a través de un bucle de eventos síncrono y mapea las configuraciones locales, incluyendo credenciales de seguridad y metadatos, directamente en el espacio de proceso del contenedor para asegurar la paridad con los entornos de producción. Más allá de las pruebas de funciones estándar, el emulador admite la validación de extensiones y agentes personalizados al proporcionar una implementación funcional de la interfaz de runtime. Esto permite probar aplicaciones serverless contenerizadas y sus componentes asociados antes de que sean desplegados en la nube.
Acts as a lightweight web server that converts HTTP requests into JSON events to simulate cloud function execution.