12 个仓库
Configurations and adapters that enable the use of specific container engines within a host environment.
Distinguishing note: Focuses on the integration layer between orchestrators and runtimes.
Explore 12 awesome GitHub repositories matching devops & infrastructure · Container Runtime Integrations. Refine with filters or upvote what's useful.
K3s is a lightweight Kubernetes distribution designed for resource-constrained environments, edge computing, and simplified deployment across diverse hardware architectures. It functions as a container orchestration engine that automates the deployment, scaling, and management of containerized applications. By bundling all necessary control plane components and dependencies into a single binary, it minimizes the system footprint and streamlines the installation process. The project distinguishes itself through a flexible architecture that supports both high-availability clustering and minimal
Supports integration with external container engines during installation.
Watchtower is a container-based solution designed to automate the lifecycle management of Docker applications. It functions as a background service that monitors running containers, detects when new base image versions are available in registries, and automatically redeploys the containers to ensure they remain synchronized with the latest builds. The project distinguishes itself through its ability to orchestrate complex deployment workflows and maintain service availability during updates. It interacts directly with the container runtime to manage service dependencies and restart sequences,
Provides direct control over container lifecycles by communicating with the container runtime API.
Slim is a comprehensive suite for container lifecycle management, providing tools for image inspection, optimization, security hardening, and service troubleshooting. It functions as a platform for analyzing containerized applications through both static metadata review and dynamic behavioral probing, enabling users to understand image composition and runtime dependencies. The project distinguishes itself by automating the creation of minimal, production-ready container images. It achieves this by removing unnecessary files and components, flattening image layers, and synthesizing restrictive
Connects with diverse container runtimes and orchestration platforms to extend analysis and optimization capabilities.
Containerd is a daemon-based container runtime that manages the complete lifecycle of containers on a host system. It functions as a core orchestration backend, handling image distribution, storage, and process execution while adhering to industry-standard specifications for container execution and configuration. The project is distinguished by its modular, plugin-based architecture, which allows for the extension of storage, runtime, and networking capabilities without requiring a full daemon recompile. It utilizes a shim-based execution model to delegate low-level operations, ensuring isola
Integrates external plugins to monitor container states and dynamically modify configuration settings throughout the lifecycle.
rkt is a pod-native container engine and runtime for Linux that executes containerized applications as isolated pods. It serves as an OCI container runtime and a Linux container manager, supporting the execution of images based on Open Container Initiative, appc, and Docker specifications. The project distinguishes itself by offering hardware-level container isolation, allowing pods to run within virtual machines using KVM or QEMU for a dedicated kernel. It further separates itself through secure container deployment practices, utilizing SELinux mandatory access control and TPM-backed integri
Acts as a container runtime for cluster orchestration by connecting to the node agent via a standardized API.
Kata Containers is an OCI container runtime that launches containers inside lightweight virtual machines to combine hardware-level isolation with container operational speed. It functions as a hardware-isolated container engine and lightweight VM hypervisor, providing a virtual machine monitor interface that abstracts multiple hypervisors to optimize for performance or specific hardware emulation. The project distinguishes itself through a confidential computing runtime that leverages hardware-backed trusted execution environments, such as Intel TDX and AMD SEV-SNP, to protect data in use. It
Uses a shim-based architecture to integrate with container managers while managing VM lifecycles.
Youki is a low-level container runtime written in Rust that creates and manages isolated containers according to Open Container Initiative specifications. It serves as an execution engine that can function as a rootless container manager or a pluggable Kubernetes CRI runtime to manage pods and containers within a cluster. The project distinguishes itself by providing a Wasm container runtime capable of executing WebAssembly modules as isolated workloads compatible with standard orchestration tools. It further supports a rootless execution model, allowing isolated environments to start as non-
Implements the Container Runtime Interface to allow Kubernetes to orchestrate pods and containers via the runtime.
KubeVirt is a Kubernetes virtualization platform and cloud-native hypervisor manager. It provides a runtime environment that allows virtual machines to be defined, launched, and managed as declarative resources within a Kubernetes cluster, enabling them to run alongside containers on the same nodes. The system enables the hybridization of cloud infrastructure by combining traditional virtual machines with containerized workloads on a single shared platform. It supports the live migration of running virtual machines between physical hosts to facilitate cluster maintenance and load balancing.
Spawns virtual machines as standard Kubernetes pods using the Container Runtime Interface.
k0s is a Kubernetes distribution that packages all control plane and worker components into a single binary, enabling cluster deployment with no host dependencies beyond the Linux kernel. It supports a container-native runtime where controllers and workers run inside Docker containers using a single OCI image, and offers declarative YAML configuration for defining cluster topology, host roles, and SSH connection details. The distribution provides pre-built binaries for x86-64, ARM64, ARMv7, and RISC-V architectures, and uses cryptographically signed tokens for secure node enrollment. The proj
Integrates a Container Runtime Interface plugin of choice, with containerd as the default runtime.
Integrates a standard network interface into container runtimes so orchestrators can manage connectivity in a pluggable way.
Toolbox is a development workspace orchestrator and container environment manager that bootstraps mutable toolsets and SDKs inside containers. It functions as a Linux distribution sandbox and a host-integrated container runtime, allowing users to run native package managers and software without modifying the host operating system. The project differentiates itself by bridging isolated containers with the host system through the mapping of user identities, network sockets, and home directories. It utilizes a daemonless engine to provide these environments while ensuring that system configurati
Implements a daemonless runtime that maps user identities and network sockets to integrate containers with the host system.
该项目是一个 OCI 兼容的容器运行时,在轻量级虚拟机内执行工作负载。通过利用基于硬件的虚拟化,它在容器化进程与宿主操作系统之间提供了强大的安全隔离,作为传统容器执行环境的直接替代品。 该运行时通过抽象底层虚拟化操作的与 Hypervisor 无关的架构脱颖而出,允许跨不同后端进行一致的容器生命周期管理。它直接与标准容器编排系统集成,将主机级管理命令映射到虚拟化客户机需求,以确保兼容性。 该系统包含用于管理容器沙箱的能力,包括直接块设备映射以优化存储吞吐量,以及用于输入和输出流的主机端代理多路复用。它还提供用于验证主机硬件兼容性和管理进程信号以确保可靠执行的实用程序。配置通过集中式管理文件处理,允许环境特定的覆盖和首选虚拟化后端的选择。
Provides adapters that enable the use of virtualized isolation layers within standard container management systems.