Krustlet: Kubernetes Kubelet in Rust for running WASM

Related tags

Deployment krator
Overview

Krustlet: Kubernetes Kubelet in Rust for running WASM

🚧 🚧 This project is highly experimental. 🚧 🚧 It should not be used in production workloads.

Krustlet acts as a Kubelet by listening on the event stream for new pods that the scheduler assigns to it based on specific Kubernetes tolerations.

The default implementation of Krustlet listens for the architecture wasm32-wasi and schedules those workloads to run in a wasmtime-based runtime instead of a container runtime.

Documentation

If you're new to the project, get started with the introduction. For more in-depth information about Krustlet, plunge right into the topic guides.

Looking for the developer guide? Start here.

Community, discussion, contribution, and support

You can reach the Krustlet community and developers via the following channels:

Code of Conduct

This project has adopted the Microsoft Open Source Code of Conduct.

For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.

Comments
  • update rust version

    update rust version

    Hi! I started poking around krator and ran into a few issues with the Rust version and the UI tests. This should resolve them, and I fixed the naming of the CI steps noted here: https://github.com/krator-rs/krator/pull/51#discussion_r716937482

    • Update and pin rust to 1.60, reblessing UI tests
    • Fix step names for UI test job
    opened by spencergilbert 3
  • chore(*): Updates to latest k8s openapi and kube

    chore(*): Updates to latest k8s openapi and kube

    This partially reverts commit 357f4ad2b083dbdb3c58e42abf641744a496ad11. The k8s openapi crate reverted their change to remove Option wrapped collections and so this will be another breaking change and new version bump for krator

    opened by thomastaylor312 3
  • Review Online Programs Guidelines

    Review Online Programs Guidelines

    https://github.com/cncf/foundation/blob/master/online-programs-guidelines.md

    May not be applicable for everyone. Just ACK if you are familiar already.

    opened by kflansburg 3
  • Review Proposal Process

    Review Proposal Process

    https://github.com/cncf/toc/blob/main/process/project_proposals.adoc#introduction

    May not be applicable for everyone. Just ACK if you are familiar already.

    awaiting review 
    opened by kflansburg 3
  • Introduce Cargo Deny and Fix Errors/Warnings

    Introduce Cargo Deny and Fix Errors/Warnings

    • Add Cargo Deny to build action
    • Fix any warnings and errors from Cargo Deny
    • Tokio bumped to 1.9.0
    • Fix clippy warnings from 1.54.0

    @soenkeliebau

    Closes #46

    opened by kflansburg 2
  • Add license scan report and status

    Add license scan report and status

    Your FOSSA integration was successful! Attached in this PR is a badge and license report to track scan status in your README.

    Below are docs for integrating FOSSA license checks into your CI:

    opened by fossabot 1
  • Website

    Website

    Determine if basic project website is needed or not applicable.

    • Ensure LF footer is there and website guidelines followed
    • Analytics transferred to [email protected]
    opened by kflansburg 1
  • Create Owners File

    Create Owners File

    This is used to be able to create your maintainers mailing list.

    Envoy's Owners file, for example: https://github.com/envoyproxy/envoy/blob/main/OWNERS.md

    opened by kflansburg 1
  • Krator Does not use Notify Properly

    Krator Does not use Notify Properly

    In krator/src/runtime.rs, tokio::sync::Notify is expected to always return instantly after it has been notified, rather than its actual behavior of waiting for a new notification. This results in the task getting stuck in some cases waiting for events to happen when they already have. Change to using a RwLock<bool>, or something similar.

    bug 
    opened by kflansburg 1
  • Install stable toolchain for audit workflow

    Install stable toolchain for audit workflow

    Our audit workflow has been failing since we bumped to edition 2021 since it was running with 1.55. This PR brings it to parity with our other workflows (always install latest stable).

    chore 
    opened by kflansburg 0
  • Ignore time-related advisories

    Ignore time-related advisories

    This instructs cargo deny to ignore the two advisories related to the time crate:

    #57 #58

    See the first issue for my investigation and explanation for why I believe these do not impact Krator.

    opened by kflansburg 0
  • RUSTSEC-2021-0139: ansi_term is Unmaintained

    RUSTSEC-2021-0139: ansi_term is Unmaintained

    ansi_term is Unmaintained

    | Details | | | ------------------- | ---------------------------------------------- | | Status | unmaintained | | Package | ansi_term | | Version | 0.12.1 | | URL | https://github.com/ogham/rust-ansi-term/issues/72 | | Date | 2021-08-18 |

    The maintainer has adviced this crate is deprecated and will not receive any maintenance.

    The crate does not seem to have much dependencies and may or may not be ok to use as-is.

    Last release seems to have been three years ago.

    Possible Alternative(s)

    The below list has not been vetted in any way and may or may not contain alternatives;

    See advisory page for additional details.

    opened by github-actions[bot] 0
  • RUSTSEC-2020-0159: Potential segfault in `localtime_r` invocations

    RUSTSEC-2020-0159: Potential segfault in `localtime_r` invocations

    Potential segfault in localtime_r invocations

    | Details | | | ------------------- | ---------------------------------------------- | | Package | chrono | | Version | 0.4.19 | | URL | https://github.com/chronotope/chrono/issues/499 | | Date | 2020-11-10 |

    Impact

    Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

    Workarounds

    No workarounds are known.

    References

    See advisory page for additional details.

    opened by github-actions[bot] 0
  • RUSTSEC-2020-0071: Potential segfault in the time crate

    RUSTSEC-2020-0071: Potential segfault in the time crate

    Potential segfault in the time crate

    | Details | | | ------------------- | ---------------------------------------------- | | Package | time | | Version | 0.1.44 | | URL | https://github.com/time-rs/time/issues/293 | | Date | 2020-11-18 | | Patched versions | >=0.2.23 | | Unaffected versions | =0.2.0,=0.2.1,=0.2.2,=0.2.3,=0.2.4,=0.2.5,=0.2.6 |

    Impact

    Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

    The affected functions from time 0.2.7 through 0.2.22 are:

    • time::UtcOffset::local_offset_at
    • time::UtcOffset::try_local_offset_at
    • time::UtcOffset::current_local_offset
    • time::UtcOffset::try_current_local_offset
    • time::OffsetDateTime::now_local
    • time::OffsetDateTime::try_now_local

    The affected functions in time 0.1 (all versions) are:

    • at
    • at_utc

    Non-Unix targets (including Windows and wasm) are unaffected.

    Patches

    Pending a proper fix, the internal method that determines the local offset has been modified to always return None on the affected operating systems. This has the effect of returning an Err on the try_* methods and UTC on the non-try_* methods.

    Users and library authors with time in their dependency tree should perform cargo update, which will pull in the updated, unaffected code.

    Users of time 0.1 do not have a patch and should upgrade to an unaffected version: time 0.2.23 or greater or the 0.3. series.

    Workarounds

    No workarounds are known.

    References

    time-rs/time#293

    See advisory page for additional details.

    opened by github-actions[bot] 3
Releases(v0.6.0)

  • v0.6.0(Nov 23, 2021)

    • Fixed a race condition which caused object tasks to get stuck right after the state machine completed. For more info see #4.
    • Rust 2021 Edition
    • Increment kube to version 0.64.
    • Bump tokio to 1.14 to address RUSTSEC-2021-0124.
    Source code(tar.gz)
    Source code(zip)

  • v0.5.0(Sep 27, 2021)

    This release updates k8s-openapi to v0.13 and kube to v0.60, which reverts breaking changes introduced in the last release when updating to k8s-openapi v0.12.

    For more information on the drama, see: https://github.com/Arnavion/k8s-openapi/releases/tag/v0.13.0

    Source code(tar.gz)
    Source code(zip)

  • v0.4.0(Jul 19, 2021)

    This is a small, but breaking release of krator and krator-derive. No new features have been added, but we have bumped the k8s-openapi version to 0.12. This version of the library comes with several breaking changes – namely that collections such as Vecs are no longer wrapped in options. This lead to a change in some of the underlying logic. However, Krator can now consume the new Kubernetes 1.21 APIs

    Source code(tar.gz)
    Source code(zip)

  • v0.3.0(Jun 2, 2021)

    General

    • 🎉 We have moved to a new repository so that Krustlet and Krator can grow independently! 🎉
    • For release notes, issues, pull requests , etc. prior to this release, please see the Krustlet Repository
    • kube dependency bumped to 0.55.
    • k8s-openapi version feature moved to v1_20.

    Krator v0.3.0

    • Krator no longer enables a specific version feature for k8s-openapi. Users will be able to (must) enable the version feature for the Kubernetes version they wish to work with. For more information see k8s-openapi docs. Krator will continue to be tested with Kubernetes v1.20.
    • A bug was fixed where Krator dropped a channel prematurely. Commit, Pull Request
    • The new controller manager API was introduced, with support for multiple controllers and watching arbitrary resources. There are a few limitations at this point:
      • Admission Webhook functionality has not been implemented, so the original OperatorRuntime API should be used for now. Issue
      • There is a bug caused by subscribing to the same resource twice with different settings such that they will watch different subsets of objects. If one watcher resets, it will clear the entire cache for that resource. If the other watcher does not also reset, then the objects that it watches but the first watcher does not will disappear. Issue

    Krator Derive v0.2.0

    • A derive macro was introduced to generate the Kubernetes resources needed to use Krator's admission webhook functionality. Pull Request

    Contributors

    A big thanks to everyone who contributed to this release:

    • @thomastaylor312
    • @kesselborn
    • @soenkeliebau
    • @siegfriedweber
    • @kflansburg
    • @bacongobbler
    Source code(tar.gz)
    Source code(zip)
Owner
null
GitHub
A simple containerized application manage system like Kubernetes, but written in Rust

rMiniK8s A simple dockerized application management system like Kubernetes, written in Rust, plus a simple FaaS implementation. Course Project for SJT

markcty 15 Jul 8, 2023
Runc - CLI tool for spawning and running containers according to the OCI specification

runc Introduction runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. Releases You can find official r

Open Container Initiative 9.9k Jan 5, 2023
A wasm template for Rust to publish to gh-pages without npm-deploy

Wasm template for Rust hosting without npm-deploy on github pages using Travis script It automatically hosts you wasm projects on gh-pages using a tra

Siddharth Naithani 102 Dec 24, 2022
⚪️ `wasm-pack build` executed in remote deployment

rsw-node wasm-pack build executed in remote deployment, use with vite-plugin-rsw. Pre-installed rust nodejs wasm-pack: npm install -g wasm-pack vite-p

Len C... 10 Jul 6, 2022
Automated builded images for rust-lang with rustup, "the ultimate way to install RUST"

rustup Automated builded images on store and hub for rust-lang with musl added, using rustup "the ultimate way to install RUST". tag changed: all3 ->

刘冲 83 Nov 30, 2022
docker-rust — the official Rust Docker image

About this Repo This is the Git repo of the Docker official image for rust. See the Docker Hub page for the full readme on how to use this Docker imag

The Rust Programming Language 321 Dec 11, 2022
Docker images for compiling static Rust binaries using musl-libc and musl-gcc, with static versions of useful C libraries. Supports openssl and diesel crates.

rust-musl-builder: Docker container for easily building static Rust binaries Source on GitHub Changelog UPDATED: Major updates in this release which m

Eric Kidd 1.3k Jan 1, 2023
Very small rust docker image

mini-docker-rust Very small rust docker image. This is an example project on how to build very small docker images for a rust project. The resulting i

null 155 Jan 1, 2023
Docker images for compiling static Rust binaries using musl-cross

rust-musl-cross Docker images for compiling static Rust binaries using musl-cross-make, inspired by rust-musl-builder Prebuilt images Currently we hav

messense 365 Dec 30, 2022
App Engine Rust boilerplate

Rust App Engine This projects is a minimal boilerplate ro run Rust web application inside Google App Engine. To deploy it use Google Cloud Shell: ```s

Denis Kolodin 48 Apr 26, 2022
A buildpack for Rust applications on Heroku, with full support for Rustup, cargo and build caching.

Heroku buildpack for Rust This is a Heroku buildpack for Rust with support for cargo and rustup. Features include: Caching of builds between deploymen

Eric Kidd 502 Nov 7, 2022
A tiny minimal container runtime written in Rust.

vas-quod A tiny minimal container runtime written in Rust. The idea is to support a minimal isolated containers without using existing runtimes, vas-q

flouthoc 438 Dec 26, 2022
oci-image and oci-runtime spec in rust.

oci-lib Oci-Spec for your container runtime or container registry. Oci-lib is a rust port for original oci spec written in go. Following crate contain

flouthoc 12 Mar 10, 2022
Experimental implementation of the oci-runtime in Rust

youki Experimental implementation of the oci-runtime in Rust Overview youki is an implementation of runtime-spec in Rust, referring to runc. This proj

utam0k 12 Sep 23, 2022
youki is an implementation of the OCI runtime-spec in Rust, similar to runc.

youki is an implementation of the OCI runtime-spec in Rust, similar to runc.

Containers 4.2k Dec 29, 2022
Shallow Container is a light-weight container tool written in Rust.

Shallow Container is a light-weight container tool written in Rust. It is totally for proof-of-concept and may not suit for production environment.

Rui Li 14 Apr 8, 2022
Easy to use, extendable, OCI-compliant container runtime written in pure Rust

PURA - Lightweight & OCI-compliant container runtime Pura is an experimental Linux container runtime written in pure and dependency-minimal Rust. The

Branimir Malesevic 73 Jan 9, 2023
Container monitor in Rust

Conmon-rs A pod level OCI container runtime monitor. The goal of this project is to provide a container monitor in Rust. The scope of conmon-rs encomp

Containers 84 Dec 21, 2022
Rust client for the huggingface hub aiming for minimal subset of features over `huggingface-hub` python package

This crates aims to emulate and be compatible with the huggingface_hub python package. compatible means the Api should reuse the same files skipping d

Hugging Face 9 Jul 20, 2023