www.fgks.org   »   [go: up one dir, main page]
Skip to content
/ osxiec Public

Native Docker-like solution for macOS developed by Okerew. It leverages native macOS features to provide containerization capabilities, albeit with some limitations compared to Docker.

okral.glitch.me

License

MIT license
4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Okerew/osxiec

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
example
example
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
osxiec.c
osxiec.c
 
 

Repository files navigation

OSXIEC: A Native Docker-like Solution for macOS by Okerew

osxiec_icon

Introduction

OSXIEC is a native Docker-like solution for macOS developed by Okerew. It leverages native macOS features to provide containerization capabilities, albeit with some limitations compared to Docker.

Installation

  1. Download the Release: Download the osxiec.tar.gz file from the releases section.

  2. Extract the Archive:

    tar -xvzf osxiec.tar.gz

  3. Copy the Executable to PATH:

    sudo cp osxiec /usr/local/bin/

To update to a new release, remove the old executable and follow the installation steps again:

sudo rm /usr/local/bin/osxiec

Then repeat steps 1, 2, and 3.

Usage

Containerize a Directory:

sudo osxiec -contain {directory_path} {some_name}.bin {path_to_config_file_in_directory_path}

Execute a Container:

sudo osxiec -execute {some_name}.bin

Execute with Port Argument:

sudo osxiec -execute {some_name} -port {PORT_NUMBER}

Create a cluster ( virtualized network )

sudo osxiec -network create {network_name} {vlan_id}

Run with vlan config

sudo osxiec -run {some_name} {network_name} -port {PORT_NUMBER}

Version

osxiec --version

Building

Git clone the repository

git clone https://github.com/Okerew/osxiec

Build the executable

gcc -o osxiec osxiec.c -lsandbox

Notes

  • Not a Docker Replacement: While OSXIEC offers similar functionality to Docker, it lacks some advanced features of Docker.

  • macOS Only: OSXIEC uses native macOS features and is not compatible with other operating systems.

  • Isolation Limitations: Due to macOS limitations, complete isolation like in Linux is not possible. The contained directory will have some access to the outside environment, hence no config file is needed.

  • Supported Features: Despite its limitations, OSXIEC provides isolation using namespaces, setuid, image layers, basic user process control, memory and CPU control, and special permissions using user IDs and group IDs, unpacking the image into a disk image(APFS), vlans.

  • Layer Configuration: Ensure a layers folder exists with specified layers as shown in the example folder.

  • Support: Remember that not everything will work for example node won't work because it is making sys calls which spawn things outside the container.

  • Temps: If you need a lot of storage for the moment, and you used a container, delete the dmg in /tmp folder, note these images are also deleted each time the system restarts.

  • Why is chroot not used? Chroot requires for SIP to be disabled, which causes many security risks, chroot can be easily exited by any process, using the normal macOS restrictions is way more secure, and reliable it causes many permission issues, apple does not really like it and will probably make it harder to use it later on in the future.

About

Native Docker-like solution for macOS developed by Okerew. It leverages native macOS features to provide containerization capabilities, albeit with some limitations compared to Docker.

okral.glitch.me

Topics

c macos docker kubernetes alternative apple osx native solution containers isolated image-container isolated-environments isolated-worker

Resources

Readme

License

MIT license
Activity

Stars

4 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases 3

v0.21 Latest
Jul 15, 2024
+ 2 releases

Packages

 
 
 

Languages