{"id":15282532,"url":"https://github.com/fuweid/embedshim","last_synced_at":"2025-04-06T03:08:41.202Z","repository":{"id":40564148,"uuid":"461448673","full_name":"fuweid/embedshim","owner":"fuweid","description":"Provide task runtime implementation with pidfd and eBPF sched_process_exit tracepoint to manage deamonless container with low overhead.","archived":false,"fork":false,"pushed_at":"2025-03-22T13:59:25.000Z","size":902,"stargazers_count":118,"open_issues_count":9,"forks_count":11,"subscribers_count":5,"default_branch":"unstable","last_synced_at":"2025-03-29T19:34:44.278Z","etag":null,"topics":["containerd","ebpf","pidfd","shim"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fuweid.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-02-20T10:09:03.000Z","updated_at":"2025-03-22T13:59:29.000Z","dependencies_parsed_at":"2024-06-18T22:50:05.424Z","dependency_job_id":"39c30941-0d6f-4ca5-8537-95318cc51df6","html_url":"https://github.com/fuweid/embedshim","commit_stats":{"total_commits":49,"total_committers":1,"mean_commits":49.0,"dds":0.0,"last_synced_commit":"07b82202fce5105cde00e5b767ddc03bd887fa0d"},"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fuweid%2Fembedshim","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fuweid%2Fembedshim/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fuweid%2Fembedshim/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fuweid%2Fembedshim/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fuweid","download_url":"https://codeload.github.com/fuweid/embedshim/tar.gz/refs/heads/unstable","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247427006,"owners_count":20937201,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["containerd","ebpf","pidfd","shim"],"created_at":"2024-09-30T14:26:43.767Z","updated_at":"2025-04-06T03:08:41.180Z","avatar_url":"https://github.com/fuweid.png","language":"Go","funding_links":[],"categories":["Go"],"sub_categories":[],"readme":"# embedshim\n\n\u003e Update: containerd\n\u003e [removes shim.v1 interface](https://github.com/containerd/containerd/pull/8262)\n\u003e and introduces\n\u003e [sandbox API](https://github.com/containerd/containerd/issues/9431). This\n\u003e project will be migrated into standalone sandbox API after containerd 2.0\n\u003e releases.\n\nThe embedshim is the kind of task runtime implementation, which can be used as\nplugin in containerd.\n\nWith current shim design, it is used to manage the lifecycle of container\nprocess and allow to be reconnected after containerd restart. The one of the key\ndesign elements of a small shim is to be a container process monitoring, at\nleast it is important to containerd created by runC-like runtime.\n\nWithout pidfd and ebpf trace point feature, it is unlikely to receive exit\nnotification in time and receive exit code correctly as non-parents after shim\ndies. And in kubernetes infra, even if the containers in pod can share one shim,\nthe VmRSS of shim(Go Runtime) is still about 8MB.\n\nSo, this plugin aims to provide task runtime implementation with pidfd and eBPF\nsched_process_exit tracepoint to manage deamonless container with low overhead.\n\n![embedshim-overview](docs/images/embedshim-overview.svg)\n\n[![asciicast](https://asciinema.org/a/480970.svg)](https://asciinema.org/a/480970)\n\n## Build/Install\n\nThe embedshim needs to compile bpf with clang/llvm. So install clang/llvm as\nfirst.\n\n```bash\n$ echo \"deb http://apt.llvm.org/focal/ llvm-toolchain-focal main\" | sudo tee -a /etc/apt/sources.lis\n$ wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add -\n$ sudo apt-get update -y\n$ sudo apt-get install -y g++ libelf-dev clang lld llvm\n```\n\nAnd then pull the repo and build it.\n\n```bash\n$ git clone https://github.com/fuweid/embedshim.git\n$ cd embedshim\n$ git submodule update --init --recursive\n$ make\n$ sudo make install\n```\n\nThe binary is named by `embedshim-containerd` which has full functionality in\nlinux. You can just replace your local containerd with it.\n\n```bash\n$ sudo install bin/embedshim-containerd $(command -v containerd)\n$ sudo systemctl restart containerd\n```\n\nAnd check plugin with `ctr`\n\n```bash\n$ ctr plugin ls | grep embed\nio.containerd.runtime.v1        embed                    linux/amd64    ok\n```\n\n## Status\n\nThe embedshim supports to run container in headless or with input. But it still\nworks in progress, do not use in production.\n\n* [ ] Task Event(Create/Start/Exit/Delete/OOM) support\n\n## Requirements\n\n* raw tracepoint bpf \u003e= kernel v4.18\n* CO-RE BTF vmlinux support \u003e= kernel v5.4\n* pidfd polling \u003e= kernel v5.3\n\n## License\n\n* The user space components are licensed under\n  [the Apache License, Version 2.0](LICENSE).\n* The BPF code are under\n  [the General Public License, Version 2.0](bpf/COPYING).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffuweid%2Fembedshim","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffuweid%2Fembedshim","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffuweid%2Fembedshim/lists"}