{"id":21024895,"url":"https://github.com/nestybox/sysbox-ee","last_synced_at":"2025-05-15T08:33:40.981Z","repository":{"id":39979019,"uuid":"198011870","full_name":"nestybox/sysbox-ee","owner":"nestybox","description":"Sysbox Enterprise-Edition repository. The enterprise version of the open-source Sysbox \"runc\" runtime (empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs).","archived":false,"fork":false,"pushed_at":"2023-08-30T05:34:09.000Z","size":13089,"stargazers_count":48,"open_issues_count":3,"forks_count":7,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-04-03T07:11:18.213Z","etag":null,"topics":["container-runtime-security","container-runtimes","containers","devops","docker","kubernetes","rootless-containers"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nestybox.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-07-21T04:28:59.000Z","updated_at":"2025-03-02T14:52:48.000Z","dependencies_parsed_at":"2024-11-19T11:41:40.941Z","dependency_job_id":"618f7db8-80ed-4b19-9c10-a2b183f6326f","html_url":"https://github.com/nestybox/sysbox-ee","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nestybox%2Fsysbox-ee","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nestybox%2Fsysbox-ee/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nestybox%2Fsysbox-ee/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nestybox%2Fsysbox-ee/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nestybox","download_url":"https://codeload.github.com/nestybox/sysbox-ee/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254304837,"owners_count":22048480,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["container-runtime-security","container-runtimes","containers","devops","docker","kubernetes","rootless-containers"],"created_at":"2024-11-19T11:29:08.188Z","updated_at":"2025-05-15T08:33:37.302Z","avatar_url":"https://github.com/nestybox.png","language":"Shell","readme":"\u003cp align=\"center\"\u003e\u003cimg alt=\"sysbox\" src=\"./docs/figures/sysbox-ee-header.png\" width=\"1000\" /\u003e\u003c/p\u003e\n\n***\n\n**Sysbox-EE End-of-Life Announcement (01/2023)**\n\nPrior to the [acquisition by Docker][docker-acquisition] on 05/2022, Nestybox\noffered Sysbox Enterprise as an enhanced version of Sysbox (e.g., more security,\nmore workloads, and official support), via a paid license agreement.\n\nAfter the acquisition however, Sysbox Enterprise will no longer be offered as a\nstandalone product. Instead, Docker plans to port some (TBD) Sysbox-EE features\nto Sysbox-CE so users can replace the former with the latter.\n\nAt this time, **no new licenses of Sysbox-EE are sold and no license renewals\nare offered**. This repo will remain open for existing customers as a way to\ndownload Sysbox-EE binaries, but will be phased out in mid 2023 (after all\nexisting license agreements expire).\n\n***\n\n## Contents\n\n*   [Introduction](#introduction)\n*   [Features](#features)\n*   [Supported Distros](#supported-distros)\n*   [Host Requirements](#host-requirements)\n*   [Installation](#installation)\n*   [Using Sysbox-EE](#using-sysbox-ee)\n*   [Documentation](#documentation)\n*   [Filing Issues](#filing-issues)\n*   [Support](#support)\n*   [About Nestybox](#about-nestybox)\n*   [Contact](#contact)\n*   [Thank You](#thank-you)\n\n## Introduction\n\n**Sysbox Enterprise Edition** (Sysbox-EE) is the enterprise version of the\nopen-source [Sysbox container runtime](https://github.com/nestybox/sysbox),\ndeveloped by Nestybox ([acquired by Docker][docker-acquisition] on 05/2022).\n\nSysbox-EE uses Sysbox at its core, but adds enterprise-level features such as:\n\n*   Improved container isolation / security\n\n*   Running more types of system-level workloads inside containers\n\n*   Scalability (running more containers per host)\n\n*   Significant performance and efficiency optimizations (for faster container deployment with reduced disk utilization)\n\n*   Lifecycle (higher release cadence, critical bug fixes ASAP)\n\n*   Nestybox professional support with a guaranteed SLA (rather than best effort on Sysbox)\n\n*   Feature prioritization (Sysbox-EE feature requests are prioritized)\n\nSysbox-EE is a drop-in replacement for Sysbox. It installs and it's used in the\nexact same way, but includes the additional features listed above. On a given\nhost however, either Sysbox or Sysbox-EE must be installed, never both.\n\nSee the [next section](#features) for a comparison between Sysbox-EE and\nSysbox (aka Sysbox Community Edition or Sysbox-CE).\n\n## Features\n\nFeatures are shown below.\n\n\u003cp align=\"center\"\u003e\n    \u003cimg alt=\"sysbox\" src=\"./docs/figures/sysbox-features.png\" width=\"1000\" /\u003e\n\u003c/p\u003e\n\nIf you have questions, you can reach us [here](#contact).\n\n## Supported Distros\n\nSysbox-EE relies on functionality available only in relatively recent Linux kernel\nreleases.\n\nSee the [distro compatibility doc](docs/distro-compat.md) for information about\nthe supported Linux distributions and the required kernel releases.\n\nWe plan to add support for more distros in the near future.\n\n## Host Requirements\n\nThe Sysbox-EE host must meet the following requirements:\n\n*   It must be running one of the [supported Linux distros](docs/distro-compat.md).\n\n*   We recommend a minimum of 4 CPUs (e.g., 2 cores with 2 hyperthreads) and 4GB\n    of RAM. Though this is not a hard requirement, smaller configurations may\n    slow down Sysbox-EE.\n\n## Installation\n\nSysbox-EE is a drop-in replacement for Sysbox, meaning that it's installed and\nused in the same way.\n\nFor this reason, the documents in the [Sysbox repo](https://github.com/nestybox/sysbox/tree/master/docs)\napply equally to both Sysbox and Sysbox-EE.\n\nHere are the links to the docs showing how to install Sysbox-EE:\n\n*   [Installation on Docker hosts](https://github.com/nestybox/sysbox/blob/master/docs/user-guide/install-package.md#installing-sysbox-enterprise-edition-sysbox-ee)\n\n*   [Installation on Kubernetes Clusters](https://github.com/nestybox/sysbox/blob/master/docs/user-guide/install-k8s.md#installation-of-sysbox-enterprise-edition-sysbox-ee)\n\n## Using Sysbox-EE\n\nOnce Sysbox-EE is installed, you create a container using your container manager\nor orchestrator (e.g., Docker or Kubernetes) and an image of your choice.\n\nDocker command example:\n\n```console\n$ docker run --runtime=sysbox-runc --rm -it --hostname my_cont registry.nestybox.com/nestybox/ubuntu-bionic-systemd-docker\nroot@my_cont:/#\n```\n\nKubernetes pod spec example:\n\n```yaml\napiVersion: v1\nkind: Pod\nmetadata:\n  name: ubu-bio-systemd-docker\n  annotations:\n    io.kubernetes.cri-o.userns-mode: \"auto:size=65536\"\nspec:\n  runtimeClassName: sysbox-runc\n  containers:\n  - name: ubu-bio-systemd-docker\n    image: registry.nestybox.com/nestybox/ubuntu-bionic-systemd-docker\n    command: [\"/sbin/init\"]\n  restartPolicy: Never\n```\n\nYou can choose whatever container image you want, Sysbox-EE places no requirements\non the image.\n\nRefer to the [Documentation](#documentation) section below for further examples\non how to use Sysbox-EE.\n\n## Documentation\n\nThe following documents in the [Sysbox repo](https://github.com/nestybox/sysbox/tree/master/docs)\nshow how to use Docker and Kubernetes to deploy containers with Sysbox.\n\nThese docs apply equally to both Sysbox and Sysbox-EE.\n\nFeatures that are specific to Sysbox-EE are tagged with **\"Sysbox-EE Feature\nHighlight\"** in the docs.\n\n*   [Sysbox Quick Start Guide](https://github.com/nestybox/sysbox/blob/master/docs/quickstart/README.md)\n\n    *   Provides many examples for using Sysbox to deploy enhanced\n        containers. New users should start here.\n\n*   [Sysbox User Guide](https://github.com/nestybox/sysbox/blob/master/docs/user-guide/README.md)\n\n    *   Provides more detailed information on Sysbox features and troubleshooting.\n\nIn addition, the [Nestybox blog site](https://blog.nestybox.com) has articles\non how to use Sysbox to deploy containers.\n\n## Filing Issues\n\nWe apologize for any problems in the product or documentation, and we appreciate\nusers filing issues that help us improve Sysbox-EE.\n\nTo file issues with Sysbox-EE (e.g., bugs, feature requests, documentation changes, etc.),\nplease refer to the [issue guidelines](docs/issue-guidelines.md) document.\n\n## Security\n\nIf you find bugs or issues that may expose a Sysbox-EE vulnerability, please report\nthese by sending an email to security@nestybox.com. Please do not open security\nissues in this repo. Thanks!\n\nIn addition, a few vulnerabilities have recently been found in the Linux kernel\nthat in some cases reduce or negate the enhanced isolation provided by Sysbox\ncontainers. Fortunately they are all fixed in recent Linux kernels. See the\nSysbox User Guide's [Vulnerabilities \u0026 CVEs chapter](https://github.com/nestybox/sysbox/tree/master/docs/user-guide/security-cve.md)\nfor more info, and reach out on the [Sysbox Slack channel][slack] for further questions.\n\n## Support\n\nReach us at our [slack channel][slack] or at `contact@nestybox.com` for any questions.\nSee our [contact info](#contact) below for more options.\n\n## Contact\n\nWe are happy to help. You can reach us at:\n\nEmail: `contact@nestybox.com`\n\nSlack: [Nestybox Slack Workspace][slack]\n\n[slack]: https://join.slack.com/t/nestybox-support/shared_invite/enQtOTA0NDQwMTkzMjg2LTAxNGJjYTU2ZmJkYTZjNDMwNmM4Y2YxNzZiZGJlZDM4OTc1NGUzZDFiNTM4NzM1ZTA2NDE3NzQ1ODg1YzhmNDQ\n\n[docker-acquisition]: https://www.docker.com/blog/docker-advances-container-isolation-and-workloads-with-acquisition-of-nestybox/\n\n[docker-desktop]: https://www.docker.com/products/\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnestybox%2Fsysbox-ee","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnestybox%2Fsysbox-ee","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnestybox%2Fsysbox-ee/lists"}