{"id":23235718,"url":"https://github.com/pure-linux/tinyo","last_synced_at":"2025-08-19T21:32:42.306Z","repository":{"id":266171443,"uuid":"897188286","full_name":"pure-linux/tinyo","owner":"pure-linux","description":"TIO simplifies Linux® orchestration.","archived":false,"fork":false,"pushed_at":"2024-12-10T05:24:57.000Z","size":69,"stargazers_count":8,"open_issues_count":4,"forks_count":0,"subscribers_count":4,"default_branch":"release/alpha/0.0.1","last_synced_at":"2024-12-10T05:29:19.951Z","etag":null,"topics":["cde","cli","cloud-native","containers","dashboard","distributed-systems","dns-manager","hacktoberfest","hybrid-cloud","key-value-store","kubernetes-alternative","networking","orchestrator","platform-engineering","proxy-manager","runtime-manager","self-hosted","virtual-machines","vpn-manager"],"latest_commit_sha":null,"homepage":"https://github.com/orgs/pure-linux/repositories","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pure-linux.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-12-02T07:35:45.000Z","updated_at":"2024-12-10T05:25:00.000Z","dependencies_parsed_at":"2024-12-03T00:23:29.080Z","dependency_job_id":"dd820848-1833-4ee1-94d7-65bb62d4e1e8","html_url":"https://github.com/pure-linux/tinyo","commit_stats":null,"previous_names":["pure-linux/tinyo"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pure-linux%2Ftinyo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pure-linux%2Ftinyo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pure-linux%2Ftinyo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pure-linux%2Ftinyo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pure-linux","download_url":"https://codeload.github.com/pure-linux/tinyo/tar.gz/refs/heads/release/alpha/0.0.1","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":230371890,"owners_count":18215807,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cde","cli","cloud-native","containers","dashboard","distributed-systems","dns-manager","hacktoberfest","hybrid-cloud","key-value-store","kubernetes-alternative","networking","orchestrator","platform-engineering","proxy-manager","runtime-manager","self-hosted","virtual-machines","vpn-manager"],"created_at":"2024-12-19T03:29:19.916Z","updated_at":"2024-12-19T03:29:20.609Z","avatar_url":"https://github.com/pure-linux.png","language":"Rust","readme":"\u003cdiv align=\"center\"\u003e\n  \u003cimg width=\"100\" height=\"100\" src=\"https://avatars.githubusercontent.com/u/190339082\" \u003e\n  \u003ch2\u003e𐬺 Tinyo\u003c/h2\u003e\n  \u003ch5\u003eJust orchestrate.\u003c/h5\u003e\n  \u003cp align=\"center\"\u003e\n    \u003ca href=\"#vision\"\u003e\u003cb\u003eWhy\u003c/b\u003e\u003c/a\u003e •\n    \u003ca href=\"#quickstart\"\u003e\u003cb\u003eQuickstart\u003c/b\u003e\u003c/a\u003e •\n    \u003ca href=\"https://discord.gg/ERKBk6ArnQ\" target=\"_blank\"\u003e\u003cb\u003eDiscord\u003c/b\u003e\u003c/a\u003e •\n    \u003ca href=\"https://x.com/PureLinux\" target=\"_blank\"\u003e𝕏\u003c/a\u003e\n  \u003c/p\u003e\n\u003c/div\u003e\n\n**TIO** - A minimal [Linux®][linux.org] **orchestrator**.\n\n[1/8 components:](#components)\n- [tinyoctl-k8s-converter][tinyoctl-k8s-converter]: Converts [K8s][kubernetes.io] `yaml` Statefile to TIO Statefile and `helm` to TIO `apt` ([Vision](#vision)).\n\nInspired by [Tenstorrent][tenstorrent.com], [K8s][kubernetes.io], [tinygrad][tinygrad.org].\n\n\u003cblockquote\u003e\n \u003cspan\u003e\n  A GitHub ⭐️ would support the open-source ecosystem of TIO in a meaningful way.\n \u003c/span\u003e\n\u003c/blockquote\u003e\n\n## Benchmark\n\n| Measurements                | TIO   | [K8s][kubernetes.io] | [Podman][containers/podman] |\n|-----------------------------|-------|-----|----------------|\n| Container Startup Time (alpine:x.y.z) [s] | WIP   | WIP | WIP            |\n| Cluster RAM Size [mb]       | **~288**   | **[~5,476][docs-k8s-ram-size]** | -            |\n| Cluster Disk Size [mb]      | **~144**   | **[~2,750][docs-k8s-binary-size]** | -            |\n| System Binary Size (total) [mb] | **~50**   | **[~2,770][docs-k8s-binary-size]** | WIP            |\n\n\u003cblockquote\u003e\n \u003cspan\u003e\n    It's tiny, but it's fast.\n \u003c/span\u003e\n\u003c/blockquote\u003e\n\n**System:**\n- [Ubuntu Server][ubuntu-server] 24.04.1 LTS\n- [OVH VPS Comfort][ovhcloud.com] (4 vCore, 8 GB, 160 GB SSD NVMe, 1 Gbps)\n\n**Last update:** WIP\n\n**TIO:** (HA, 3 Mesh Nodes)\n\n**K8s:** (HA, 3 Master, 2 Worker Nodes)\n\n**Podman:** WIP\n\n---\n\n- [Benchmark](#benchmark)\n- [☁️ Overview](#️-overview)\n    - [Challenge](#challenge)\n- [Features](#features)\n  - [Simplicity](#simplicity)\n  - [Cluster](#cluster)\n  - [Runtime](#runtime)\n    - [Optimized Intra-Node Containers](#optimized-intra-node-containers)\n      - [⚡️ Direct Network](#️-direct-network)\n        - [Key Features](#key-features)\n        - [Benefits](#benefits)\n      - [➕ Instant Duplication](#-instant-duplication)\n        - [Key Features](#key-features-1)\n        - [Benefits](#benefits-1)\n- [🏁 Quickstart](#-quickstart)\n- [Usage](#usage)\n- [Architecture](#architecture)\n  - [Components](#components)\n- [Vision](#vision)\n  - [Roadmap](#roadmap)\n    - [Phase 1: Bicycle](#phase-1-bicycle)\n    - [Phase 2: Car](#phase-2-car)\n    - [Dashboard Pro](#dashboard-pro)\n      - [Concept](#concept)\n- [PureLinux DAO](#purelinux-dao)\n  - [Important IP contributors](#important-ip-contributors)\n  - [Financial Sponsors](#financial-sponsors)\n  - [1337 H4x0r](#1337-h4x0r)\n        - [Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.](#linux-is-the-registered-trademark-of-linus-torvalds-in-the-us-and-other-countries)\n\n---\n\n## ☁️ Overview\n\nThis is the **alpha** version of **TIO**.\n\n**Status:** We're working on the first MVP (1 node **localhost** `cluster` for **Linux®** \u0026 **MacOS®**).\n\n#### Challenge\n\n\u003cblockquote\u003e\n \u003cspan\u003e\n    If you can break it, you truly understand it.\n \u003c/span\u003e\n\u003c/blockquote\u003e\n\nIf you're able to delete lines and/or break the [runtime (tinyort)][tinyort] in any meaningful way, you will be listed in [1337 H4x0r](#1337-h4x0r). Please be kind, this is an early alpha. [![pure-linux-discord](https://img.shields.io/badge/discord-join-7289DA.svg?logo=discord\u0026longCache=true\u0026style=flat)](https://discord.gg/ERKBk6ArnQ)\n\n## Features\n\nSome of the features of TIO are inspired from [k8s/complexities.md][repo-docs-vision-comparisons-k8s-complexities.md].\n\n### Simplicity\n\n- **🍦 CLI**: Minimal [cli](#-usage) (e.g. `tio + l.yml`).\n- **𐬺 Config:** Minimal [Statefiles](#-usage) (`yml`).\n  - Decentralized `cluster` mesh (VPN: [Nebula based][tinyolet-docs-vpn-manager-options-analysis.md], [More Details][tinyolet])\n  - Built-in `user` management with intuitive `cli` login\n  - Built-in `container` `secrets` injection\n  - WIP\n- **🏁 Quickstart:** Be ready in seconds.\n  - [1 curl](#-quickstart) `cluster` setup\n    - TIO [ctl/cli][tinyoctl] (`tio`)\n    - TIO `cluster` ([tinyolet][tinyolet], [tinyokv][tinyokv], [tinyort][tinyort])\n    - ([Docker Hub][hub.docker.com] image (user-selected))\n    - ([VSCode Server][vscode-server] (+ [devcontainers][devcontainers/templates]))\n\n### Cluster\n\n\u003cblockquote\u003e\n \u003cspan\u003e\n    In a nutshell TIO is just an orchestration of runtimes.\n \u003c/span\u003e\n\u003c/blockquote\u003e\n\n- **Efficiency**: **Lowest** possible resource **requirements**\n  - RAM (+ Bandwidth)\n  - IOPS\n  - Disk\n  - ➡️ Significantly **smaller** than [K8s][kubernetes.io] for similar tasks (**less** cloud/operation **costs**)\n- **Scaling:** Infinite (Network **mesh**)\n- **Speed:** Fast ([Rust][rust-lang.org] \u0026 **low-level** libs, achieving lowest **container startup** times, WIP)\n- **Decentralized mesh**\n  - **No master**/worker topology entities.\n- **Upgrades:** Hustle free (**simple** system -\u003e better **LTS compatibility**)\n- **Recursive:** Cluster in `cluster` (tint) per default (**backup**/**restore** whole clusters with ease using [tinyoctl][tinyoctl])\n- **Dynamicity:** E.g. [etcd.io][etcd.io] for [K8s][kubernetes.io] has [important limitations][repo-docs-vision-comparisons-k8s#etcd-limitations] we want to address with [tinyokv][tinyokv].\n\n### Runtime\n\n#### Optimized Intra-Node Containers\n\n##### ⚡️ Direct Network\n\n| Measurements                | TIO   | [K8s][kubernetes.io] | [Podman][containers/podman] |\n|-----------------------------------------------|-------|------|----------------|\n| Container to Container Network Throughput [mb]  | WIP   | WIP  | WIP            |\n\nTIO introduces an innovative feature for optimizing container communication on the same node, **reducing overhead** and improving performance. Unlike traditional networking approaches that rely on full TCP/IP stacks or ingress mechanisms, this runtime leverages **direct communication** methods tailored for **Linux** architectures.\nStandard mechanisms will be added in the future to keep more advanced features **optional**.\n\n###### Key Features\n\n- **Unix Domain Sockets (`UDS`):** Enables fast and efficient inter-container communication without the overhead of TCP/IP. Each container communicates via `UDS` managed by the runtime.\n- **Shared Memory (`shm`):** Facilitates low-latency data exchange by sharing memory regions between containers for intensive data transfers.\n- **Kernel Bypass with `eBPF`:** Utilizes `eBPF` for advanced packet routing and filtering, optimizing node-level communication pipelines.\n- **Direct Process Piping:** Supports lightweight communication using `POSIX` pipes for simpler `IPC` requirements.\n\n###### Benefits\n\n- **Performance Boost:** Drastically reduces network latency and overhead compared to standard container networking.\n- **Secure Isolation:** Maintains strict namespace isolation and access control to ensure container security.\n- **Customizability:** Designed for flexible implementation to fit diverse container workloads.\n\n##### ➕ Instant Duplication\n\n| Measurements                | TIO   | [K8s][kubernetes.io] | [Podman][containers/podman] |\n|-----------------------------------------------|-------|------|----------------|\n| 1000 alpine:x.y.z Container Parallel Start [s]    | WIP   | WIP  | WIP            |\n\nThis feature introduces an approach to container instantiation based on existing ones in **milliseconds** on a single node. Instead of traditional container creation workflows, which rely on extracting and initializing container images from scratch, this method enables **low-level duplication of existing containers** already running on the node. This drastically reduces the time required to spin up identical containers, providing a significant performance boost for scenarios requiring rapid scaling or cloning.\n\n###### Key Features\n\n- **Low-Level Duplication:** Leverages Linux® kernel features to clone running containers directly, bypassing traditional workflows for image extraction and initialization, enabling seamless replication.\n- **Blazing Fast Startup Times:** Launches new containers in milliseconds by reusing filesystem layers, memory, and resources from existing containers on the same node.\n- **Dynamic Resource Optimization:** Detects and reuses running containers on the node, minimizing redundant resource allocation and improving performance.\n- **Advanced Filesystem Snapshotting:** Uses cutting-edge Linux® technologies like `overlayfs` and copy-on-write (`CoW`) layers to efficiently duplicate container filesystems without full re-extraction.\n- **Secure Namespace Cloning:** Maintains container isolation while replicating Linux® namespaces (`PID`, `IPC`, `UTS`, etc.), ensuring secure and consistent environments for each instance.\n- **Memory Optimization with KSM:** Employs Kernel Same-page Merging (`KSM`) to share common memory pages between duplicated containers, reducing memory overhead without sacrificing performance.\n- **Rust-Powered Efficiency:** Built with Rust for high-performance, low-level operations, ensuring safe and reliable container duplication with minimal system impact.\n\n###### Benefits\n\n- **Rapid Scaling:** Scale up workloads almost instantly by duplicating existing containers on-demand.\n- **Significant Speedup:** Duplication is faster than traditional container creation methods, even those optimized by tools like Kubernetes.\n\nPlease give the **community feedback** about your opinion regarding the development of TIO ([Issues][repo-issues]/[Commits][repo-commits]/[Discussions][repo-discussions]).\n\n## 🏁 Quickstart\n\nJust execute \u0026 you're ready to orchestrate on any platform (coming soon). This automatically **installs** `tinyoctl` \u0026 **initializes** a local **cluster** on the host system. **Be ready in seconds:**\n\n```bash\nsh curl tinyo.io/get | bash\n```\n\nDeploy a **[VSCode Server][vscode-server]** with a user-selected **[Docker Hub][hub.docker.com]** image in just one click and a magic password using [tinyocloud][tinyocloud] (WIP).\n\nRunning TIO **requires root** due to the use of **Linux® namespaces**, pivot_root, mounting filesystems, modifying network interfaces and so on.\nEnsure you have the necessary permissions and understand the **security implications** before using TIO Alpha.\n\n⚠️ The current alpha version of TIO should only be used in a controlled environment, such as a **virtual machine** (or container, but currently not supported) to prevent **unintended side effects** on your **host system**.\n\n## Usage\n\n\u003cblockquote\u003e\n \u003cspan\u003e\n    We try to achieve more with less.\n \u003c/span\u003e\n\u003c/blockquote\u003e\n\nTIO uses **minimal Statefiles** (`yml`) which are managed via [tinyoctl][tinyoctl] cli.\n\nFirst **setup** the first `cluster` **node** via `tinyoctl` cli (alias **tio**) by providing a network name, username \u0026 password of your initial admin user:\n```sh\ntio ++ -net [network_name] -u [admin_username] -p [admin_password]\n```\n\nTo **add** more **nodes** just execute the command above on a different host system with the following `tinyoctl` flag in addition:\n```sh\n-ip [IP of any other existing node]\n```\n\nTo **isolate containers** just **create** additional **clusters**. A container has **network access** to **any** other container in one cluster.\n\nHere is an **example** to create 1 container with 1 port \u0026 2 mounts:\n\n```sh\ntio + alpine-1.yml\n```\n\n```yaml\n# Source: https://github.com/pure-linux/tinyoctl/blob/release/alpha/0.0.1/examples/basic/alpine-1.yml\ncontainer: \"alpine:latest\"\nport: 8080\nmounts:\n  - source: \"/etc/hosts\"\n    target: \"/mnt/hosts\"\n  - source: \"/tmp/local-config\"\n    target: \"/config\"\n```\n\n## Architecture\n\n### Components\n\nThe system has the following **4 main components**. [tinyoctl][tinyoctl] interacts with [tinyolet][tinyolet] to start [tinyort][tinyort]. [tinyokv][tinyokv] is the data store for the TIO `cluster` [node(s)][tinyolet].\nDon't worry about master/worker nodes and so on. The system operates similarly to a **mesh** topology:\n\n- **[tinyoctl][tinyoctl]:** Contains cli and packages intended for use by client programs.\n- **[tinyolet][tinyolet]:** Controller for each `cluster` node. Think of it as biolerplate code which is orchestrating the [runtime][tinyort](s).\n- **[tinyokv][tinyokv]:** A high performance distributed Key-Value store for [tinyolet][tinyolet] (WIP).\n- **[tinyort][tinyort]:** Runtime\n\nE.g. the [tinyort/src/utils/core.rs][tinyort-src-utils-core.rs] currently has the size of about **350** code lines. The **MVP** should remain **below 2-3k** lines for single localhost container with storage \u0026 networking (+ Docker Hub download, ..).\n\nTo improve TIO and to make it completely accessible to the entire developer community, we introduced the following **3 additional components:**\n\n- [tinyoapt][tinyoapt]: Package Tool to simplify the setup of various applications within a cluster.\n- [tinyodash][tinyodash]: TIO Pro Dashboard for local development \u0026 cloud operations.\n- [tinyoctl-k8s-converter][tinyoctl-k8s-converter]: Converts [K8s][kubernetes.io] `yaml` Statefile to TIO Statefile and `helm` to TIO `apt` ([Vision](#-vision)).\n\n**1 security related component:**\n- [tinyort-fuzzer][tinyort-fuzzer]: Partial automated Fuzzer for the TIO [runtime][tinyort].\n\n## Vision\n\n\u003cblockquote\u003e\n \u003cspan\u003e\n    Developers want simple, but highly effective tools that reduce (local) infrastructure complexity.\n \u003c/span\u003e\n\u003c/blockquote\u003e\n\n### Roadmap\n\n#### Phase 1: Bicycle\n\n- Minimal **prototype** that addresses localhost development with containers\n- MVP version\n  - Base `cli`\n  - WIP\n- WIP\n\n#### Phase 2: Car\n\n- `w` `clusters` in `x` `clusters` with `y` `nodes` containing `z` `containers`\n- WIP\n\n#### Dashboard Pro\n\n##### Concept\n\n\u003cdiv align=\"center\"\u003e\n  \u003cimg width=\"400\" height=\"400\" src=\"assets/img/demo/dashboard-1.png\" \u003e\n\u003c/div\u003e\n\n**Visualisation:** Full scale TIO `cluster` with multiple `clusters`, `containers`, `storage`, `ingress`, `pipelines`, `scales`, WIP\nSource: [k8svisual/vpk][k8svisual/vpk]\n\n---\n\n## PureLinux DAO\n\n➡️ There is a separate repository for the [DAO][pure-linux-dao].\n\n### Important IP contributors\n\nThe people that are listed below made important direct and/or indirect contributions to the vision of TIO. It is very important for us to document any credit regarding our very kind [contributors][repo-contributors] of various kinds and to give them their individual fair stake.\n\n- [GitHub username] [IP Summary]\n\n### Financial Sponsors\n\nWe are very grateful for every GitHub/.. Sponsor:\n\n- [GitHub username]\n\n### 1337 H4x0r\n\nExperts who successfully deleted lines and/or meaningfully broke the [runtime][tinyort] include:\n\n- Maybe you? [![pure-linux-discord](https://img.shields.io/badge/discord-join-7289DA.svg?logo=discord\u0026longCache=true\u0026style=flat)](https://discord.gg/ERKBk6ArnQ)\n\n---\n\n**[PureLinux.org][purelinux.org]** | Delivering to the open-source community what matters most.\n\n###### Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.\n\n[linux.org]: https://www.linux.org\n[repo-contributors]: https://github.com/pure-linux/tinyo/graphs/contributors\n[repo-issues]: https://github.com/pure-linux/tinyo/issues\n[repo-commits]: https://github.com/pure-linux/tinyo/commits\n[repo-discussions]: https://github.com/pure-linux/tinyo/discussions\n[repo-docs-vision-comparisons-k8s-complexities.md]: ./docs/vision/comparisons/k8s/complexities.md\n[repo-docs-vision-comparisons-k8s#etcd-limitations]: ./docs/vision/comparisons/k8s/complexities.md#etcd-limitations-and-control-plane-complexity\n[docs-k8s-binary-size]: ./docs/vision/comparisons/k8s/size/binary.md\n[docs-k8s-ram-size]: ./docs/vision/comparisons/k8s/size/ram.md\n[pure-linux-discord]: https://discord.gg/ERKBk6ArnQ\n[pure-linux-dao]: https://github.com/pure-linux/DAO\n[tinyoctl]: https://github.com/pure-linux/tinyoctl\n[tinyoctl-k8s-converter]: https://github.com/pure-linux/tinyoctl-k8s-converter\n[tinyolet]: https://github.com/pure-linux/tinyolet\n[tinyokv]: https://github.com/pure-linux/tinyokv\n[tinyort]: https://github.com/pure-linux/tinyort\n[tinyort-fuzzer]: https://github.com/pure-linux/tinyort-fuzzer\n[tinyoapt]: https://github.com/pure-linux/tinyoapt\n[tinyodash]: https://github.com/pure-linux/tinyodash\n[tinyocloud]: https://github.com/pure-linux/tinyocloud\n[tinyort-src-utils-core.rs]: https://github.com/pure-linux/tinyort/blob/release/alpha/0.0.1/src/utils/core.rs\n[purelinux.org]: https://purelinux.org\n[rust-lang.org]: https://rust-lang.org\n[kubernetes.io]: https://kubernetes.io\n[k8svisual/vpk]: https://github.com/k8svisual/vpk\n[tenstorrent.com]: https://tenstorrent.com\n[tinygrad.org]: https://tinygrad.org\n[ubuntu-server]: https://ubuntu.com/server\n[ovhcloud.com]: https://www.ovhcloud.com/en/vps\n[etcd.io]: https://etcd.io\n[containers/podman]: https://github.com/containers/podman\n[go.dev]: https://go.dev\n[hub.docker.com]: https://hub.docker.com\n[vscode-server]: https://code.visualstudio.com/docs/remote/vscode-server\n[devcontainers/templates]: https://github.com/devcontainers/templates\n[tinyolet-docs-vpn-manager-options-analysis.md]: https://github.com/pure-linux/tinyolet/blob/release/alpha/0.0.1/docs/components/vpn-manager/options-analysis.md","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpure-linux%2Ftinyo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpure-linux%2Ftinyo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpure-linux%2Ftinyo/lists"}