CRIU (stands for Checkpoint and Restore in Userspace) is a utility to checkpoint/restore Linux tasks.

Using this tool, you can freeze a running application (or part of it) and checkpoint it to a hard drive as a collection of files. You can then use the files to restore and run the application from the point it was frozen at. The distinctive feature of the CRIU project is that it is mainly implemented in user space. There are some more projects doing C/R for Linux, and so far CRIU appears to be the most feature-rich and up-to-date with the kernel.

CRIU project is (almost) the never-ending story, because we have to always keep up with the Linux kernel supporting checkpoint and restore for all the features it provides. Thus we're looking for contributors of all kinds -- feedback, bug reports, testing, coding, writing, etc. Please refer to CONTRIBUTING.md if you would like to get involved.

The project started as the way to do live migration for OpenVZ Linux containers, but later grew to more sophisticated and flexible tool. It is currently used by (integrated into) OpenVZ, LXC/LXD, Docker, and other software, project gets tremendous help from the community, and its packages are included into many Linux distributions.

Kubernetes Copilot powered by LLM, which leverages advanced language models to streamline and enhance Kubernetes cluster management. This tool integrates seamlessly with your existing Kubernetes setup, providing intelligent automation, diagnostics, and manifest generation capabilities. By utilizing the power of AI, Kubernetes Copilot simplifies complex operations and helps maintain the health and security of your Kubernetes workloads.

Mantis is a next-generation Infrastructure as Code (IaC) tool that reimagines how we manage cloud and Kubernetes resources. Built as a fork of OpenTofu and powered by CUE, Mantis combines the best of Terraform and Helm while solving their limitations.

To manage cloud resources, Mantis compiles CUE configurations into Terraform compatible json and leverages the Opentofu engine to orchestrate it. To manage K8s resources, Mantis compiles CUE configurations yaml manifests which can be deployed either using mantis or via integrations with Gitops tools like ArgoCD or FluxCD

OCI registry client - managing content like artifacts, images, packages

Flagr is an open source Go service that delivers the right experience to the right entity and monitors the impact. It provides feature flags, experimentation (A/B testing), and dynamic configuration. It has clear swagger REST APIs for flags management and flag evaluation.

From Utilization Confusion to PSI Clarity in Kubernetes

Many, many pixels have been burned on the topic of sidecars of late.

If you’ve been paying any attention at all to the cloud-native ecosystem, you’ve doubtless run across discussions about the merits - or lack thereof - of sidecars. In a lot of ways, this is kind of silly: sidecars are a fairly low-level implementation pattern, and it would probably make sense to see them considered an implementation detail rather than the latest hot marketing topic. In other ways, though, we live in an imperfect world and we often do have to pull back the curtains to take a look at the technology underneath the tools we use: understanding the tradeoffs made by our tool choices is often critical to getting the most out of those tools, and architectural decisions are always about tradeoffs.

For various reasons, I ended up being the one to take on the job of pulling back the curtain on both Linkerd’s choice to use the sidecar pattern and Istio Ambient’s choice to avoid it, and look into the ramifications of those choices. I did this in the obvious way: I ran both meshes under load and measured things about them. It was simultaneously frustrating and fascinating, often in surprising ways.