diff --git a/README.md b/README.md index 0077b74..7e9e52b 100644 --- a/README.md +++ b/README.md @@ -18,137 +18,138 @@ These services require building custom Docker images from source. ## Supported Services -| Service | Version | -| -------------------------------------------------------------- | -------------------- | -| [Apache APISIX](./src/apisix) | 3.13.0 | -| [Apache Cassandra](./src/cassandra) | 5.0.2 | -| [Apache Flink](./src/flink) | 1.20.0 | -| [Apache HBase](./src/hbase) | 2.6 | -| [Apache HTTP Server](./src/apache) | 2.4.62 | -| [Apache Kafka](./src/kafka) | 7.8.0 | -| [Apache Pulsar](./src/pulsar) | 4.0.7 | -| [Apache RocketMQ](./src/rocketmq) | 5.3.1 | -| [Bifrost Gateway](./src/bifrost-gateway) | v1.3.63 | -| [Bolt.diy](./apps/bolt-diy) | latest | -| [Budibase](./src/budibase) | 3.23.0 | -| [BuildingAI](./apps/buildingai) | latest | -| [Bytebot](./src/bytebot) | edge | -| [Clash](./src/clash) | 1.18.0 | -| [ClickHouse](./src/clickhouse) | 24.11.1 | -| [Conductor](./src/conductor) | latest | -| [DeepTutor](./apps/deeptutor) | latest | -| [Dify](./apps/dify) | 0.18.2 | -| [DNSMasq](./src/dnsmasq) | 2.91 | -| [Dockge](./src/dockge) | 1 | -| [Docker Android Emulator](./src/docker-android) | api-33 | -| [Docker Registry](./src/docker-registry) | 3.0.0 | -| [Doris](./src/doris) | 3.0.0 | -| [DuckDB](./src/duckdb) | v1.1.3 | -| [Easy Dataset](./apps/easy-dataset) | 1.5.1 | -| [Elasticsearch](./src/elasticsearch) | 8.16.1 | -| [etcd](./src/etcd) | 3.6.0 | -| [FalkorDB](./src/falkordb) | v4.14.11 | -| [Firecrawl](./src/firecrawl) | latest | -| [Flowise](./src/flowise) | 3.0.12 | -| [frpc](./src/frpc) | 0.65.0 | -| [frps](./src/frps) | 0.65.0 | -| [Gitea Runner](./src/gitea-runner) | 0.2.13 | -| [Gitea](./src/gitea) | 1.25.4-rootless | -| [GitLab Runner](./src/gitlab-runner) | 17.10.1 | -| [GitLab](./src/gitlab) | 17.10.4-ce.0 | -| [GPUStack](./src/gpustack) | v0.5.3 | -| [Grafana](./src/grafana) | 12.1.1 | -| [Grafana Loki](./src/loki) | 3.3.2 | -| [Grafana Tempo](./src/tempo) | 2.7.2 | -| [Halo](./src/halo) | 2.21.9 | -| [Harbor](./src/harbor) | v2.12.0 | -| [HashiCorp Consul](./src/consul) | 1.20.3 | -| [InfluxDB](./src/influxdb) | 2.8.0 | -| [Jenkins](./src/jenkins) | 2.486-lts | -| [JODConverter](./src/jodconverter) | latest | -| [Kestra](./src/kestra) | latest-full | -| [Kibana](./src/kibana) | 8.16.1 | -| [Kodbox](./src/kodbox) | 1.62 | -| [Kong](./src/kong) | 3.8.0 | -| [Langflow](./apps/langflow) | latest | -| [Langfuse](./apps/langfuse) | 3.115.0 | -| [LibreOffice](./src/libreoffice) | latest | -| [libSQL Server](./src/libsql) | latest | -| [LiteLLM](./src/litellm) | main-stable | -| [llama.cpp](./src/llama.cpp) | server | -| [LMDeploy](./src/lmdeploy) | v0.11.1 | -| [Logstash](./src/logstash) | 8.16.1 | -| [MariaDB Galera Cluster](./src/mariadb-galera) | 11.7.2 | -| [Memos](./src/memos) | 0.25.3 | -| [Milvus Standalone Embed](./src/milvus-standalone-embed) | v2.6.7 | -| [Milvus Standalone](./src/milvus-standalone) | v2.6.7 | -| [Minecraft Bedrock Server](./src/minecraft-bedrock-server) | latest | -| [MinIO](./src/minio) | 0.20251015 | -| [MLflow](./src/mlflow) | v2.20.2 | -| [MoltBot](./apps/moltbot) | main | -| [MongoDB ReplicaSet Single](./src/mongodb-replicaset-single) | 8.2.3 | -| [MongoDB ReplicaSet](./src/mongodb-replicaset) | 8.2.3 | -| [MongoDB Standalone](./src/mongodb-standalone) | 8.2.3 | -| [MySQL](./src/mysql) | 9.4.0 | -| [n8n](./apps/n8n) | 1.114.0 | -| [Nanobot](./apps/nanobot) | v0.1.3.post4 | -| [Nacos](./src/nacos) | v3.1.0 | -| [NebulaGraph](./src/nebulagraph) | v3.8.0 | -| [NexaSDK](./src/nexa-sdk) | v0.2.62 | -| [Neo4j](./src/neo4j) | 5.27.4 | -| [Netdata](./src/netdata) | latest | -| [Nginx](./src/nginx) | 1.29.1 | -| [Node Exporter](./src/node-exporter) | v1.8.2 | -| [OceanBase](./src/oceanbase) | 4.3.3 | -| [Odoo](./src/odoo) | 19.0 | -| [Ollama](./src/ollama) | 0.12.0 | -| [Open WebUI](./src/open-webui) | main | -| [Phoenix (Arize)](./src/phoenix) | 12.31.2-nonroot | -| [Pingora Proxy Manager](./src/pingora-proxy-manager) | v1.0.3 | -| [Open WebUI Rust](./src/open-webui-rust) | latest | -| [OpenCode](./src/opencode) | 1.1.27 | -| [OpenCoze](./apps/opencoze) | See Docs | -| [OpenCut](./src/opencut) | latest | -| [OpenList](./src/openlist) | latest | -| [OpenLIT](./apps/openlit) | latest | -| [OpenObserve](./apps/openobserve) | v0.50.0 (enterprise) | -| [OpenSearch](./src/opensearch) | 2.19.0 | -| [OpenTelemetry Collector](./src/otel-collector) | 0.115.1 | -| [Overleaf](./src/overleaf) | 5.2.1 | -| [PocketBase](./src/pocketbase) | 0.30.0 | -| [Podman](./src/podman) | v5.7.1 | -| [Pogocache](./src/pogocache) | 1.3.1 | -| [Portainer](./src/portainer) | 2.27.3-alpine | -| [Portkey AI Gateway](./src/portkey-gateway) | latest | -| [PostgreSQL](./src/postgres) | 17.6 | -| [Prometheus](./src/prometheus) | 3.5.0 | -| [PyTorch](./src/pytorch) | 2.6.0 | -| [Qdrant](./src/qdrant) | 1.15.4 | -| [RabbitMQ](./src/rabbitmq) | 4.1.4 | -| [Ray](./src/ray) | 2.42.1 | -| [Redpanda](./src/redpanda) | v24.3.1 | -| [Redis Cluster](./src/redis-cluster) | 8.2.1 | -| [Redis](./src/redis) | 8.2.1 | -| [Renovate](./src/renovate) | 42.85.4-full | -| [Restate Cluster](./src/restate-cluster) | 1.5.3 | -| [Restate](./src/restate) | 1.5.3 | -| [SearXNG](./src/searxng) | 2025.1.20-1ce14ef99 | -| [Selenium](./src/selenium) | 144.0-20260120 | -| [SigNoz](./src/signoz) | 0.55.0 | -| [Sim](./apps/sim) | latest | -| [Stable Diffusion WebUI](./apps/stable-diffusion-webui-docker) | latest | -| [Stirling-PDF](./apps/stirling-pdf) | latest | -| [Temporal](./src/temporal) | 1.24.2 | -| [TiDB](./src/tidb) | v8.5.0 | -| [TiKV](./src/tikv) | v8.5.0 | -| [Trigger.dev](./src/trigger-dev) | v4.2.0 | -| [TrailBase](./src/trailbase) | 0.22.4 | -| [Valkey Cluster](./src/valkey-cluster) | 8.0 | -| [Valkey](./src/valkey) | 8.0 | -| [Verdaccio](./src/verdaccio) | 6.1.2 | -| [vLLM](./src/vllm) | v0.13.0 | -| [Windmill](./src/windmill) | main | -| [ZooKeeper](./src/zookeeper) | 3.9.3 | +| Service | Version | +| -------------------------------------------------------------- | ------------------- | +| [Apache APISIX](./src/apisix) | 3.13.0 | +| [Apache Cassandra](./src/cassandra) | 5.0.2 | +| [Apache Flink](./src/flink) | 1.20.0 | +| [Apache HBase](./src/hbase) | 2.6 | +| [Apache HTTP Server](./src/apache) | 2.4.62 | +| [Apache Kafka](./src/kafka) | 7.8.0 | +| [Apache Pulsar](./src/pulsar) | 4.0.7 | +| [Apache RocketMQ](./src/rocketmq) | 5.3.1 | +| [Bifrost Gateway](./src/bifrost-gateway) | v1.3.63 | +| [Bolt.diy](./apps/bolt-diy) | latest | +| [Budibase](./src/budibase) | 3.23.0 | +| [BuildingAI](./apps/buildingai) | latest | +| [Bytebot](./src/bytebot) | edge | +| [Clash](./src/clash) | 1.18.0 | +| [ClickHouse](./src/clickhouse) | 24.11.1 | +| [Conductor](./src/conductor) | latest | +| [DeepTutor](./apps/deeptutor) | latest | +| [Dify](./apps/dify) | 0.18.2 | +| [DNSMasq](./src/dnsmasq) | 2.91 | +| [Dockge](./src/dockge) | 1 | +| [Docker Android Emulator](./src/docker-android) | api-33 | +| [Docker Registry](./src/docker-registry) | 3.0.0 | +| [Doris](./src/doris) | 3.0.0 | +| [DuckDB](./src/duckdb) | v1.1.3 | +| [Easy Dataset](./apps/easy-dataset) | 1.5.1 | +| [Elasticsearch](./src/elasticsearch) | 9.3.0 | +| [etcd](./src/etcd) | 3.6.0 | +| [FalkorDB](./src/falkordb) | v4.14.11 | +| [Firecrawl](./src/firecrawl) | latest | +| [Flowise](./src/flowise) | 3.0.12 | +| [frpc](./src/frpc) | 0.65.0 | +| [frps](./src/frps) | 0.65.0 | +| [Gitea Runner](./src/gitea-runner) | 0.2.13 | +| [Gitea](./src/gitea) | 1.25.4-rootless | +| [GitLab Runner](./src/gitlab-runner) | 17.10.1 | +| [GitLab](./src/gitlab) | 18.8.3-ce.0 | +| [GPUStack](./src/gpustack) | v0.5.3 | +| [Grafana](./src/grafana) | 12.3.2 | +| [Grafana Loki](./src/loki) | 3.3.2 | +| [Grafana Tempo](./src/tempo) | 2.7.2 | +| [Halo](./src/halo) | 2.21.9 | +| [Harbor](./src/harbor) | v2.12.0 | +| [HashiCorp Consul](./src/consul) | 1.20.3 | +| [InfluxDB](./src/influxdb) | 2.8.0 | +| [Jenkins](./src/jenkins) | 2.541-lts | +| [JODConverter](./src/jodconverter) | latest | +| [Kestra](./src/kestra) | latest-full | +| [Kibana](./src/kibana) | 8.16.1 | +| [Kodbox](./src/kodbox) | 1.62 | +| [Kong](./src/kong) | 3.8.0 | +| [Langflow](./apps/langflow) | latest | +| [Langfuse](./apps/langfuse) | 3.115.0 | +| [LibreOffice](./src/libreoffice) | latest | +| [libSQL Server](./src/libsql) | latest | +| [LiteLLM](./src/litellm) | main-stable | +| [llama.cpp](./src/llama.cpp) | server | +| [LMDeploy](./src/lmdeploy) | v0.11.1 | +| [Logstash](./src/logstash) | 8.16.1 | +| [MariaDB Galera Cluster](./src/mariadb-galera) | 11.7.2 | +| [Memos](./src/memos) | 0.25.3 | +| [Milvus Standalone Embed](./src/milvus-standalone-embed) | v2.6.7 | +| [Milvus Standalone](./src/milvus-standalone) | v2.6.7 | +| [Minecraft Bedrock Server](./src/minecraft-bedrock-server) | latest | +| [MinIO](./src/minio) | 0.20260202 | +| [MLflow](./src/mlflow) | v2.20.2 | +| [MoltBot](./apps/moltbot) | main | +| [MongoDB ReplicaSet Single](./src/mongodb-replicaset-single) | 8.2.3 | +| [MongoDB ReplicaSet](./src/mongodb-replicaset) | 8.2.3 | +| [MongoDB Standalone](./src/mongodb-standalone) | 8.2.3 | +| [MySQL](./src/mysql) | 9.4.0 | +| [n8n](./apps/n8n) | 1.114.0 | +| [Nanobot](./apps/nanobot) | v0.1.3.post4 | +| [Nacos](./src/nacos) | v3.1.0 | +| [NebulaGraph](./src/nebulagraph) | v3.8.0 | +| [NexaSDK](./src/nexa-sdk) | v0.2.62 | +| [Neo4j](./src/neo4j) | 5.27.4 | +| [Netdata](./src/netdata) | latest | +| [Nginx](./src/nginx) | 1.28.2 | +| [Node Exporter](./src/node-exporter) | v1.8.2 | +| [OceanBase](./src/oceanbase) | 4.3.3 | +| [Odoo](./src/odoo) | 19.0 | +| [Ollama](./src/ollama) | 0.14.3 | +| [Open WebUI](./src/open-webui) | main | +| [Phoenix (Arize)](./src/phoenix) | 12.31.2-nonroot | +| [Pingora Proxy Manager](./src/pingora-proxy-manager) | v1.0.3 | +| [Open WebUI Rust](./src/open-webui-rust) | latest | +| [OpenCode](./src/opencode) | 1.1.27 | +| [OpenCoze](./apps/opencoze) | See Docs | +| [OpenCut](./src/opencut) | latest | +| [OpenList](./src/openlist) | latest | +| [OpenLIT](./apps/openlit) | latest | +| [OpenSandbox](./apps/opensandbox) | v1.0.5 | +| [OpenObserve](./apps/openobserve) | v0.50.0 | +| [OpenSearch](./src/opensearch) | 2.19.0 | +| [OpenTelemetry Collector](./src/otel-collector) | 0.115.1 | +| [Overleaf](./src/overleaf) | 5.2.1 | +| [PocketBase](./src/pocketbase) | 0.30.0 | +| [Podman](./src/podman) | v5.7.1 | +| [Pogocache](./src/pogocache) | 1.3.1 | +| [Portainer](./src/portainer) | 2.27.3-alpine | +| [Portkey AI Gateway](./src/portkey-gateway) | latest | +| [PostgreSQL](./src/postgres) | 17.6 | +| [Prometheus](./src/prometheus) | 3.5.1 | +| [PyTorch](./src/pytorch) | 2.6.0 | +| [Qdrant](./src/qdrant) | 1.15.4 | +| [RabbitMQ](./src/rabbitmq) | 4.2.3 | +| [Ray](./src/ray) | 2.42.1 | +| [Redpanda](./src/redpanda) | v24.3.1 | +| [Redis Cluster](./src/redis-cluster) | 8.2.1 | +| [Redis](./src/redis) | 8.2.1 | +| [Renovate](./src/renovate) | 42.85.4-full | +| [Restate Cluster](./src/restate-cluster) | 1.5.3 | +| [Restate](./src/restate) | 1.5.3 | +| [SearXNG](./src/searxng) | 2025.1.20-1ce14ef99 | +| [Selenium](./src/selenium) | 144.0-20260120 | +| [SigNoz](./src/signoz) | 0.55.0 | +| [Sim](./apps/sim) | latest | +| [Stable Diffusion WebUI](./apps/stable-diffusion-webui-docker) | latest | +| [Stirling-PDF](./apps/stirling-pdf) | latest | +| [Temporal](./src/temporal) | 1.24.2 | +| [TiDB](./src/tidb) | v8.5.0 | +| [TiKV](./src/tikv) | v8.5.0 | +| [Trigger.dev](./src/trigger-dev) | v4.2.0 | +| [TrailBase](./src/trailbase) | 0.22.4 | +| [Valkey Cluster](./src/valkey-cluster) | 8.0 | +| [Valkey](./src/valkey) | 8.0 | +| [Verdaccio](./src/verdaccio) | 6.1.2 | +| [vLLM](./src/vllm) | v0.13.0 | +| [Windmill](./src/windmill) | main | +| [ZooKeeper](./src/zookeeper) | 3.9.3 | ## MCP Servers diff --git a/README.zh.md b/README.zh.md index 17cbbb0..51453e0 100644 --- a/README.zh.md +++ b/README.zh.md @@ -18,137 +18,138 @@ Compose Anything 通过提供一组高质量的 Docker Compose 配置文件, ## 已经支持的服务 -| 服务 | 版本 | -| -------------------------------------------------------------- | --------------------- | -| [Apache APISIX](./src/apisix) | 3.13.0 | -| [Apache Cassandra](./src/cassandra) | 5.0.2 | -| [Apache Flink](./src/flink) | 1.20.0 | -| [Apache HBase](./src/hbase) | 2.6 | -| [Apache HTTP Server](./src/apache) | 2.4.62 | -| [Apache Kafka](./src/kafka) | 7.8.0 | -| [Apache Pulsar](./src/pulsar) | 4.0.7 | -| [Apache RocketMQ](./src/rocketmq) | 5.3.1 | -| [Bifrost Gateway](./src/bifrost-gateway) | v1.3.63 | -| [Bolt.diy](./apps/bolt-diy) | latest | -| [Budibase](./src/budibase) | 3.23.0 | -| [BuildingAI](./apps/buildingai) | latest | -| [Bytebot](./src/bytebot) | edge | -| [Clash](./src/clash) | 1.18.0 | -| [ClickHouse](./src/clickhouse) | 24.11.1 | -| [Conductor](./src/conductor) | latest | -| [DeepTutor](./apps/deeptutor) | latest | -| [Dify](./apps/dify) | 0.18.2 | -| [DNSMasq](./src/dnsmasq) | 2.91 | -| [Dockge](./src/dockge) | 1 | -| [Docker Android Emulator](./src/docker-android) | api-33 | -| [Docker Registry](./src/docker-registry) | 3.0.0 | -| [Doris](./src/doris) | 3.0.0 | -| [DuckDB](./src/duckdb) | v1.1.3 | -| [Easy Dataset](./apps/easy-dataset) | 1.5.1 | -| [Elasticsearch](./src/elasticsearch) | 8.16.1 | -| [etcd](./src/etcd) | 3.6.0 | -| [FalkorDB](./src/falkordb) | v4.14.11 | -| [Firecrawl](./src/firecrawl) | latest | -| [Flowise](./src/flowise) | 3.0.12 | -| [frpc](./src/frpc) | 0.65.0 | -| [frps](./src/frps) | 0.65.0 | -| [Gitea Runner](./src/gitea-runner) | 0.2.13 | -| [Gitea](./src/gitea) | 1.25.4-rootless | -| [GitLab Runner](./src/gitlab-runner) | 17.10.1 | -| [GitLab](./src/gitlab) | 17.10.4-ce.0 | -| [GPUStack](./src/gpustack) | v0.5.3 | -| [Grafana](./src/grafana) | 12.1.1 | -| [Grafana Loki](./src/loki) | 3.3.2 | -| [Grafana Tempo](./src/tempo) | 2.7.2 | -| [Halo](./src/halo) | 2.21.9 | -| [Harbor](./src/harbor) | v2.12.0 | -| [HashiCorp Consul](./src/consul) | 1.20.3 | -| [InfluxDB](./src/influxdb) | 2.8.0 | -| [Jenkins](./src/jenkins) | 2.486-lts | -| [JODConverter](./src/jodconverter) | latest | -| [Kestra](./src/kestra) | latest-full | -| [Kibana](./src/kibana) | 8.16.1 | -| [Kodbox](./src/kodbox) | 1.62 | -| [Kong](./src/kong) | 3.8.0 | -| [Langflow](./apps/langflow) | latest | -| [Langfuse](./apps/langfuse) | 3.115.0 | -| [LibreOffice](./src/libreoffice) | latest | -| [libSQL Server](./src/libsql) | latest | -| [LiteLLM](./src/litellm) | main-stable | -| [llama.cpp](./src/llama.cpp) | server | -| [LMDeploy](./src/lmdeploy) | v0.11.1 | -| [Logstash](./src/logstash) | 8.16.1 | -| [MariaDB Galera Cluster](./src/mariadb-galera) | 11.7.2 | -| [Memos](./src/memos) | 0.25.3 | -| [Milvus Standalone Embed](./src/milvus-standalone-embed) | v2.6.7 | -| [Milvus Standalone](./src/milvus-standalone) | v2.6.7 | -| [Minecraft Bedrock Server](./src/minecraft-bedrock-server) | latest | -| [MinIO](./src/minio) | 0.20251015 | -| [MLflow](./src/mlflow) | v2.20.2 | -| [MoltBot](./apps/moltbot) | main | -| [MongoDB ReplicaSet Single](./src/mongodb-replicaset-single) | 8.2.3 | -| [MongoDB ReplicaSet](./src/mongodb-replicaset) | 8.2.3 | -| [MongoDB Standalone](./src/mongodb-standalone) | 8.2.3 | -| [MySQL](./src/mysql) | 9.4.0 | -| [n8n](./apps/n8n) | 1.114.0 | -| [Nanobot](./apps/nanobot) | v0.1.3.post4 | -| [Nacos](./src/nacos) | v3.1.0 | -| [NebulaGraph](./src/nebulagraph) | v3.8.0 | -| [NexaSDK](./src/nexa-sdk) | v0.2.62 | -| [Neo4j](./src/neo4j) | 5.27.4 | -| [Netdata](./src/netdata) | latest | -| [Nginx](./src/nginx) | 1.29.1 | -| [Node Exporter](./src/node-exporter) | v1.8.2 | -| [OceanBase](./src/oceanbase) | 4.3.3 | -| [Odoo](./src/odoo) | 19.0 | -| [Ollama](./src/ollama) | 0.12.0 | -| [Open WebUI](./src/open-webui) | main | -| [Phoenix (Arize)](./src/phoenix) | 12.31.2-nonroot | -| [Pingora Proxy Manager](./src/pingora-proxy-manager) | v1.0.3 | -| [Open WebUI Rust](./src/open-webui-rust) | latest | -| [OpenCode](./src/opencode) | 1.1.27 | -| [OpenCoze](./apps/opencoze) | See Docs | -| [OpenCut](./src/opencut) | latest | -| [OpenList](./src/openlist) | latest | -| [OpenLIT](./apps/openlit) | latest | -| [OpenObserve](./apps/openobserve) | v0.50.0(enterprise) | -| [OpenSearch](./src/opensearch) | 2.19.0 | -| [OpenTelemetry Collector](./src/otel-collector) | 0.115.1 | -| [Overleaf](./src/overleaf) | 5.2.1 | -| [PocketBase](./src/pocketbase) | 0.30.0 | -| [Podman](./src/podman) | v5.7.1 | -| [Pogocache](./src/pogocache) | 1.3.1 | -| [Portainer](./src/portainer) | 2.27.3-alpine | -| [Portkey AI Gateway](./src/portkey-gateway) | latest | -| [PostgreSQL](./src/postgres) | 17.6 | -| [Prometheus](./src/prometheus) | 3.5.0 | -| [PyTorch](./src/pytorch) | 2.6.0 | -| [Qdrant](./src/qdrant) | 1.15.4 | -| [RabbitMQ](./src/rabbitmq) | 4.1.4 | -| [Ray](./src/ray) | 2.42.1 | -| [Redpanda](./src/redpanda) | v24.3.1 | -| [Redis Cluster](./src/redis-cluster) | 8.2.1 | -| [Redis](./src/redis) | 8.2.1 | -| [Renovate](./src/renovate) | 42.85.4-full | -| [Restate Cluster](./src/restate-cluster) | 1.5.3 | -| [Restate](./src/restate) | 1.5.3 | -| [SearXNG](./src/searxng) | 2025.1.20-1ce14ef99 | -| [Selenium](./src/selenium) | 144.0-20260120 | -| [SigNoz](./src/signoz) | 0.55.0 | -| [Sim](./apps/sim) | latest | -| [Stable Diffusion WebUI](./apps/stable-diffusion-webui-docker) | latest | -| [Stirling-PDF](./apps/stirling-pdf) | latest | -| [Temporal](./src/temporal) | 1.24.2 | -| [TiDB](./src/tidb) | v8.5.0 | -| [TiKV](./src/tikv) | v8.5.0 | -| [Trigger.dev](./src/trigger-dev) | v4.2.0 | -| [TrailBase](./src/trailbase) | 0.22.4 | -| [Valkey Cluster](./src/valkey-cluster) | 8.0 | -| [Valkey](./src/valkey) | 8.0 | -| [Verdaccio](./src/verdaccio) | 6.1.2 | -| [vLLM](./src/vllm) | v0.13.0 | -| [Windmill](./src/windmill) | main | -| [ZooKeeper](./src/zookeeper) | 3.9.3 | +| 服务 | 版本 | +| -------------------------------------------------------------- | ------------------- | +| [Apache APISIX](./src/apisix) | 3.13.0 | +| [Apache Cassandra](./src/cassandra) | 5.0.2 | +| [Apache Flink](./src/flink) | 1.20.0 | +| [Apache HBase](./src/hbase) | 2.6 | +| [Apache HTTP Server](./src/apache) | 2.4.62 | +| [Apache Kafka](./src/kafka) | 7.8.0 | +| [Apache Pulsar](./src/pulsar) | 4.0.7 | +| [Apache RocketMQ](./src/rocketmq) | 5.3.1 | +| [Bifrost Gateway](./src/bifrost-gateway) | v1.3.63 | +| [Bolt.diy](./apps/bolt-diy) | latest | +| [Budibase](./src/budibase) | 3.23.0 | +| [BuildingAI](./apps/buildingai) | latest | +| [Bytebot](./src/bytebot) | edge | +| [Clash](./src/clash) | 1.18.0 | +| [ClickHouse](./src/clickhouse) | 24.11.1 | +| [Conductor](./src/conductor) | latest | +| [DeepTutor](./apps/deeptutor) | latest | +| [Dify](./apps/dify) | 0.18.2 | +| [DNSMasq](./src/dnsmasq) | 2.91 | +| [Dockge](./src/dockge) | 1 | +| [Docker Android Emulator](./src/docker-android) | api-33 | +| [Docker Registry](./src/docker-registry) | 3.0.0 | +| [Doris](./src/doris) | 3.0.0 | +| [DuckDB](./src/duckdb) | v1.1.3 | +| [Easy Dataset](./apps/easy-dataset) | 1.5.1 | +| [Elasticsearch](./src/elasticsearch) | 9.3.0 | +| [etcd](./src/etcd) | 3.6.0 | +| [FalkorDB](./src/falkordb) | v4.14.11 | +| [Firecrawl](./src/firecrawl) | latest | +| [Flowise](./src/flowise) | 3.0.12 | +| [frpc](./src/frpc) | 0.65.0 | +| [frps](./src/frps) | 0.65.0 | +| [Gitea Runner](./src/gitea-runner) | 0.2.13 | +| [Gitea](./src/gitea) | 1.25.4-rootless | +| [GitLab Runner](./src/gitlab-runner) | 17.10.1 | +| [GitLab](./src/gitlab) | 18.8.3-ce.0 | +| [GPUStack](./src/gpustack) | v0.5.3 | +| [Grafana](./src/grafana) | 12.3.2 | +| [Grafana Loki](./src/loki) | 3.3.2 | +| [Grafana Tempo](./src/tempo) | 2.7.2 | +| [Halo](./src/halo) | 2.21.9 | +| [Harbor](./src/harbor) | v2.12.0 | +| [HashiCorp Consul](./src/consul) | 1.20.3 | +| [InfluxDB](./src/influxdb) | 2.8.0 | +| [Jenkins](./src/jenkins) | 2.541-lts | +| [JODConverter](./src/jodconverter) | latest | +| [Kestra](./src/kestra) | latest-full | +| [Kibana](./src/kibana) | 8.16.1 | +| [Kodbox](./src/kodbox) | 1.62 | +| [Kong](./src/kong) | 3.8.0 | +| [Langflow](./apps/langflow) | latest | +| [Langfuse](./apps/langfuse) | 3.115.0 | +| [LibreOffice](./src/libreoffice) | latest | +| [libSQL Server](./src/libsql) | latest | +| [LiteLLM](./src/litellm) | main-stable | +| [llama.cpp](./src/llama.cpp) | server | +| [LMDeploy](./src/lmdeploy) | v0.11.1 | +| [Logstash](./src/logstash) | 8.16.1 | +| [MariaDB Galera Cluster](./src/mariadb-galera) | 11.7.2 | +| [Memos](./src/memos) | 0.25.3 | +| [Milvus Standalone Embed](./src/milvus-standalone-embed) | v2.6.7 | +| [Milvus Standalone](./src/milvus-standalone) | v2.6.7 | +| [Minecraft Bedrock Server](./src/minecraft-bedrock-server) | latest | +| [MinIO](./src/minio) | 0.20260202 | +| [MLflow](./src/mlflow) | v2.20.2 | +| [MoltBot](./apps/moltbot) | main | +| [MongoDB ReplicaSet Single](./src/mongodb-replicaset-single) | 8.2.3 | +| [MongoDB ReplicaSet](./src/mongodb-replicaset) | 8.2.3 | +| [MongoDB Standalone](./src/mongodb-standalone) | 8.2.3 | +| [MySQL](./src/mysql) | 9.4.0 | +| [n8n](./apps/n8n) | 1.114.0 | +| [Nanobot](./apps/nanobot) | v0.1.3.post4 | +| [Nacos](./src/nacos) | v3.1.0 | +| [NebulaGraph](./src/nebulagraph) | v3.8.0 | +| [NexaSDK](./src/nexa-sdk) | v0.2.62 | +| [Neo4j](./src/neo4j) | 5.27.4 | +| [Netdata](./src/netdata) | latest | +| [Nginx](./src/nginx) | 1.28.2 | +| [Node Exporter](./src/node-exporter) | v1.8.2 | +| [OceanBase](./src/oceanbase) | 4.3.3 | +| [Odoo](./src/odoo) | 19.0 | +| [Ollama](./src/ollama) | 0.14.3 | +| [Open WebUI](./src/open-webui) | main | +| [Phoenix (Arize)](./src/phoenix) | 12.31.2-nonroot | +| [Pingora Proxy Manager](./src/pingora-proxy-manager) | v1.0.3 | +| [Open WebUI Rust](./src/open-webui-rust) | latest | +| [OpenCode](./src/opencode) | 1.1.27 | +| [OpenCoze](./apps/opencoze) | See Docs | +| [OpenCut](./src/opencut) | latest | +| [OpenList](./src/openlist) | latest | +| [OpenLIT](./apps/openlit) | latest | +| [OpenSandbox](./apps/opensandbox) | v1.0.5 | +| [OpenObserve](./apps/openobserve) | v0.50.0 | +| [OpenSearch](./src/opensearch) | 2.19.0 | +| [OpenTelemetry Collector](./src/otel-collector) | 0.115.1 | +| [Overleaf](./src/overleaf) | 5.2.1 | +| [PocketBase](./src/pocketbase) | 0.30.0 | +| [Podman](./src/podman) | v5.7.1 | +| [Pogocache](./src/pogocache) | 1.3.1 | +| [Portainer](./src/portainer) | 2.27.3-alpine | +| [Portkey AI Gateway](./src/portkey-gateway) | latest | +| [PostgreSQL](./src/postgres) | 17.6 | +| [Prometheus](./src/prometheus) | 3.5.1 | +| [PyTorch](./src/pytorch) | 2.6.0 | +| [Qdrant](./src/qdrant) | 1.15.4 | +| [RabbitMQ](./src/rabbitmq) | 4.2.3 | +| [Ray](./src/ray) | 2.42.1 | +| [Redpanda](./src/redpanda) | v24.3.1 | +| [Redis Cluster](./src/redis-cluster) | 8.2.1 | +| [Redis](./src/redis) | 8.2.1 | +| [Renovate](./src/renovate) | 42.85.4-full | +| [Restate Cluster](./src/restate-cluster) | 1.5.3 | +| [Restate](./src/restate) | 1.5.3 | +| [SearXNG](./src/searxng) | 2025.1.20-1ce14ef99 | +| [Selenium](./src/selenium) | 144.0-20260120 | +| [SigNoz](./src/signoz) | 0.55.0 | +| [Sim](./apps/sim) | latest | +| [Stable Diffusion WebUI](./apps/stable-diffusion-webui-docker) | latest | +| [Stirling-PDF](./apps/stirling-pdf) | latest | +| [Temporal](./src/temporal) | 1.24.2 | +| [TiDB](./src/tidb) | v8.5.0 | +| [TiKV](./src/tikv) | v8.5.0 | +| [Trigger.dev](./src/trigger-dev) | v4.2.0 | +| [TrailBase](./src/trailbase) | 0.22.4 | +| [Valkey Cluster](./src/valkey-cluster) | 8.0 | +| [Valkey](./src/valkey) | 8.0 | +| [Verdaccio](./src/verdaccio) | 6.1.2 | +| [vLLM](./src/vllm) | v0.13.0 | +| [Windmill](./src/windmill) | main | +| [ZooKeeper](./src/zookeeper) | 3.9.3 | ## MCP 服务器 diff --git a/apps/opensandbox/.env.example b/apps/opensandbox/.env.example new file mode 100644 index 0000000..82c9367 --- /dev/null +++ b/apps/opensandbox/.env.example @@ -0,0 +1,46 @@ +# OpenSandbox Configuration +# A general-purpose sandbox platform for AI applications + +# Global registry prefix for all images (optional) +# Example: GLOBAL_REGISTRY=registry.example.com/ +GLOBAL_REGISTRY= + +# Timezone setting +TZ=UTC + +# ======================================== +# OpenSandbox Server Configuration +# ======================================== + +# OpenSandbox server image version +# Default: v1.0.5 +OPENSANDBOX_SERVER_VERSION=v1.0.5 + +# OpenSandbox server port override (host port mapping) +# Default: 8080 +OPENSANDBOX_SERVER_PORT_OVERRIDE=8080 + +# Docker socket path (for sandbox container creation) +# Default: unix:///var/run/docker.sock +# On macOS with Colima: unix://${HOME}/.colima/default/docker.sock +DOCKER_HOST=unix:///var/run/docker.sock + +# ======================================== +# Resource Limits +# ======================================== + +# OpenSandbox Server CPU limit +# Default: 2.0 (2 CPU cores) +OPENSANDBOX_SERVER_CPU_LIMIT=2.0 + +# OpenSandbox Server CPU reservation +# Default: 1.0 (1 CPU core) +OPENSANDBOX_SERVER_CPU_RESERVATION=1.0 + +# OpenSandbox Server memory limit +# Default: 2G +OPENSANDBOX_SERVER_MEMORY_LIMIT=2G + +# OpenSandbox Server memory reservation +# Default: 1G +OPENSANDBOX_SERVER_MEMORY_RESERVATION=1G diff --git a/apps/opensandbox/README.md b/apps/opensandbox/README.md new file mode 100644 index 0000000..3b688f5 --- /dev/null +++ b/apps/opensandbox/README.md @@ -0,0 +1,241 @@ +# OpenSandbox + +English | [中文](README.zh.md) + +A general-purpose sandbox platform for AI applications, offering multi-language SDKs, unified sandbox APIs, and Docker/Kubernetes runtimes. Ideal for scenarios like Coding Agents, GUI Agents, Agent Evaluation, AI Code Execution, and RL Training. + +## Features + +- **Multi-language SDK Support**: Python, JavaScript/TypeScript, Java/Kotlin, and Go client SDKs +- **Unified Sandbox API**: Consistent interface for sandbox lifecycle, command execution, and file operations +- **Multiple Runtime Options**: Docker and Kubernetes runtime support +- **Security Hardening**: Built-in security features including capability dropping, privilege escalation prevention, and resource limits +- **Flexible Configuration**: Support for various network modes, resource constraints, and security profiles +- **Code Interpreter**: Pre-built images with Python, Node.js, Java, and Go kernel support + +## Quick Start + +### Prerequisites + +- Docker Engine (required for Docker runtime) +- Docker Compose +- Sufficient permissions to access Docker socket + +> **Note for macOS users using Colima**: You need to set the `DOCKER_HOST` environment variable before starting OpenSandbox: +> +> ```bash +> export DOCKER_HOST="unix://${HOME}/.colima/default/docker.sock" +> ``` + +### Deployment + +1. **Copy the environment file and configure as needed:** + + ```bash + cp .env.example .env + ``` + +2. **Edit `config.toml` to set your API key:** + + ```toml + [server] + api_key = "your-secret-api-key-change-this" + ``` + + **IMPORTANT**: Change the default API key in production! + +3. **Start the service:** + + ```bash + docker compose up -d + ``` + +4. **Verify the service is running:** + + ```bash + curl http://localhost:8080/health + ``` + + You should receive a successful health check response. + +## Configuration + +### Environment Variables + +Key environment variables (see [.env.example](.env.example) for full list): + +| Variable | Description | Default | +| ---------------------------------- | -------------------------------- | ----------------------------- | +| `OPENSANDBOX_SERVER_VERSION` | OpenSandbox server image version | `v1.0.5` | +| `OPENSANDBOX_SERVER_PORT_OVERRIDE` | Host port mapping | `8080` | +| `DOCKER_HOST` | Docker socket path | `unix:///var/run/docker.sock` | +| `OPENSANDBOX_SERVER_CPU_LIMIT` | CPU cores limit | `2.0` | +| `OPENSANDBOX_SERVER_MEMORY_LIMIT` | Memory limit | `2G` | + +### Server Configuration + +The main configuration is in [config.toml](config.toml). Key sections: + +- **[server]**: HTTP server settings (host, port, log level, API key) +- **[runtime]**: Runtime type and execd image configuration +- **[docker]**: Docker-specific settings including network mode and security options + +#### Network Modes + +- **bridge** (recommended): Containers have isolated networks, supports multiple sandboxes +- **host**: Containers share host network, only one sandbox instance at a time + +#### Security Features + +- **Capability dropping**: Removes dangerous Linux capabilities from containers +- **Privilege escalation prevention**: Blocks privilege escalation inside containers +- **Process limits**: Controls maximum number of processes per sandbox +- **AppArmor/Seccomp profiles**: Optional security profiles (leave empty for Docker defaults) + +## Usage + +### Basic Sandbox Creation (Python SDK) + +```python +from opensandbox import Sandbox +from datetime import timedelta + +# Create a sandbox with code interpreter +sandbox = await Sandbox.create( + "opensandbox/code-interpreter:v1.0.1", + entrypoint="/opt/opensandbox/code-interpreter.sh", + env={"PYTHON_VERSION": "3.11"}, + timeout=timedelta(minutes=10) +) + +async with sandbox: + # Execute Python code + result = await sandbox.execute( + "python", + "-c", + "print('Hello from OpenSandbox!')" + ) + print(result.stdout) +``` + +### API Authentication + +All API requests require the `X-API-Key` header with the key configured in `config.toml`: + +```bash +curl -H "X-API-Key: your-secret-api-key-change-this" \ + http://localhost:8080/sandboxes +``` + +## Pre-built Images + +OpenSandbox provides several pre-built sandbox images: + +- **opensandbox/code-interpreter**: Multi-language code interpreter (Python, Node.js, Java, Go) +- **opensandbox/vscode**: VS Code Server environment +- **opensandbox/desktop**: Full desktop environment with VNC support +- **opensandbox/playwright**: Browser automation with Playwright +- **opensandbox/chrome**: Chromium browser environment + +## Ports + +| Port | Service | Description | +| ---- | ------------------ | --------------- | +| 8080 | OpenSandbox Server | HTTP API server | + +## Data Persistence + +- **opensandbox_data**: Server data and state + +## Health Check + +The service includes a built-in health check endpoint at `/health`: + +```bash +curl http://localhost:8080/health +``` + +## Security Considerations + +### Docker Socket Access + +This service requires access to the Docker socket (`/var/run/docker.sock`) to create and manage sandbox containers. This is a high-privilege operation. + +**Security implications:** + +- Containers with Docker socket access can potentially control the host system +- Only deploy in trusted environments +- Consider using Docker-in-Docker or rootless Docker for additional isolation in production + +**Alternatives:** + +- Use Kubernetes runtime instead of Docker runtime (requires Kubernetes cluster) +- Deploy with restricted user permissions and resource quotas + +### API Key Security + +- **Never use the default API key in production** +- Store API keys securely (e.g., using Docker secrets, environment variables from secret managers) +- Rotate API keys regularly +- Limit network exposure (use firewall rules, reverse proxy) + +### Resource Limits + +Always configure appropriate CPU and memory limits to prevent resource exhaustion: + +```yaml +deploy: + resources: + limits: + cpus: '2.0' + memory: 2G +``` + +## Troubleshooting + +### Docker Socket Connection Issues + +**Error**: Failed to initialize Docker service + +**Solution**: + +- Ensure Docker Desktop/Engine is running +- On macOS with Colima: Set `DOCKER_HOST=unix://${HOME}/.colima/default/docker.sock` +- Check Docker socket permissions: `ls -l /var/run/docker.sock` + +### Health Check Failing + +**Error**: Health check timeout + +**Solution**: + +- Check container logs: `docker compose logs opensandbox-server` +- Verify the service started successfully: `docker compose ps` +- Increase `start_period` in docker-compose.yaml if the service needs more time to initialize + +### Sandbox Creation Failures + +**Error**: Failed to create sandbox + +**Solution**: + +- Ensure the execd image is accessible: `docker pull opensandbox/execd:v1.0.5` +- Check available system resources (CPU, memory, disk space) +- Review server logs for detailed error messages + +## License + +This project is part of the OpenSandbox suite. See the main [LICENSE](https://github.com/alibaba/OpenSandbox/blob/main/LICENSE) file for details. + +## References + +- [OpenSandbox GitHub Repository](https://github.com/alibaba/OpenSandbox) +- [OpenSandbox Documentation](https://github.com/alibaba/OpenSandbox/tree/main/docs) +- [Docker Security](https://docs.docker.com/engine/security/) + +## Support + +For issues and questions: + +- [GitHub Issues](https://github.com/alibaba/OpenSandbox/issues) +- [Official Documentation](https://github.com/alibaba/OpenSandbox) diff --git a/apps/opensandbox/README.zh.md b/apps/opensandbox/README.zh.md new file mode 100644 index 0000000..a9ff8ef --- /dev/null +++ b/apps/opensandbox/README.zh.md @@ -0,0 +1,241 @@ +# OpenSandbox + +[English](README.md) | 中文 + +一个通用的 AI 应用沙箱平台,提供多语言 SDK、统一的沙箱 API 以及 Docker/Kubernetes 运行时。适用于代码智能体、GUI 智能体、智能体评估、AI 代码执行和强化学习训练等场景。 + +## 功能特性 + +- **多语言 SDK 支持**:提供 Python、JavaScript/TypeScript、Java/Kotlin 和 Go 客户端 SDK +- **统一的沙箱 API**:为沙箱生命周期、命令执行和文件操作提供一致的接口 +- **多种运行时选项**:支持 Docker 和 Kubernetes 运行时 +- **安全加固**:内置安全特性,包括能力限制、特权提升防护和资源限制 +- **灵活的配置**:支持各种网络模式、资源约束和安全配置 +- **代码解释器**:预构建的镜像,支持 Python、Node.js、Java 和 Go 内核 + +## 快速开始 + +### 前置要求 + +- Docker Engine(Docker 运行时必需) +- Docker Compose +- 足够的权限访问 Docker socket + +> **使用 Colima 的 macOS 用户注意**:您需要在启动 OpenSandbox 之前设置 `DOCKER_HOST` 环境变量: +> +> ```bash +> export DOCKER_HOST="unix://${HOME}/.colima/default/docker.sock" +> ``` + +### 部署 + +1. **复制环境文件并根据需要配置:** + + ```bash + cp .env.example .env + ``` + +2. **编辑 `config.toml` 设置您的 API 密钥:** + + ```toml + [server] + api_key = "your-secret-api-key-change-this" + ``` + + **重要**:在生产环境中必须更改默认的 API 密钥! + +3. **启动服务:** + + ```bash + docker compose up -d + ``` + +4. **验证服务是否运行:** + + ```bash + curl http://localhost:8080/health + ``` + + 您应该收到成功的健康检查响应。 + +## 配置 + +### 环境变量 + +主要环境变量(完整列表见 [.env.example](.env.example)): + +| 变量 | 描述 | 默认值 | +| ---------------------------------- | -------------------------- | ----------------------------- | +| `OPENSANDBOX_SERVER_VERSION` | OpenSandbox 服务器镜像版本 | `v1.0.5` | +| `OPENSANDBOX_SERVER_PORT_OVERRIDE` | 主机端口映射 | `8080` | +| `DOCKER_HOST` | Docker socket 路径 | `unix:///var/run/docker.sock` | +| `OPENSANDBOX_SERVER_CPU_LIMIT` | CPU 核心限制 | `2.0` | +| `OPENSANDBOX_SERVER_MEMORY_LIMIT` | 内存限制 | `2G` | + +### 服务器配置 + +主配置文件为 [config.toml](config.toml)。主要配置部分: + +- **[server]**:HTTP 服务器设置(主机、端口、日志级别、API 密钥) +- **[runtime]**:运行时类型和 execd 镜像配置 +- **[docker]**:Docker 特定设置,包括网络模式和安全选项 + +#### 网络模式 + +- **bridge**(推荐):容器拥有隔离的网络,支持多个沙箱 +- **host**:容器共享主机网络,一次只能运行一个沙箱实例 + +#### 安全特性 + +- **能力限制**:从容器中移除危险的 Linux 能力 +- **特权提升防护**:阻止容器内的特权提升 +- **进程限制**:控制每个沙箱的最大进程数 +- **AppArmor/Seccomp 配置文件**:可选的安全配置文件(留空使用 Docker 默认值) + +## 使用方法 + +### 基本沙箱创建(Python SDK) + +```python +from opensandbox import Sandbox +from datetime import timedelta + +# 创建一个代码解释器沙箱 +sandbox = await Sandbox.create( + "opensandbox/code-interpreter:v1.0.1", + entrypoint="/opt/opensandbox/code-interpreter.sh", + env={"PYTHON_VERSION": "3.11"}, + timeout=timedelta(minutes=10) +) + +async with sandbox: + # 执行 Python 代码 + result = await sandbox.execute( + "python", + "-c", + "print('Hello from OpenSandbox!')" + ) + print(result.stdout) +``` + +### API 认证 + +所有 API 请求都需要在 `X-API-Key` 头中包含 `config.toml` 中配置的密钥: + +```bash +curl -H "X-API-Key: your-secret-api-key-change-this" \ + http://localhost:8080/sandboxes +``` + +## 预构建镜像 + +OpenSandbox 提供了几个预构建的沙箱镜像: + +- **opensandbox/code-interpreter**:多语言代码解释器(Python、Node.js、Java、Go) +- **opensandbox/vscode**:VS Code Server 环境 +- **opensandbox/desktop**:支持 VNC 的完整桌面环境 +- **opensandbox/playwright**:使用 Playwright 进行浏览器自动化 +- **opensandbox/chrome**:Chromium 浏览器环境 + +## 端口 + +| 端口 | 服务 | 描述 | +| ---- | ------------------ | --------------- | +| 8080 | OpenSandbox Server | HTTP API 服务器 | + +## 数据持久化 + +- **opensandbox_data**:服务器数据和状态 + +## 健康检查 + +该服务在 `/health` 端点提供内置的健康检查: + +```bash +curl http://localhost:8080/health +``` + +## 安全注意事项 + +### Docker Socket 访问 + +此服务需要访问 Docker socket(`/var/run/docker.sock`)以创建和管理沙箱容器。这是一个高权限操作。 + +**安全影响:** + +- 具有 Docker socket 访问权限的容器可能会控制主机系统 +- 仅在受信任的环境中部署 +- 在生产环境中考虑使用 Docker-in-Docker 或 rootless Docker 以获得额外的隔离 + +**替代方案:** + +- 使用 Kubernetes 运行时而不是 Docker 运行时(需要 Kubernetes 集群) +- 使用受限用户权限和资源配额进行部署 + +### API 密钥安全 + +- **切勿在生产环境中使用默认 API 密钥** +- 安全存储 API 密钥(例如,使用 Docker secrets、密钥管理器的环境变量) +- 定期轮换 API 密钥 +- 限制网络暴露(使用防火墙规则、反向代理) + +### 资源限制 + +始终配置适当的 CPU 和内存限制以防止资源耗尽: + +```yaml +deploy: + resources: + limits: + cpus: '2.0' + memory: 2G +``` + +## 故障排除 + +### Docker Socket 连接问题 + +**错误**:Failed to initialize Docker service + +**解决方案**: + +- 确保 Docker Desktop/Engine 正在运行 +- 在使用 Colima 的 macOS 上:设置 `DOCKER_HOST=unix://${HOME}/.colima/default/docker.sock` +- 检查 Docker socket 权限:`ls -l /var/run/docker.sock` + +### 健康检查失败 + +**错误**:Health check timeout + +**解决方案**: + +- 检查容器日志:`docker compose logs opensandbox-server` +- 验证服务是否成功启动:`docker compose ps` +- 如果服务需要更多时间初始化,增加 docker-compose.yaml 中的 `start_period` + +### 沙箱创建失败 + +**错误**:Failed to create sandbox + +**解决方案**: + +- 确保 execd 镜像可访问:`docker pull opensandbox/execd:v1.0.5` +- 检查可用的系统资源(CPU、内存、磁盘空间) +- 查看服务器日志以获取详细的错误消息 + +## 许可证 + +此项目是 OpenSandbox 套件的一部分。详情请参阅主 [LICENSE](https://github.com/alibaba/OpenSandbox/blob/main/LICENSE) 文件。 + +## 参考资料 + +- [OpenSandbox GitHub 仓库](https://github.com/alibaba/OpenSandbox) +- [OpenSandbox 文档](https://github.com/alibaba/OpenSandbox/tree/main/docs) +- [Docker 安全](https://docs.docker.com/engine/security/) + +## 支持 + +如有问题和疑问: + +- [GitHub Issues](https://github.com/alibaba/OpenSandbox/issues) +- [官方文档](https://github.com/alibaba/OpenSandbox) diff --git a/apps/opensandbox/config.toml b/apps/opensandbox/config.toml new file mode 100644 index 0000000..51bc89c --- /dev/null +++ b/apps/opensandbox/config.toml @@ -0,0 +1,46 @@ +# OpenSandbox Server Configuration +# This is a minimal Docker runtime configuration for running OpenSandbox + +[server] +host = "0.0.0.0" +port = 8080 +log_level = "INFO" +# IMPORTANT: Change this API key in production! +api_key = "opensandbox-change-this-secret-key" + +[runtime] +type = "docker" +# The execd image that will be injected into sandbox containers +execd_image = "opensandbox/execd:v1.0.5" + +[docker] +# Network mode for sandbox containers +# - "host": containers share host network (only one sandbox at a time) +# - "bridge": containers have isolated networks (recommended for multiple sandboxes) +network_mode = "bridge" + +# Security hardening options +# Drop dangerous capabilities +drop_capabilities = [ + "AUDIT_WRITE", + "MKNOD", + "NET_ADMIN", + "NET_RAW", + "SYS_ADMIN", + "SYS_MODULE", + "SYS_PTRACE", + "SYS_TIME", + "SYS_TTY_CONFIG" +] + +# Prevent privilege escalation inside containers +no_new_privileges = true + +# AppArmor profile (optional, leave empty for Docker default) +apparmor_profile = "" + +# Seccomp profile (optional, leave empty for Docker default) +seccomp_profile = "" + +# Maximum number of processes per sandbox container +pids_limit = 512 diff --git a/apps/opensandbox/docker-compose.yaml b/apps/opensandbox/docker-compose.yaml new file mode 100644 index 0000000..47a4bf8 --- /dev/null +++ b/apps/opensandbox/docker-compose.yaml @@ -0,0 +1,48 @@ +# OpenSandbox Docker Compose Configuration +# A general-purpose sandbox platform for AI applications +# Provides multi-language SDKs, unified sandbox APIs, and Docker/Kubernetes runtimes + +x-defaults: &defaults + restart: unless-stopped + logging: + driver: json-file + options: + max-size: 100m + max-file: "3" + +services: + opensandbox-server: + <<: *defaults + image: ${GLOBAL_REGISTRY:-}opensandbox/server:${OPENSANDBOX_SERVER_VERSION:-v1.0.5} + ports: + - "${OPENSANDBOX_SERVER_PORT_OVERRIDE:-8080}:8080" + volumes: + # Mount Docker socket to enable sandbox creation + - /var/run/docker.sock:/var/run/docker.sock + # Configuration file + - ./config.toml:/etc/opensandbox/config.toml:ro + # Data persistence + - opensandbox_data:/app/data + environment: + - TZ=${TZ:-UTC} + # Server configuration + - SANDBOX_CONFIG_PATH=/etc/opensandbox/config.toml + # Docker runtime settings (override config.toml via env vars if needed) + - DOCKER_HOST=${DOCKER_HOST:-unix:///var/run/docker.sock} + healthcheck: + test: ["CMD", "curl", "-f", "http://localhost:8080/health"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 40s + deploy: + resources: + limits: + cpus: ${OPENSANDBOX_SERVER_CPU_LIMIT:-2.0} + memory: ${OPENSANDBOX_SERVER_MEMORY_LIMIT:-2G} + reservations: + cpus: ${OPENSANDBOX_SERVER_CPU_RESERVATION:-1.0} + memory: ${OPENSANDBOX_SERVER_MEMORY_RESERVATION:-1G} + +volumes: + opensandbox_data: diff --git a/src/elasticsearch/.env.example b/src/elasticsearch/.env.example index 527958e..9c559e6 100644 --- a/src/elasticsearch/.env.example +++ b/src/elasticsearch/.env.example @@ -1,5 +1,5 @@ # Elasticsearch version -ELASTICSEARCH_VERSION=9.2.0 +ELASTICSEARCH_VERSION=9.3.0 # Timezone TZ=UTC diff --git a/src/elasticsearch/docker-compose.yaml b/src/elasticsearch/docker-compose.yaml index 596ff99..2eecae7 100644 --- a/src/elasticsearch/docker-compose.yaml +++ b/src/elasticsearch/docker-compose.yaml @@ -9,7 +9,7 @@ x-defaults: &defaults services: elasticsearch: <<: *defaults - image: docker.elastic.co/elasticsearch/elasticsearch-wolfi:${ELASTICSEARCH_VERSION:-9.2.0} + image: docker.elastic.co/elasticsearch/elasticsearch-wolfi:${ELASTICSEARCH_VERSION:-9.3.0} ports: - "${ELASTICSEARCH_HTTP_PORT_OVERRIDE:-9200}:9200" - "${ELASTICSEARCH_TRANSPORT_PORT_OVERRIDE:-9300}:9300" @@ -42,7 +42,8 @@ services: cpus: ${ELASTICSEARCH_CPU_RESERVATION:-0.50} memory: ${ELASTICSEARCH_MEMORY_RESERVATION:-1G} healthcheck: - test: ["CMD-SHELL", "curl -f http://localhost:9200/_cluster/health || exit 1"] + test: + ["CMD-SHELL", "curl -f http://localhost:9200/_cluster/health || exit 1"] interval: 30s timeout: 10s retries: 5 diff --git a/src/gitlab/.env.example b/src/gitlab/.env.example index 4ea3a3d..db3aac1 100644 --- a/src/gitlab/.env.example +++ b/src/gitlab/.env.example @@ -1,5 +1,5 @@ # GitLab Version -GITLAB_VERSION=18.4.0-ce.0 +GITLAB_VERSION=18.8.3-ce.0 # GitLab ports GITLAB_PORT_OVERRIDE_HTTPS=5443 diff --git a/src/gitlab/docker-compose.yaml b/src/gitlab/docker-compose.yaml index d88bc65..3df3eec 100644 --- a/src/gitlab/docker-compose.yaml +++ b/src/gitlab/docker-compose.yaml @@ -9,7 +9,7 @@ x-defaults: &defaults services: gitlab: <<: *defaults - image: ${GLOBAL_REGISTRY:-}gitlab/gitlab-ce:${GITLAB_VERSION:-18.4.0-ce.0} + image: ${GLOBAL_REGISTRY:-}gitlab/gitlab-ce:${GITLAB_VERSION:-18.8.3-ce.0} ports: - "${GITLAB_PORT_OVERRIDE_HTTPS:-5443}:443" - "${GITLAB_PORT_OVERRIDE_HTTP:-5080}:80" diff --git a/src/grafana/.env.example b/src/grafana/.env.example index 2532378..96b88a6 100644 --- a/src/grafana/.env.example +++ b/src/grafana/.env.example @@ -1,7 +1,7 @@ # Grafana Environment Variables # Grafana image version -GRAFANA_VERSION=12.1.1 +GRAFANA_VERSION=12.3.2 # Host port mapping (maps to Grafana port 3000 in container) GRAFANA_PORT_OVERRIDE=3000 diff --git a/src/grafana/docker-compose.yaml b/src/grafana/docker-compose.yaml index 1a78d39..01cb3b0 100644 --- a/src/grafana/docker-compose.yaml +++ b/src/grafana/docker-compose.yaml @@ -9,7 +9,7 @@ x-defaults: &defaults services: grafana: <<: *defaults - image: ${GLOBAL_REGISTRY:-}grafana/grafana:${GRAFANA_VERSION:-12.1.1} + image: ${GLOBAL_REGISTRY:-}grafana/grafana:${GRAFANA_VERSION:-12.3.2} ports: - "${GRAFANA_PORT_OVERRIDE:-3000}:3000" volumes: @@ -27,7 +27,7 @@ services: - GF_INSTALL_PLUGINS=${GRAFANA_PLUGINS:-} - GF_SERVER_ROOT_URL=${GRAFANA_ROOT_URL:-http://localhost:3000} - GF_SECURITY_SECRET_KEY=${GRAFANA_SECRET_KEY:-} - user: "472:472" # Grafana user + user: "472:472" # Grafana user deploy: resources: limits: @@ -37,7 +37,15 @@ services: cpus: ${GRAFANA_CPU_RESERVATION:-0.25} memory: ${GRAFANA_MEMORY_RESERVATION:-256M} healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3000/api/health"] + test: + [ + "CMD", + "wget", + "--no-verbose", + "--tries=1", + "--spider", + "http://localhost:3000/api/health", + ] interval: 30s timeout: 10s retries: 3 diff --git a/src/jenkins/.env.example b/src/jenkins/.env.example index 28c72fe..676a221 100644 --- a/src/jenkins/.env.example +++ b/src/jenkins/.env.example @@ -1,5 +1,5 @@ # Jenkins version -JENKINS_VERSION=2.486-lts-jdk17 +JENKINS_VERSION=2.541-lts-jdk17 # Timezone TZ=UTC diff --git a/src/jenkins/docker-compose.yaml b/src/jenkins/docker-compose.yaml index d1cc7f1..b7e2b43 100644 --- a/src/jenkins/docker-compose.yaml +++ b/src/jenkins/docker-compose.yaml @@ -9,7 +9,7 @@ x-defaults: &defaults services: jenkins: <<: *defaults - image: ${GLOBAL_REGISTRY:-}jenkins/jenkins:${JENKINS_VERSION:-2.486-lts-jdk17} + image: ${GLOBAL_REGISTRY:-}jenkins/jenkins:${JENKINS_VERSION:-2.541-lts-jdk17} ports: - "${JENKINS_HTTP_PORT_OVERRIDE:-8080}:8080" - "${JENKINS_AGENT_PORT_OVERRIDE:-50000}:50000" diff --git a/src/minio/docker-compose.yaml b/src/minio/docker-compose.yaml index 8bde2e3..848d718 100644 --- a/src/minio/docker-compose.yaml +++ b/src/minio/docker-compose.yaml @@ -35,6 +35,5 @@ services: cpus: ${MINIO_CPU_RESERVATION:-0.25} memory: ${MINIO_MEMORY_RESERVATION:-512M} - volumes: minio_data: diff --git a/src/nginx/.env.example b/src/nginx/.env.example index 4361ff4..29da92c 100644 --- a/src/nginx/.env.example +++ b/src/nginx/.env.example @@ -1,5 +1,5 @@ # Nginx version -NGINX_VERSION=1.29.2-alpine3.22 +NGINX_VERSION=1.28.2-alpine3.22 # Timezone TZ=UTC diff --git a/src/nginx/docker-compose.yaml b/src/nginx/docker-compose.yaml index 550c07b..0281cfb 100644 --- a/src/nginx/docker-compose.yaml +++ b/src/nginx/docker-compose.yaml @@ -9,7 +9,7 @@ x-defaults: &defaults services: nginx: <<: *defaults - image: ${GLOBAL_REGISTRY:-}nginx:${NGINX_VERSION:-1.29.2-alpine3.22} + image: ${GLOBAL_REGISTRY:-}nginx:${NGINX_VERSION:-1.28.2-alpine3.22} ports: - "${NGINX_HTTP_PORT_OVERRIDE:-80}:80" - "${NGINX_HTTPS_PORT_OVERRIDE:-443}:443" @@ -34,7 +34,15 @@ services: cpus: ${NGINX_CPU_RESERVATION:-0.25} memory: ${NGINX_MEMORY_RESERVATION:-64M} healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:80/"] + test: + [ + "CMD", + "wget", + "--no-verbose", + "--tries=1", + "--spider", + "http://localhost:80/", + ] interval: 30s timeout: 10s retries: 3 diff --git a/src/ollama/.env.example b/src/ollama/.env.example index 15d273b..b451015 100644 --- a/src/ollama/.env.example +++ b/src/ollama/.env.example @@ -1,5 +1,5 @@ # Ollama Version -OLLAMA_VERSION=0.12.10 +OLLAMA_VERSION=0.14.3 # Port to bind to on the host machine OLLAMA_PORT_OVERRIDE=11434 diff --git a/src/ollama/docker-compose.yaml b/src/ollama/docker-compose.yaml index 9bf6b4f..467dabe 100644 --- a/src/ollama/docker-compose.yaml +++ b/src/ollama/docker-compose.yaml @@ -9,7 +9,7 @@ x-defaults: &defaults services: ollama: <<: *defaults - image: ${GLOBAL_REGISTRY:-}ollama/ollama:${OLLAMA_VERSION:-0.12.10} + image: ${GLOBAL_REGISTRY:-}ollama/ollama:${OLLAMA_VERSION:-0.14.3} ports: - "${OLLAMA_PORT_OVERRIDE:-11434}:11434" volumes: @@ -18,7 +18,15 @@ services: - TZ=${TZ:-UTC} ipc: host healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:11434/"] + test: + [ + "CMD", + "wget", + "--no-verbose", + "--tries=1", + "--spider", + "http://localhost:11434/", + ] interval: 30s timeout: 10s retries: 3 @@ -33,8 +41,8 @@ services: memory: ${OLLAMA_MEMORY_RESERVATION:-4G} devices: - driver: nvidia - device_ids: [ '0' ] - capabilities: [ gpu ] + device_ids: ["0"] + capabilities: [gpu] volumes: ollama_models: diff --git a/src/prometheus/.env.example b/src/prometheus/.env.example index 673b0f3..0f8e10b 100644 --- a/src/prometheus/.env.example +++ b/src/prometheus/.env.example @@ -1,7 +1,7 @@ # Prometheus Environment Variables # Prometheus image version -PROMETHEUS_VERSION=v3.5.0 +PROMETHEUS_VERSION=v3.5.1 # Host port mapping (maps to Prometheus port 9090 in container) PROMETHEUS_PORT_OVERRIDE=9090 diff --git a/src/prometheus/docker-compose.yaml b/src/prometheus/docker-compose.yaml index fd9bc84..f06d2b5 100644 --- a/src/prometheus/docker-compose.yaml +++ b/src/prometheus/docker-compose.yaml @@ -9,7 +9,7 @@ x-defaults: &defaults services: prometheus: <<: *defaults - image: ${GLOBAL_REGISTRY:-}prom/prometheus:${PROMETHEUS_VERSION:-v3.5.0} + image: ${GLOBAL_REGISTRY:-}prom/prometheus:${PROMETHEUS_VERSION:-v3.5.1} ports: - "${PROMETHEUS_PORT_OVERRIDE:-9090}:9090" volumes: @@ -19,20 +19,20 @@ services: # - ./prometheus.yml:/etc/prometheus/prometheus.yml # - ./rules:/etc/prometheus/rules command: - - '--config.file=/etc/prometheus/prometheus.yml' - - '--storage.tsdb.path=/prometheus' - - '--web.console.libraries=/etc/prometheus/console_libraries' - - '--web.console.templates=/etc/prometheus/consoles' - - '--storage.tsdb.retention.time=${PROMETHEUS_RETENTION_TIME:-15d}' - - '--storage.tsdb.retention.size=${PROMETHEUS_RETENTION_SIZE:-}' - - '--web.enable-lifecycle' - - '--web.enable-admin-api' - - '--web.external-url=${PROMETHEUS_EXTERNAL_URL:-http://localhost:9090}' + - "--config.file=/etc/prometheus/prometheus.yml" + - "--storage.tsdb.path=/prometheus" + - "--web.console.libraries=/etc/prometheus/console_libraries" + - "--web.console.templates=/etc/prometheus/consoles" + - "--storage.tsdb.retention.time=${PROMETHEUS_RETENTION_TIME:-15d}" + - "--storage.tsdb.retention.size=${PROMETHEUS_RETENTION_SIZE:-}" + - "--web.enable-lifecycle" + - "--web.enable-admin-api" + - "--web.external-url=${PROMETHEUS_EXTERNAL_URL:-http://localhost:9090}" environment: - TZ=${TZ:-UTC} - PROMETHEUS_RETENTION_TIME=${PROMETHEUS_RETENTION_TIME:-15d} - PROMETHEUS_RETENTION_SIZE=${PROMETHEUS_RETENTION_SIZE:-} - user: "65534:65534" # nobody user + user: "65534:65534" # nobody user deploy: resources: limits: @@ -42,7 +42,15 @@ services: cpus: ${PROMETHEUS_CPU_RESERVATION:-0.25} memory: ${PROMETHEUS_MEMORY_RESERVATION:-512M} healthcheck: - test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:9090/-/healthy"] + test: + [ + "CMD", + "wget", + "--no-verbose", + "--tries=1", + "--spider", + "http://localhost:9090/-/healthy", + ] interval: 30s timeout: 10s retries: 3 diff --git a/src/rabbitmq/.env.example b/src/rabbitmq/.env.example index 9db002a..785b9c0 100644 --- a/src/rabbitmq/.env.example +++ b/src/rabbitmq/.env.example @@ -1,5 +1,5 @@ # RabbitMQ Version -RABBITMQ_VERSION=4.1.4-management-alpine +RABBITMQ_VERSION=4.2.3-management-alpine # RabbitMQ credentials RABBITMQ_DEFAULT_USER=admin diff --git a/src/rabbitmq/docker-compose.yaml b/src/rabbitmq/docker-compose.yaml index c2587a7..c0bdac8 100644 --- a/src/rabbitmq/docker-compose.yaml +++ b/src/rabbitmq/docker-compose.yaml @@ -9,7 +9,7 @@ x-defaults: &defaults services: rabbitmq: <<: *defaults - image: ${GLOBAL_REGISTRY:-}rabbitmq:${RABBITMQ_VERSION:-4.1.4-management-alpine} + image: ${GLOBAL_REGISTRY:-}rabbitmq:${RABBITMQ_VERSION:-4.2.3-management-alpine} volumes: - rabbitmq_data:/var/lib/rabbitmq ports: