diff --git a/src/opensandbox/Makefile b/src/opensandbox/Makefile new file mode 100644 index 0000000..c989a1b --- /dev/null +++ b/src/opensandbox/Makefile @@ -0,0 +1,39 @@ +HELM_RELEASE_NAME ?= opensandbox +HELM_APPLICATION_NAME ?= opensandbox-controller +HELM_NAMESPACE ?= opensandbox-system +HELM_CHART_VERSION ?= 0.1.0 +HELM_VALUES_FILE ?= ./values.yaml +HELM_CHART_URL ?= https://github.com/alibaba/OpenSandbox/releases/download/helm/opensandbox-controller/$(HELM_CHART_VERSION)/opensandbox-controller-$(HELM_CHART_VERSION).tgz + +.PHONY: install +install: + @echo "Downloading OpenSandbox Helm Chart $(HELM_CHART_VERSION)..." + @curl -sL $(HELM_CHART_URL) -o opensandbox-controller-$(HELM_CHART_VERSION).tgz + @echo "Installing OpenSandbox..." + @helm upgrade $(HELM_RELEASE_NAME) ./opensandbox-controller-$(HELM_CHART_VERSION).tgz \ + --install \ + --namespace $(HELM_NAMESPACE) \ + --create-namespace \ + --values $(HELM_VALUES_FILE) > output.log 2>&1 || (cat output.log && exit 1) + @rm -f opensandbox-controller-$(HELM_CHART_VERSION).tgz + @echo "OpenSandbox installed successfully!" + +.PHONY: uninstall +uninstall: + helm uninstall $(HELM_RELEASE_NAME) --namespace $(HELM_NAMESPACE) + +.PHONY: values +values: + @echo "Downloading OpenSandbox Helm Chart $(HELM_CHART_VERSION)..." + @curl -sL $(HELM_CHART_URL) -o opensandbox-controller-$(HELM_CHART_VERSION).tgz + @helm show values ./opensandbox-controller-$(HELM_CHART_VERSION).tgz > $(HELM_APPLICATION_NAME)-values.yaml + @rm -f opensandbox-controller-$(HELM_CHART_VERSION).tgz + @echo "Values saved to $(HELM_APPLICATION_NAME)-values.yaml" + +.PHONY: watch +watch: + bash -c "watch -n 0.5 kubectl get all -n $(HELM_NAMESPACE)" + +.PHONY: logs +logs: + kubectl logs -n $(HELM_NAMESPACE) -l app=$(HELM_APPLICATION_NAME) --tail=100 --follow diff --git a/src/opensandbox/README.md b/src/opensandbox/README.md new file mode 100644 index 0000000..f561e35 --- /dev/null +++ b/src/opensandbox/README.md @@ -0,0 +1,48 @@ +# OpenSandbox + +## Introduction + +OpenSandbox is a sandbox solution developed by Alibaba that provides secure, isolated environments for running applications. It enables users to create and manage sandboxed workloads with fine-grained resource control and security policies. + +## Installation + +To install OpenSandbox, run: + +```bash +make install +``` + +This will: + +1. Download the OpenSandbox Helm Chart (version 0.1.0) from GitHub Release +2. Install the OpenSandbox controller in the `opensandbox-system` namespace +3. Create the namespace if it doesn't exist + +## Usage + +After installation, verify the deployment: + +```bash +kubectl get pods -n opensandbox-system +``` + +Check the controller logs: + +```bash +kubectl logs -n opensandbox-system -l app=opensandbox-controller +``` + +## Version Information + +- **Chart Version:** 0.1.0 +- **App Version:** 0.1.0 +- **Controller Image:** `sandbox-registry.cn-zhangjiakou.cr.aliyuncs.com/opensandbox/controller:v0.1.0` +- **Release Date:** 2026-03-03 + +## Uninstallation + +To uninstall OpenSandbox: + +```bash +make uninstall +``` diff --git a/src/opensandbox/README.zh.md b/src/opensandbox/README.zh.md new file mode 100644 index 0000000..403087b --- /dev/null +++ b/src/opensandbox/README.zh.md @@ -0,0 +1,48 @@ +# OpenSandbox + +## 简介 + +OpenSandbox 是阿里巴巴开发的沙箱解决方案,为运行应用程序提供安全、隔离的环境。它使用户能够创建和管理具有细粒度资源控制和安全策略的沙箱工作负载。 + +## 安装 + +要安装 OpenSandbox,请运行: + +```bash +make install +``` + +这将: + +1. 从 GitHub Release 下载 OpenSandbox Helm Chart(版本 0.1.0) +2. 在 `opensandbox-system` 命名空间中安装 OpenSandbox 控制器 +3. 如果命名空间不存在,则自动创建 + +## 使用 + +安装后,验证部署: + +```bash +kubectl get pods -n opensandbox-system +``` + +查看控制器日志: + +```bash +kubectl logs -n opensandbox-system -l app=opensandbox-controller +``` + +## 版本信息 + +- **Chart 版本:** 0.1.0 +- **应用版本:** 0.1.0 +- **控制器镜像:** `sandbox-registry.cn-zhangjiakou.cr.aliyuncs.com/opensandbox/controller:v0.1.0` +- **发布日期:** 2026-03-03 + +## 卸载 + +要卸载 OpenSandbox: + +```bash +make uninstall +``` diff --git a/src/opensandbox/values.yaml b/src/opensandbox/values.yaml new file mode 100644 index 0000000..b899dc4 --- /dev/null +++ b/src/opensandbox/values.yaml @@ -0,0 +1,30 @@ +replicaCount: 1 + +imagePullSecrets: [] +nameOverride: '' +fullnameOverride: '' + +serviceAccount: + create: true + annotations: {} + name: '' + +podAnnotations: {} + +podSecurityContext: {} + +securityContext: {} + +resources: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 100m + memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {}