Docker Registry Manager for interacting with multiple docker registries

Docker Registry Manager is a golang written, beego driven, web interface for interacting with multiple docker registries.

https://github.com/snagles/docker-registry-manager

Current Features

  1. Support for docker distribution registry v2 (https and http)
  2. Viewable image/tags stages, commands, and sizes.
  3. Bulk deletes of tags
  4. Registry activity logs
  5. Comparison of registry images to public Dockerhub images

Planned Features

  1. Authentication for users with admin/read only rights using TLS
  2. Global search
  3. List image shared layers
  4. Event timeline

Share This:

Recursive and authoritative DNS server in #golang including DNSSEC and DNS-over-TLS

A full-fledged DNS solution, including DNSSEC and DNS-over-TLS

https://github.com/tenta-browser/tenta-dns

Tenta DNS provides a DNS server suite comprising an authoritative DNS server, recursive DNS server, and NSnitch, which provides a DNS server capable of recording the IP address of requests made against it and then makes that IP available via a JSON API. Tenta DNS also provides lookups for Tor Node membership, DNS blacklist status and Geo data. Finally, Tenta DNS includes built-in BGP integration, offering single engine convenience for DNS anycasting. We welcome people to use our hosted versions of recursive resolver and NSnitch.

Share This:

High-Performance Serverless event and data processing platform in #golang

Nuclio is a new serverless project, derived from iguazio’s elastic data life-cycle management service for high-performance events and data processing. You can use nuclio as a standalone binary (for example, for IoT devices), package it within a Docker container or integrate it with a container orchestrator like Kubernetes.

https://github.com/nuclio/nuclio

nuclio is extremely fast. A single function instance can process hundreds of thousands of HTTP requests or data records per second. This is 10 – 100 times faster than some other frameworks. See nuclio Architecture to learn how it works and watch a technical presentation to the CNCF with demo (slides can be found here).

Share This:

Fast event-loop networking for #golang

Evio is an event loop networking framework that is fast and small. It makes direct epoll and kqueue syscalls rather than using the standard Go net package, and works in a similar manner as libuv and libevent.

https://github.com/tidwall/evio

The goal of this project is to create a server framework for Go that performs on par with Redis and Haproxy for packet handling. My hope is to use this as a foundation for Tile38 and a future L7 proxy for Go… and a bunch of other stuff.

Just to be perfectly clear

This project is not intended to be a general purpose replacement for the standard Go net package or goroutines. It’s for building specialized services such as key value stores, L7 proxies, static websites, etc.

You would not want to use this framework if you need to handle long-running requests (milliseconds or more). For example, a web api that needs to connect to a mongo database, authenticate, and respond; just use the Go net/http package instead.

There are many popular event loop based applications in the wild such as Nginx, Haproxy, Redis, and Memcached. All of these are single-threaded and very fast and written in C.

The reason I wrote this framework is so I can build certain network services that perform like the C apps above, but I also want to continue to work in Go.

Features

  • Fast single-threaded event loop
  • Simple API
  • Low memory usage
  • Supports tcp4, tcp6, and unix sockets
  • Allows multiple network binding on the same event loop
  • Flexible ticker event
  • Fallback for non-epoll/kqueue operating systems by simulating events with the net package
  • Ability to wake up connections from long running background operations

https://github.com/tidwall/evio

Share This:

An alternative server framework for #golang that uses I/O multiplexing

Shiny is an alternative server framework for Go that uses I/O multiplexing. It makes direct epoll and kqueue syscalls rather than the standard Go net package.

https://github.com/tidwall/shiny

It uses the Reactor pattern where the server waits for the OS to signal a readiness event. This is similar to the way that libuvlibeventhaproxynginxredis, and other high performance servers work.

The goal of this project is to create a simple server framework for Go that performs on par with Redis and Haproxy for packet handling, but without having to interop with Cgo. My hope is to use this as a foundation for Tile38 and other projects. Early benchmarks are exceeding my expectations.

This project is a work in progress. The API will likely change between now and Tile38 v2.0 release.

Features

  • Simple API. Only one entrypoint and four event functions
  • Low memory usage
  • Very fast single-threaded support
  • Support for non-epoll/kqueue operating systems by simulating events with the net package.

Share This:

#golang based tool for managing #Kubernetes charts

Helm is a tool for managing Kubernetes charts. Charts are packages of pre-configured Kubernetes resources.

https://github.com/kubernetes/helm

Use Helm to…

  • Find and use popular software packaged as Kubernetes charts
  • Share your own applications as Kubernetes charts
  • Create reproducible builds of your Kubernetes applications
  • Intelligently manage your Kubernetes manifest files
  • Manage releases of Helm packages

Share This:

#golang RESTful API Boilerplate with JWT Authentication backed by PostgreSQL

Go Restful API Boilerplate

Easily extendible RESTful API boilerplate aiming to follow idiomatic go and best practice.

https://github.com/dhax/go-base

Features

  • Configuration using viper
  • CLI features using cobra
  • dep for dependency management
  • PostgreSQL support including migrations using go-pg
  • Structured logging with Logrus
  • Routing with chi router and middleware
  • JWT Authentication using jwt-go in combination with passwordless email authentication (could be easily extended to use passwords instead)
  • Request data validation using ozzo-validation
  • HTML emails with gomail

Share This:

#golang tool to modify struct field tags

Golang tool to modify/update field tags in structs. gomodifytags makes it easy to update, add or delete the tags in a struct field. You can easily add new tags, update existing tags (such as appending a new key, i.e: dbxml, etc..) or remove existing tags. It also allows you to add and remove tag options. It’s intended to be used by an editor, but also has modes to run it from the terminal. Read the usage section below for more information.

https://github.com/fatih/gomodifytags

Share This:

#golang implementation of Data At Rest Encryption

Go implementation of the Data At Rest Encryption (DARE) format.

https://github.com/minio/sio

It is a common problem to store data securely – especially on untrusted remote storage. One solution to this problem is cryptography. Before data is stored it is encrypted to ensure that the data is confidential. Unfortunately encrypting data is not enough to prevent more sophisticated attacks. Anyone who has access to the stored data can try to manipulate the data – even if the data is encrypted.

To prevent these kinds of attacks the data must be encrypted in a tamper-resistant way. This means an attacker should not be able to:

  • Read the stored data – this is achieved by modern encryption algorithms.
  • Modify the data by changing parts of the encrypted data.
  • Rearrange or reorder parts of the encrypted data.

Authenticated encryption schemes (AE) – like AES-GCM or ChaCha20-Poly1305 – encrypt and authenticate data. Any modification to the encrypted data (ciphertext) is detected while decrypting the data. But even an AE scheme alone is not sufficiently enough to prevent all kinds of data manipulation.

All modern AE schemes produce an authentication tag which is verified after the ciphertext is decrypted. If a large amount of data is decrypted it is not always possible to buffer all decrypted data until the authentication tag is verified. Returning unauthenticated data has the same issues like encrypting data without authentication.

Splitting the data into small chunks fixes the problem of deferred authentication checks but introduces a new one. The chunks can be reordered – e.g. exchanging chunk 1 and 2 – because every chunk is encrypted separately. Therefore the order of the chunks must be encoded somehow into the chunks itself to be able to detect rearranging any number of chunks.

This project specifies a format for en/decrypting an arbitrary data stream and gives some recommendations about how to use and implement data at rest encryption (DARE). Additionall, this project provides a reference implementation in Go.

Share This:

A @golang object document mapper (ODM) for #MongoDB

The mongodm package is an object document mapper (ODM) for mongodb written in Go which uses the official mgo adapter.

https://github.com/zebresel-com/mongodm

Features

  • 1:1, 1:n struct relation mapping and embedding
  • call Save(),Update()Delete() and Populate() directly on document instances
  • call Select()Sort()Limit()Skip() and Populate() directly on querys
  • validation (default and custom with regular expressions) followed by translated error list (customizable)
  • population instruction possible before and after querys
  • Find()FindOne() and FindID()
  • default handling for IDCreatedAtUpdatedAt and Deleted attribute
  • extends *mgo.Collection
  • default localisation (fallback if none specified)
  • database authentication (user and password)
  • multiple database hosts on connection

 

Share This: