cleanstart/wave

Verified Publisher

By CleanStart

•Updated about 11 hours ago

Secure by Design, Built for Speed, Hardened Container Images on a minimal base CleanStart OS.

Image
Developer tools
0

50K+

cleanstart/wave repository overview

Container Documentation for Wave

Wave is a high-performance container runtime environment optimized for enterprise deployments. It provides a secure, scalable platform for running containerized applications with advanced monitoring, security features, and deployment flexibility. Ideal for microservices architectures, cloud-native applications, and DevOps pipelines.

šŸ“Œ Base Foundation: Security-hardened, minimal base OS designed for enterprise containerized environments from Registry.Example Registry.

Key Features Core capabilities and strengths of this container

  • Optimized container runtime environment
  • Security-hardened base configuration
  • Enterprise-ready deployment capabilities
  • Multi-architecture support and compatibility

Common Use Cases Typical scenarios where this container excels

  • Application deployment and hosting
  • Microservices architecture components
  • Development and testing environments
  • Production workload execution

Pull Latest Image Download the container image from the registry

docker pull cleanstart/wave:latest
docker pull cleanstart/wave:latest-dev

Basic Run Run the container with basic configuration

docker run -it --name wave-test cleanstart/wave:latest-dev

Production Deployment Deploy with production security settings

docker run -d --name wave-prod \
  --read-only \
  --security-opt=no-new-privileges \
  --user 1000:1000 \
  cleanstart/wave:latest

Environment Variables Configuration options available through environment variables

VariableDefaultDescription
PATH/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/binSystem PATH configuration
HOME/home/userUser home directory
USERuserDefault username
SHELL/bin/shDefault shell

Security Best Practices Recommended security configurations and practices

  • Use specific image tags for production (avoid latest)
  • Configure resource limits: memory and CPU constraints
  • Enable read-only root filesystem when possible
  • Run containers with non-root user (--user 1000:1000)
  • Use --security-opt=no-new-privileges flag
  • Regularly update container images for security patches
  • Implement proper network segmentation
  • Monitor container metrics for anomalies

Kubernetes Security Context Recommended security context for Kubernetes deployments

securityContext:
  runAsNonRoot: true
  runAsUser: 1000
  runAsGroup: 1000
  readOnlyRootFilesystem: true
  allowPrivilegeEscalation: false
  capabilities:
    drop: ["ALL"]

⁠Documentation Resources

Essential links and resources for further information

CleanStart Images: https://images.cleanstart.com/⁠

Community Images:
Docker Hub: https://hub.docker.com/u/cleanstart⁠
GitHub: https://github.com/cleanstart-containers⁠
AWS ECR Public Gallery: https://gallery.ecr.aws/cleanstart/⁠

Presence on Social Media:
Community: https://www.linkedin.com/groups/18324021/⁠
YouTube: https://www.youtube.com/@CleanStartOfficial⁠

Contribute to Container Use Cases: https://github.com/cleanstart-dev/cleanstart-use-cases/⁠

Tag summary

Content type

Image

Digest

sha256:2bd4c38c7…

Size

37.3 MB

Last updated

about 11 hours ago

docker pull cleanstart/wave:0.11.0-amd64