I'm also interested in the user experience of setupless container execution. Containers have greatly improved program distribution, but serverless container cloud runtimes like Google Cloud Run or AWS Lambda still require transferring the container image, creating an executor, and invoking the executor. These cloud services also come with hardware caps like memory limits where if you need more than that, you're back to provisioning a server. I want science researchers for instance to be able to run any computational tool with no setup. Program Explorer is a step in that direction.
You choose a container image, set the args, edit the files you want to have at /run/pe/input, then it gets run in a fresh VM and sends back stdout, stderr, and whatever is in /run/pe/output. No network access.
You can also set env vars and attach a file as stdin for more control. Most flexibility comes from containers with a shell so that you can write a script to run multiple commands.
Currently, you can only pick container images from a predefined list, but suggestions on what to include are welcome. Each run is limited to 1 second (wall clock on a dedicated core) and 1 GB memory as right now the focus is on quick tests/demos.
The files you send and produce are never written to disk and not stored after your request is complete.
MIT licensed at https://github.com/aconz2/program-explorer. Briefly how it works: container images get packed (ahead of time) into an erofs image, a VM is run with cloud-hypervisor, init process unpacks your files and mounts the rootfs, crun runs the container, then pack your output files and exit code etc. (rusage is in there too if you open the JS console). The server is written as a load balancer using pingora so multiple workers could (eventually) be used, but that is a WIP and currently only has one worker.
I have lots of ideas and directions I'd like to take this but wanted to ship something so others could start playing with it. Looking forward to hearing your ideas and feedback!