SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 Go Container Projects
-
If you do kubectl explain deployment than (surprise!) you'll get a description for extensions/v1beta1. Because kubectl explain works the same way, just like kubectl get:
-
Moby
The Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
Project mention: Docker Inc. refuses to patch HIGH vulnerabilities in Docker | news.ycombinator.com | 2024-02-28 -
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
If you're just messing around, just use kind (https://kind.sigs.k8s.io) or minikube if you want VMs (https://minikube.sigs.k8s.io). Both work on ARM-based platforms.
You can also use k3s; it's hella easy to get started with and it works great.
-
dapr
Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge.
Speaking of this has anyone had much experience with Dapr (https://dapr.io/) before?
I always thought this was a particularly interesting approach from Microsoft where they use this pattern to essentially take the complexity of micro services and instead try and keep it as simple as a normal .NET application but (and I think this is the clever part) in both a vendor and language neutral way.
But all of a sudden it means you can start removing all kinds of cruft and random SDKs from your codebase and push almost all of your interactions with the outside world into something like this .
-
Did something happen to the Apache 2 rancher? https://github.com/rancher/rancher/blob/v2.7.5/LICENSE RKE2 is similarly Apache 2: https://github.com/rancher/rke2/blob/v1.26.7%2Brke2r1/LICENS...
-
Project mention: Signing container images: Comparing Sigstore, Notary, and Docker Content Trust | dev.to | 2023-09-26
Now that you know a little more about Cosign, Notary, and DCT, we will take it one step further by using one of these tools: Cosign. For this example, we will use the simple Docker registry:2 reference image to run a simple registry. In a real-world scenario, a managed registry such as Harbor, Amazon ECR, Docker Hub, etc.
-
Project mention: Exploring 5 Docker Alternatives: Containerization Choices for 2024 | dev.to | 2024-03-18
Podman
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Project mention: General Docker Troubleshooting, Best Practices & Where to Go From Here | dev.to | 2024-01-19Trivy. A Simple and Comprehensive Vulnerability Scanner for Containers.
-
Pulumi
Pulumi - Infrastructure as Code in any programming language. Build infrastructure intuitively on any cloud using familiar languages 🚀
Infrastructure as Code (IaC) is an important part of any true hosting operation in the public cloud. Each of these platforms has their own IaC solution, e.g. AWS CloudFormation. But they also support popular open-source IaC tools like Pulumi or Terraform. A category of tools that also needs to be discussed is API gateways and other app-specific load balancers. There are applications for internal consumption, which can be called microservices if you have a lot of them. And often microservices use advanced networking options such as a service mesh instead of just the native private network offered by a VPC.
-
Project mention: Cisco to Acquire Cloud Native Networking and Security Leader Isovalent | news.ycombinator.com | 2023-12-21
They would have had to add a few externals to get to Graduated but it's definitely a minority:
-
Lean and Mean Docker containers
Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
And if you want to make the container quickly secure without bloats, maybe give this a try https://github.com/slimtoolkit/slim
-
You might look into CoLima as a way to get started.
https://github.com/abiosoft/colima?tab=readme-ov-file
Its user interface is Docker-like, using containers.
For full desktop, I've only used the commercial app "Parallels", which can set up an Ubuntu desktop for you. Also Fedora and Alpine and Debian I believe.
But
> I don't really have any resources to share. I just know how to boot a vmlinuz with an initramfs using QEMU, and decided to download the Linux kernel source code and try compiling it.
I highly recommend working through Linux from Scratch and possibly the Gentoo Handbook. It's a journey.
-
Project mention: Exploring 5 Docker Alternatives: Containerization Choices for 2024 | dev.to | 2024-03-18
Containerd and nerdctl
-
Project mention: CVE-2023-1943: Privilege Escalation in kOps using GCE/GCP Provider in Gossip Mode Issue #15539 kubernetes/kops | /r/devopsish | 2023-06-22
-
This does remind me of ctop as well: https://github.com/bcicen/ctop
It also let's you look at containers, resource usage graphs, their logs and even do some actions through a TUI.
-
Isn't gVisor kind of this as well?
"gVisor is an application kernel for containers. It limits the host kernel surface accessible to the application while still giving the application access to all the features it expects. Unlike most kernels, gVisor does not assume or require a fixed set of physical resources; instead, it leverages existing host kernel functionality and runs as a normal process. In other words, gVisor implements Linux by way of Linux."
-
Project mention: You've just inherited a legacy C++ codebase, now what? | news.ycombinator.com | 2024-02-29
A nice middle ground is using a tool like Google's Skaffold, which provides "Bazel-like" capabilities for composing Docker images and tagging them based on a number of strategies, including file manifests. In my case, I also use build args to explicitly set versions of external dependencies.
While I am in a Typescript environment with this setup at the moment, my personal experience that Skaffold with Docker has a lighter implementation and maintenance overhead than Bazel. (You also get the added benefit of easy deployment and automatic rebuilds.)
I quite liked using Bazel in a small Golang monorepo, but I ran into pain when trying to do things like include third-party pre-compiled binaries in the Docker builds, because of the unusual build rules convention. The advantage of Skaffold is it provides a thin build/tag/deploy/verify layer over Docker and other container types. Might be worth a look!
Kudos to the Google team building it! https://skaffold.dev
-
Project mention: Using AKS for hosting ADO agent and using it to build and test as containers | /r/azuredevops | 2023-05-09
If all you need to do is build container, you can use https://github.com/GoogleContainerTools/kaniko
-
I can speak to this. Containers, and by extension k8s, break a well known security boundary that has existed for a very long time - whether you are using a real (hardware) server or a virtual machine on the cloud if you pop that instance/server generally speaking you only have access to that server. Yeh, you might find a db config with connection details if you landed on say a web app host but in general you still have to work to start popping the next N servers.
That's not the case when you are running in k8s and the last container breakout was just announced ~1 month ago: https://github.com/opencontainers/runc/security/advisories/G... .
At the end of the day it is simply not a security boundary. It can solve other problems but not security ones.
-
Project mention: I looked through attacks in my access logs. Here's what I found | news.ycombinator.com | 2024-01-28
Besides pointing pentester tools like metasploit at yourself, there are some nice scanners out there.
-
Project mention: Nix is a better Docker image builder than Docker's image builder | news.ycombinator.com | 2024-03-15
The fact that I couldn't point to one page on the docs that shows the tl;dr or the what problem is this solving
https://docs.dagger.io/quickstart/562821/hello just emits "Hello, world!" which is fantastic if you're writing a programming language but less helpful if you're trying to replace a CI/CD pipeline. Then, https://docs.dagger.io/quickstart/292472/arguments doubles down on that fallacy by going whole hog into "if you need printf in your pipline, dagger's got your back". The subsequent pages have a lot of english with little concrete examples of what's being shown.
I summarized my complaint in the linked thread as "less cowsay in the examples" but to be honest there are upteen bazillion GitHub Actions out in the world, not the very least of which your GHA pipelines use some https://github.com/dagger/dagger/blob/v0.10.2/.github/workfl... https://github.com/dagger/dagger/blob/v0.10.2/.github/workfl... so demonstrate to a potential user how they'd run any such pipeline in dagger, locally, or in Jenkins, or whatever by leveraging reusable CI functions that setup go or run trivy
Related to that, I was going to say "try incorporating some of the dagger that builds dagger" but while digging up an example, it seems that dagger doesn't make use of the functions yet <https://github.com/dagger/dagger/tree/v0.10.2/ci#readme> which is made worse by the perpetual reference to them as their internal codename of Zenith. So, even if it's not invoked by CI yet, pointing to a WIP PR or branch or something to give folks who have CI/CD problems in their head something concrete to map into how GHA or GitLabCI or Jenkins or something would go a long way
-
Project mention: ☸️ Kubernetes: From your docker-compose file to a cluster with Kompose | dev.to | 2024-03-09
As stated on their homepage, with Kompose, you can now push the same file to a production container orchestrator!. The tool definitely covers a wide range of Kubernetes features, among which these are meaningless locally but crucial for kubernetes :
-
did anyone adopt in production https://crossplane.io ?
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Go Containers related posts
- Exploring 5 Docker Alternatives: Containerization Choices for 2024
- Podman 5.0.0: final release candidate
- Cdebug: A Swiss army knife of container debugging
- Apptainer (Formerly Singularity)
- You've just inherited a legacy C++ codebase, now what?
- CLI for zero-downtime container deployments with Caddy
- Docker Inc. refuses to patch HIGH vulnerabilities in Docker
-
A note from our sponsor - SaaSHub
www.saashub.com | 19 Mar 2024
Index
What are some of the best open-source Container projects in Go? This list will help you:
Project | Stars | |
---|---|---|
1 | kubernetes | 105,747 |
2 | Moby | 67,493 |
3 | minikube | 28,171 |
4 | dapr | 23,105 |
5 | rancher | 22,388 |
6 | Harbor | 21,926 |
7 | podman | 21,215 |
8 | trivy | 20,913 |
9 | Pulumi | 19,322 |
10 | cilium | 18,167 |
11 | Lean and Mean Docker containers | 18,024 |
12 | colima | 16,248 |
13 | containerd | 16,084 |
14 | kops | 15,482 |
15 | ctop | 15,067 |
16 | gvisor | 14,952 |
17 | skaffold | 14,596 |
18 | kaniko | 13,684 |
19 | runc | 11,317 |
20 | clair | 9,981 |
21 | dagger | 9,870 |
22 | kompose | 9,041 |
23 | crossplane | 8,518 |