Get non-trivial tests (and trivial, too!) suggested right inside your IDE, so you can code smart, create more value, and stay confident when you push. Learn more →
Top 23 Container Open-Source Projects
-
Remember, it is important to read the release notes for the version you're upgrading to before performing the upgrade, as there might be specific notes or issues related to that version.
-
Moby
Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
Docker has to run as root, or use otherwise insecure methods ("rootless" is a sham, it requires suid binaries and CVE ridden unprivileged user namespaces).
I agree with ports, working[0][1][2] on it.
-
SonarLint
Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.
-
Project mention: Questions about Netdata update size/how to disable or move from nightly to stable? | reddit.com/r/netdata | 2023-05-20
Stable releases are a bit more complicated. Major and minor releases are typically once every few months at the moment, but do not have a consistent release schedule (we’re trying to shift internally to having a consistent release schedule though for these, likely every six to eight weeks). Patch releases are published as needed (either when some serious issue is discovered with the associated release, or when we have enough easily backported fixes in the nightlies to warrant a patch release). You can watch releases at https://github.com/netdata/netdata to see when stable releases are published (though again do note that native packages get published asynchronously relative to these releases being published).
-
devops-exercises
Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions
-
-
That's it. You're now on the latest version. If you visit this page in the future, you can find all the latest releases and their respective upgrade commands here.
-
90DaysOfDevOps
I am using this repository to document my journey learning about DevOps. I began this process on January 1, 2022, and plan to continue until March 31. I will be dedicating one hour each day, including weekends, to gaining a foundational understanding of the various aspects of DevOps. This will be a 90-day intensive study period. 2022 & 2023 inc.
Project mention: know any sites that offers scholarships or free courses for tech jobs? | reddit.com/r/buhaydigital | 2023-04-28 -
InfluxDB
Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.
-
https://github.com/firecracker-microvm/firecracker is the one that comes to mind, but most of these are internal.
-
dapr
Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge.
Project mention: Modular Architecture Design question | Re-using modules in multiple applications | reddit.com/r/csharp | 2023-05-17I would like to build modules, either in a modular monolith style, or in a microservice style using DAPR and/or Tye.
-
-
You probably don't need Rancher unless you need a GUI or manage multiple clusters, Lens or k9s might be a better fit for your use case.
-
Project mention: tcp i/o timeout when installing network plugin in "high secure environment" | reddit.com/r/kubernetes | 2023-05-10
Have a look at harbor, you can also use it to follow the same methods for helm charts etc.
-
Project mention: Best virtualization solution with Ubuntu 22.04 | reddit.com/r/linuxquestions | 2023-05-28
-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Project mention: An Overview of Kubernetes Security Projects at KubeCon Europe 2023 | dev.to | 2023-05-22Trivy is a mature and comprehensive open source tool from Aqua Security that supports scanning multiple sources, from file systems to containers and VMs. Trivy also looks beyond vulnerabilities, to scan licenses, secrets, infrastructure as code misconfiguration, and more.
-
Lean and Mean Docker containers
Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
Project mention: An Overview of Kubernetes Security Projects at KubeCon Europe 2023 | dev.to | 2023-05-22Slim.ai presents the data in a more user friendly way than many of the other tools in this post. On top of its open source SlimToolkit for identifying the contents of an image, Slim.ai uses Trivy for vulnerability scanning.
-
Pulumi
Pulumi - Infrastructure as Code in any programming language. Build infrastructure intuitively on any cloud using familiar languages 🚀
Project mention: I'm new to infrastructure as code and I wonder if Ansible or Terraform is the right tool for my purpose | reddit.com/r/devops | 2023-05-19per customer deployment is typically not what these tools were made for. This is where these "Infrastructure as Yaml"-tools typically end. Have a look at pulumi https://www.pulumi.com
-
Project mention: Isn't Istio Ambient mesh a fantastic step to simplify operating istio? Here's a video explaining the architecture! | reddit.com/r/kubernetes | 2023-05-23
Authentication using mTLS was later merged into cilium (https://github.com/cilium/cilium/pull/24263). It uses mTLS between cilium agents to authorize flows, but do note that the mTLS auth is de-coupled from the datapath transport (i.e. you need to configure cilium to use ipsec or wireguard, as otherwise traffic won't be encrypted). As a consequence, there are some gaps in the implementation right now, like packet drops. see https://github.com/cilium/cilium/issues/23808
-
The general problem of patching resource definitions that are not fully under your control has also been recognized for some time. This is true of default resources created and updated by cluster maintenance tools (e.g. kOps), or by public helm charts that you use to install common services and operators (e.g. nginx-ingress, cert-manager, and so on). High quality charts will allow you to override the configuration of important components such as service account references, but some simpler charts offer much less configuration.
-
Project mention: Ctop – Top-like interface for container metrics | news.ycombinator.com | 2023-04-13
-
Project mention: The advantage of WASM compared with container runtimes | news.ycombinator.com | 2023-05-28
Right now most early examples alas boot a container with a wasm runtime for each wasm instance, which is a sad waste. The whole advantage of wasm should be very lightweight low overhead wasm runtime instances atop a common wasm process. Having a process or container for each instance loses a ton of the benefit, makes it not much better than a regular container.
Thankfully there is work like the Containerd Sandbox API which enables new architectures like this. https://github.com/containerd/containerd/issues/4131
It's still being used to spawn a wasm processes per instance for now, but container runtime project Kuasar is already using the Sandbox API to save significant resources, and has already chimed in in comments on HN to express a desire to have shared-process/multi-wasm-instamxe runtimes, which could indeed allow sub ms spawning that could enable instance per request architectures. https://github.com/kuasar-io/kuasar
-
Project mention: Is there a way to hot reload the code running in a container when I edit the codebase in VSCode? | reddit.com/r/docker | 2023-05-16
-
There's two major production-ready Go-based operating system(-ish) projects:
- Google's gVisor[1] (a re-implementation of a significant subset of the Linux syscall ABI for isolation, also mentioned in the article)
- USBArmory's Tamago[2] (a single-threaded bare-metal Go runtime for SOCs)
Both of these are security-focused with a clear trade off: sacrifice some performance for memory safe and excellent readability (and auditability). I feel like that's the sweet spot for low-level Go - projects that need memory safety but would rather trade some performance for simplicity.
-
-
ONLYOFFICE
ONLYOFFICE Docs — document collaboration in your environment. Powerful document editing and collaboration in your app or environment. Ultimate security, API and 30+ ready connectors, SaaS or on-premises
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
The latest post mention was on 2023-05-31.
Containers related posts
- Which distro to use and finally stay on it
- How do I edit /etc/profile?
- CRIU – Checkpoint/restore Linux tasks
- The advantage of WASM compared with container runtimes
- Are there any dedicated linux distros that come out of the box with k8s?
- CentOS 7 vs CentOS Stream vs Rocky vs Alma vs Debian vs Ubuntu for server
- Best virtualization solution with Ubuntu 22.04
-
A note from our sponsor - CodiumAI
codium.ai | 31 May 2023
Index
What are some of the best open-source Container projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | kubernetes | 98,610 |
| 2 | Moby | 65,968 |
| 3 | Netdata | 63,195 |
| 4 | devops-exercises | 43,419 |
| 5 | minikube | 26,488 |
| 6 | Dokku | 24,638 |
| 7 | 90DaysOfDevOps | 22,752 |
| 8 | firecracker | 21,667 |
| 9 | dapr | 21,239 |
| 10 | rancher | 21,081 |
| 11 | lens | 21,055 |
| 12 | Harbor | 20,112 |
| 13 | podman | 17,984 |
| 14 | trivy | 17,518 |
| 15 | Lean and Mean Docker containers | 16,700 |
| 16 | Pulumi | 16,098 |
| 17 | cilium | 15,442 |
| 18 | kops | 14,972 |
| 19 | ctop | 14,303 |
| 20 | containerd | 14,031 |
| 21 | skaffold | 13,972 |
| 22 | gvisor | 13,833 |
| 23 | dockerfiles | 13,148 |
TestGPT | Generating meaningful tests for busy devs
Get non-trivial tests (and trivial, too!) suggested right inside your IDE, so you can code smart, create more value, and stay confident when you push.
codium.ai