OCI

Open-source projects categorized as OCI

The Open Container Initiative (OCI) is an open governance structure for the express purpose of creating open industry standards around container formats and runtimes. Established in June 2015 by Docker and other leaders in the container industry, the OCI currently contains two specifications: the Runtime Specification (runtime-spec) and the Image Specification (image-spec). The Runtime Specification outlines how to run a “filesystem bundle” that is unpacked on disk.

Top 23 OCI Open-Source Projects

  • podman

    Podman: A tool for managing OCI containers and pods.

  • Project mention: Top 5 Docker Alternatives for Software Developers in 2024 | dev.to | 2024-06-20

    Podman is an open-source visualization tool developed by RedHat. It leverages the libpod library as a container lifecycle management tool. It is a daemonless container engine OCI management on Linux. It is primarily made for Linux but can run on Windows and Mac using virtual machines managed by Podman.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
  • containerd

    An open and reliable container runtime

  • Project mention: Top 5 Docker Alternatives for Software Developers in 2024 | dev.to | 2024-06-20

    Containerd is a runtime tool used for managing image transfers and storage as well as managing OCI containers. It can be integrated with Docker but can also be used without Docker integration. By using runc, it can function as a standalone component.

  • gvisor

    Application Kernel for Containers

  • Project mention: We Improved the Performance of a Userspace TCP Stack in Go by 5X | news.ycombinator.com | 2024-06-05

    If you want to use netstack without Bazel, just use the go branch:

    https://github.com/google/gvisor/tree/go

    go get gvisor.dev/gvisor/pkg/tcpip@go

    The go branch is auto generated with all of the generated code checked in.

  • jib

    🏗 Build container images for your Java applications.

  • Project mention: Nix is a better Docker image builder than Docker's image builder | news.ycombinator.com | 2024-03-15
  • runc

    CLI tool for spawning and running containers according to the OCI specification

  • Project mention: Nanos – A Unikernel | news.ycombinator.com | 2024-03-13

    I can speak to this. Containers, and by extension k8s, break a well known security boundary that has existed for a very long time - whether you are using a real (hardware) server or a virtual machine on the cloud if you pop that instance/server generally speaking you only have access to that server. Yeh, you might find a db config with connection details if you landed on say a web app host but in general you still have to work to start popping the next N servers.

    That's not the case when you are running in k8s and the last container breakout was just announced ~1 month ago: https://github.com/opencontainers/runc/security/advisories/G... .

    At the end of the day it is simply not a security boundary. It can solve other problems but not security ones.

  • clair

    Vulnerability Static Analysis for Containers

  • Project mention: I looked through attacks in my access logs. Here's what I found | news.ycombinator.com | 2024-01-28

    Besides pointing pentester tools like metasploit at yourself, there are some nice scanners out there.

    https://github.com/quay/clair

    https://github.com/anchore/grype/

  • distribution

    The toolkit to pack, ship, store, and deliver container content

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  • grype

    A vulnerability scanner for container images and filesystems

  • Project mention: A vulnerability scanner for container images and filesystems | news.ycombinator.com | 2024-05-24
  • buildkit

    concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit

  • Project mention: Caching PNPM Modules in Docker Builds in GitHub Actions | dev.to | 2024-05-06

    The currently proposed solution is to allow Docker to bind the cache directory in the build to a directory on the host. This way the cache could be persisted externally. However, this issue has been opened for almost 4 years (May 27, 2020) with no clear answer as to whether it'll be implemented any time soon.

  • buildah

    A tool that facilitates building OCI images.

  • Project mention: Using ARG in a Dockerfile – beware the gotcha | news.ycombinator.com | 2024-05-14

    I wish we would rather get rid of Dockerfile in favor of something like buildah does:

    https://github.com/containers/buildah/blob/main/examples/lig...

    Since Dockerfile is a rather limited and (IMHO) poorly executed re-implementation of a shell script, why not rather use shell directly? Not even bash with coreutils is necessary: even posix sh with busybox can do far more than Dockerfile, and you can use something else (like Python) and take it very far indeed.

  • docker-images

    Official source of container configurations, images, and examples for Oracle products and projects

  • youki

    A container runtime written in Rust

  • Project mention: Youki: A container runtime written in Rust | news.ycombinator.com | 2023-12-05
  • syft

    CLI tool and library for generating a Software Bill of Materials from container images and filesystems

  • kata-containers

    Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/

  • Project mention: My VM is lighter (and safer) than your container | news.ycombinator.com | 2024-05-14
  • cri-o

    Open Container Initiative-based implementation of Kubernetes Container Runtime Interface

  • Project mention: The Road To Kubernetes: How Older Technologies Add Up | dev.to | 2024-02-05

    Kubernetes on the backend used to utilize docker for much of its container runtime solutions. One of the modular features of Kubernetes is the ability to utilize a Container Runtime Interface or CRI. The problem was that Docker didn't really meet the spec properly and they had to maintain a shim to translate properly. Instead users could utilize the popular containerd or cri-o runtimes. These follow the Open Container Initiative or OCI's guidelines on container formats.

  • pouch

    An Efficient Enterprise-class Container Engine

  • dockerfile

    Dockerfile best-practices for writing production-worthy Docker images.

  • komiser

    Open-source cloud-environment inspector. Supporting AWS, GCP, Azure, and more! Your cloud resources will have nowhere to hide!

  • Project mention: Komiser – Your cloud resources will have nowhere to hide | news.ycombinator.com | 2023-10-17
  • image-spec

    OCI Image Format

  • Project mention: Understanding Buildpacks in Cloud Native Buildpacks | dev.to | 2024-04-22

    A buildpack is a software, designed to transform application source code into executable (OCI) images that can run on a variety of cloud platforms. At its core, a buildpack is a directory that includes a specific file named buildpack.toml. This file contains metadata and configuration details that dictate how the buildpack should behave. Buildpacks in simple terms, is a set of standards defining how the different steps that are required to build a compliant container image can be automated. Using those standards, there are projects that have been built round enabling that using an CLI or an API. The most common way of doing that is through the Cloud Native Buildpacks' Pack project. Pack is a CLI command that can run in the same system the developers are using to actually go through creating a Dockerfile.

  • cloudsploit

    Cloud Security Posture Management (CSPM)

  • runtime-spec

    OCI Runtime Specification

  • Project mention: The What, Why and How of Containers | news.ycombinator.com | 2024-03-27

    > Well, no. When people say "containers", they always mean "Docker".

    Not really/necessarily. https://github.com/opencontainers/runtime-spec

  • crun

    A fast and lightweight fully featured OCI runtime and C library for running containers

  • Project mention: Show HN: dockerc – Docker image to static executable "compiler" | news.ycombinator.com | 2024-03-06

    Yep pretty much.

    The executables bundle crun (a container runtime)[0], and a fuse implementation of squashfs and overlayfs. Appended to that is a squashfs of the image.

    At runtime the squashfs and overlayfs are mounted and the container is started.

    [0]: https://github.com/containers/crun

  • Cloud-Free-Tier-Comparison

    Comparing the free tier offers of the major cloud providers like AWS, Azure, GCP, Oracle etc.

  • Project mention: Free VPS really exist ? | /r/selfhosted | 2023-07-03
  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

OCI discussion

Log in or Post with

OCI related posts

  • Top 5 Docker Alternatives for Software Developers in 2024

    6 projects | dev.to | 20 Jun 2024
  • From Whispers to Wildfire: Celebrating a Decade of Kubernetes

    4 projects | dev.to | 7 Jun 2024
  • We Improved the Performance of a Userspace TCP Stack in Go by 5X

    4 projects | news.ycombinator.com | 5 Jun 2024
  • My VM is lighter (and safer) than your container

    12 projects | news.ycombinator.com | 14 May 2024
  • Caching PNPM Modules in Docker Builds in GitHub Actions

    4 projects | dev.to | 6 May 2024
  • Understanding Buildpacks in Cloud Native Buildpacks

    1 project | dev.to | 22 Apr 2024
  • ARM vs x86 em Docker

    1 project | dev.to | 5 Apr 2024
  • A note from our sponsor - InfluxDB
    www.influxdata.com | 20 Jun 2024
    Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

What are some of the best open-source OCI projects? This list will help you:

Project Stars
1 podman 22,221
2 containerd 16,611
3 gvisor 15,251
4 jib 13,468
5 runc 11,523
6 clair 10,117
7 distribution 8,573
8 grype 8,045
9 buildkit 7,782
10 buildah 7,104
11 docker-images 6,428
12 youki 5,934
13 syft 5,679
14 kata-containers 5,077
15 cri-o 5,066
16 pouch 4,618
17 dockerfile 4,031
18 komiser 3,881
19 image-spec 3,318
20 cloudsploit 3,243
21 runtime-spec 3,109
22 crun 2,842
23 Cloud-Free-Tier-Comparison 2,729

Sponsored
Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com