24 repositorios
Tools for defining container runtime parameters, network mappings, and build environment settings.
Distinguishing note: Focuses on application-level container settings rather than low-level system configuration.
Explore 24 awesome GitHub repositories matching devops & infrastructure · Container Configuration. Refine with filters or upvote what's useful.
Nanoclaw is an LLM agent orchestrator and multi-platform chat gateway designed to deploy and manage isolated AI agents. It provides a containerized runtime that executes agents within sandboxed Linux containers, ensuring filesystem and state isolation through dedicated workspaces and host bind-mounts. The project distinguishes itself through a unified routing pipeline that connects agents to diverse messaging platforms, including WhatsApp, Discord, Slack, Telegram, Signal, and iMessage. It integrates the Model Context Protocol to extend agent capabilities via managed external data and functio
Manages container runtime parameters, model settings, and image configurations to alter agent operations.
OpenFaaS is a serverless function platform that provides a container-native framework for deploying and managing event-driven code. It functions as an abstraction layer over container orchestrators, allowing developers to package code into scalable functions that run across Kubernetes clusters or edge computing environments. The platform distinguishes itself through a developer-centric runtime that utilizes standardized language templates and automated build pipelines to simplify the creation of container images. It features a central API gateway that manages request routing, authentication,
C# (CSharp)¶ The dotnet8-csharp template is a C# template built with WebApplication and the minimal API style. It is multi-arch, and can be deployed to an amd64 or arm64 platform. For a function based upon an existi
This project is a suite of specialized tools for linting, minifying, analyzing, and managing container images and their associated registries. It provides a set of utilities including an image minifier to reduce image size, a security profiler to harden running containers, an image analyzer for static inspection, and a registry manager for organizing multi-architecture indices. The toolset distinguishes itself through behavior-based optimization and security. It uses dynamic analysis to track executed instructions and file access to remove unused binary data, and records kernel interactions t
Evaluates Dockerfiles against best practices to identify potential issues and suggest quality improvements.
Slim is a comprehensive suite for container lifecycle management, providing tools for image inspection, optimization, security hardening, and service troubleshooting. It functions as a platform for analyzing containerized applications through both static metadata review and dynamic behavioral probing, enabling users to understand image composition and runtime dependencies. The project distinguishes itself by automating the creation of minimal, production-ready container images. It achieves this by removing unnecessary files and components, flattening image layers, and synthesizing restrictive
Evaluates container images and configuration files to identify security vulnerabilities and deviations from best practices.
chezmoi is a command-line utility designed to manage and synchronize system configuration files across multiple machines. It uses a local Git repository as the single source of truth, allowing users to track, version, and distribute dotfiles while maintaining a consistent state across diverse operating systems and hardware architectures. The project distinguishes itself through a declarative reconciliation model that computes the difference between the current filesystem and the desired state defined in the repository. It features a robust templating engine that processes configuration files
Automates configuration setup and application within ephemeral containerized environments.
Quarkus is a Kubernetes-native Java framework designed for building high-performance, memory-efficient applications. It utilizes ahead-of-time native compilation to transform Java code into standalone, optimized binaries that eliminate the need for a virtual machine, enabling rapid startup and reduced memory consumption. By performing code augmentation during the build phase, it shifts heavy processing tasks away from runtime, ensuring that applications are optimized for cloud-native environments. The framework distinguishes itself through a unified approach to reactive and imperative program
Injects custom configuration files and environment settings into containerized data stores for development and testing.
This project is a comprehensive collection of web development reference guides and technical cheat sheets. It provides a curated set of markdown-based documentation designed to help developers quickly locate syntax patterns and API examples for common web technologies and programming languages. The repository serves as a specialized reference library covering several distinct technical domains. It includes extensive guides for CSS, focusing on selectors, Flexbox, Grid, and responsive layout properties, as well as a DevOps command reference for Docker, Kubernetes, AWS, Ansible, and general she
Supplies reference guides for initializing and configuring containers with port mappings and network links.
Distrobox is a command-line utility that enables the execution of any Linux distribution within an OCI-compliant container. It functions as an integration layer between isolated containerized environments and the host operating system, allowing users to run different distributions simultaneously on a single host without system conflicts. The tool distinguishes itself by bridging the gap between isolated environments and the host system through deep resource sharing. It automatically mounts host hardware, home directories, and graphical interfaces into the container, while also synchronizing e
Defines container settings via configuration files for reproducible environments.
Kitematic is a graphical user interface for managing and running Docker containers on desktop operating systems. It serves as a visual Docker management tool and API client that translates user interface interactions into REST API calls to control the Docker daemon without requiring the command line. The application is built as a cross-platform Electron desktop application, utilizing a Chromium-based shell to provide a consistent administrative interface across Mac and Windows. The software covers the full container lifecycle, including the creation, configuration, and monitoring of containe
Provides a visual editor to modify container environment variables, port mappings, and volume mounts.
LiveContainer is an iOS app container manager that runs applications in isolated sandboxes with separate data, keychain, and vendor identifiers, bypassing Apple's free developer account installation limits. It uses Just-In-Time compilation to launch unsigned apps without a developer certificate, and supports running multiple instances and versions of the same app simultaneously. The tool also injects custom dynamic libraries and framework tweaks at launch, applied globally or per application. Beyond basic containerization, LiveContainer provides advanced multitasking with resizable virtual or
LiveContainer allows configuring container name, app-group isolation, vendor identifier spoofing, and default status.
Cross is a container-based build environment and cross-compilation tool for Rust. It functions as a multi-architecture binary builder and testing framework, allowing users to compile crates into binaries for different operating systems and CPU architectures without installing local toolchains on the host system. The project distinguishes itself by using Docker images to provide consistent toolchains and system dependencies for foreign target architectures. It integrates the Zig toolchain within container images to facilitate compilation across various architectures and library versions, and i
Cross provides settings to adjust runtime arguments, user identifiers, and namespaces to match specific system requirements.
Score is a platform-agnostic workload specification standard that defines containerized application deployments and their resource dependencies in a declarative YAML format. It provides a developer-centric specification that separates environment-agnostic workload definitions from environment-specific configuration, enabling consistent deployment across development, testing, and production environments. The specification framework translates a single workload definition into deployable manifests for multiple container orchestration platforms, including Docker Compose and Kubernetes. It includ
Specifies container image, command, arguments, environment variables, files, volumes, compute resources, and health probes.
This project is a collection of curated and standardized Docker base images that serve as reliable starting points for building containerized applications. It functions as an OCI container image repository and a build template library, providing a central source of truth for images that adhere to Open Container Initiative standards for portability. The project utilizes an automated image lifecycle pipeline to build, tag, and push images, ensuring that dependencies remain current and security patches are applied. It specifically supports cross-platform distribution by providing a multi-archite
Defines container runtime behavior through the configuration of entrypoints, environment variables, and health checks.
This repository contains the comprehensive documentation for a code editor focused on AI-assisted software development and remote development workflows. It covers the implementation of AI agents and language models used for autonomous code generation, large-scale refactoring, and task iteration. The project is distinguished by its deep integration of autonomous AI agents capable of web navigation, application logic validation, and orchestrating multi-step development processes. It provides specialized frameworks for tailoring AI behavior through custom instructions, model context protocols, a
Automatically clones and applies user dotfiles from a repository during the creation of development containers.
k0s is a Kubernetes distribution that packages all control plane and worker components into a single binary, enabling cluster deployment with no host dependencies beyond the Linux kernel. It supports a container-native runtime where controllers and workers run inside Docker containers using a single OCI image, and offers declarative YAML configuration for defining cluster topology, host roles, and SSH connection details. The distribution provides pre-built binaries for x86-64, ARM64, ARMv7, and RISC-V architectures, and uses cryptographically signed tokens for secure node enrollment. The proj
Configures the cluster's container runtime by choosing a CRI plugin such as containerd.
Themer is a color palette theme generator that produces matching color themes for code editors, terminal emulators, desktop applications, and wallpapers from a single user-defined color set. It accepts standard Base16 YAML color scheme files as input and supports defining custom color palettes with separate dark and light variants. The tool generates visually consistent themes across over a dozen code editors and IDEs, multiple terminal emulators, and various desktop applications, while also creating matching desktop wallpapers in multiple resolutions and visual styles. It operates through a
Runs a CLI command as part of dotfiles builds to generate matching themes and wallpapers automatically.
CRI-O is an open-source container runtime that implements the Kubernetes Container Runtime Interface (CRI) to manage container images, pods, and containers on cluster nodes using OCI-compatible runtimes. It serves as a node-level container manager that handles image pulling, container lifecycle, and resource monitoring for Kubernetes clusters, running containers according to the Open Container Initiative specifications. The runtime distinguishes itself through live configuration reloading that applies changes to runtime definitions, registry mirrors, and TLS certificates without restarting th
Creates and manages Kubernetes pods as groups of containers with shared namespaces through the CRI.
Descheduler es un reequilibrador de cargas de trabajo y gestor de desalojo de pods para Kubernetes, diseñado para optimizar la distribución de recursos y mantener la estabilidad del cluster. Identifica y elimina pods que ya no cumplen con las restricciones de programación o los requisitos de salud, permitiendo que el cluster los reubique en nodos más adecuados. El proyecto proporciona capacidades especializadas para equilibrar la utilización de recursos de los nodos, aplicar restricciones de dispersión de topología y eliminar pods duplicados para mejorar la distribución. También funciona como asistente de autoscaling al compactar cargas de trabajo en menos nodos para facilitar la reducción de infraestructura no utilizada. El sistema cubre una amplia gama de tareas de mantenimiento, incluyendo la limpieza de pods fallidos, inestables o antiguos, y la aplicación de reglas de afinidad y taints de nodos. Incluye mecanismos de seguridad como la validación de encaje en la programación para asegurar que los pods puedan ser reprogramados antes del desalojo, filtrado basado en etiquetas para proteger cargas de trabajo críticas y un modo de prueba (dry-run) para previsualizar cambios. La utilidad puede desplegarse como un proceso en segundo plano continuo o como un cron job recurrente y admite alta disponibilidad mediante elección de líder.
Removes aged, unstable, or failed pods that exceed restart thresholds.
LXC es un framework de virtualización a nivel de SO y gestor de contenedores Linux utilizado para ejecutar múltiples sistemas Linux aislados en un solo host. Funciona como un orquestador de espacios de nombres del kernel y tiempo de ejecución de contenedores sin privilegios, permitiendo la creación y gestión de contenedores de sistema sin la sobrecarga de un hipervisor. El proyecto proporciona ejecución de contenedores sin privilegios mapeando los usuarios root del contenedor a usuarios host sin privilegios para prevenir el acceso al sistema host. Asegura la seguridad a través del filtrado de llamadas al sistema y el aislamiento del usuario root, permitiendo que los contenedores se ejecuten sin requerir privilegios de root del host. El framework gestiona el aislamiento de recursos utilizando grupos de control para limitar el uso de CPU y memoria y utiliza espacios de nombres del kernel para el aislamiento de procesos y redes. Incluye capacidades para la administración de puentes de red para prevenir la suplantación de direcciones y una API programática para gestionar el ciclo de vida del contenedor y ejecutar comandos administrativos.
Provides a hierarchical system for defining container runtime parameters, resource limits, and security settings.
Incus is a unified orchestration platform for managing system containers, OCI application containers, and virtual machines through a single control plane. It brings together cluster infrastructure management, secure multi-tenancy, software-defined networking, and pluggable storage backend orchestration into one cohesive system exposed via a full REST API and command-line interface. What distinguishes Incus is its ability to run multiple instance types side by side—full Linux system containers, OCI application containers, and QEMU virtual machines—all managed with consistent tooling. Networkin
Sets working directory, entry point, and user/group IDs for OCI containers that override image defaults.