30 open-source projects similar to apache/cloudstack, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Cloudstack alternative.
microvm.nix is a declarative virtual machine manager and orchestrator for defining, building, and managing isolated guest environments using Nix. It functions as a virtual machine image builder that transforms system specifications into bootable disk images and runner scripts. The project provides a hypervisor abstraction layer, enabling the deployment of guest images across multiple virtualization backends through a unified configuration. It includes specialized tools for PCI hardware passthrough, granting virtual machines direct access to physical host USB and PCI devices. The framework co
Multipass is a virtual machine lifecycle controller and manager designed to create and orchestrate lightweight Ubuntu instances on a local workstation. It functions as a cross-platform hypervisor wrapper that provides a local cloud development environment for simulating cloud deployments. The system utilizes a hypervisor-abstraction layer and driver-based backend resolution to manage virtual machines across different host operating systems using native virtualization backends. It enables the simulation of cloud instance behavior through the injection of cloud-init metadata and initialization
This project is a collection of shell-based automation scripts designed to automate the deployment and configuration of Linux containers and virtual machines on Proxmox VE hosts. It provides toolsets for the scripted provisioning of virtual machine infrastructure and the creation of pre-defined containers for various applications. The toolset includes specialized utilities for Proxmox host management, such as automating post-installation setup, managing system backups, and cleaning up old kernels to reclaim disk space. It further provides automated configurations for hardware passthrough, ena
Vagrant is a virtual machine environment manager and infrastructure as code tool used to create and configure consistent development environments. It acts as a virtual machine provisioner and hypervisor abstraction layer, allowing users to define machine specifications and automate software installation on guest systems via declarative configuration files. The project enables cross-hypervisor orchestration by decoupling the command interface from specific virtualization backends. It ensures environment consistency through the distribution of pre-configured machine images and the orchestration
GlusterFS is a software-defined distributed file system and scale-out storage cluster that aggregates disk resources from multiple servers into a single global namespace. It functions as a unified storage platform, allowing the same underlying data to be exposed through file, block, and object storage interfaces. The system distinguishes itself through a decentralized architecture that uses consistent hashing to distribute files across network nodes without a central metadata server. It ensures data integrity and availability using self-healing replication, quorum-based consistency to prevent
ExHyperV is a suite of administrative tools designed for managing advanced Hyper-V configurations, specifically focusing on GPU partitioning, device passthrough, and virtual network switches. It provides a graphical interface to configure virtual machine resources and optimize hypervisor settings. The project is distinguished by its ability to share physical graphics card resources across multiple virtual machines using paravirtualization and partitioning. It also provides specialized utilities for assigning PCIe devices and USB peripherals directly to guest machines for exclusive access. Th
Kata Containers is an OCI container runtime that launches containers inside lightweight virtual machines to combine hardware-level isolation with container operational speed. It functions as a hardware-isolated container engine and lightweight VM hypervisor, providing a virtual machine monitor interface that abstracts multiple hypervisors to optimize for performance or specific hardware emulation. The project distinguishes itself through a confidential computing runtime that leverages hardware-backed trusted execution environments, such as Intel TDX and AMD SEV-SNP, to protect data in use. It
Finch is a virtual machine-based container runtime and OCI container management CLI used for local container development. It operates by running container workloads inside a background virtual machine to isolate them from the host operating system. The project serves as an OCI image builder and a multi-container service orchestrator for simulating complex production environments on a workstation. The runtime functions as a cross-platform container engine, utilizing emulation layers to execute container images built for foreign CPU architectures. It distinguishes its image distribution through
virt-manager is a graphical management interface for configuring hypervisors, virtual machine instances, and containers via the libvirt API. It provides a desktop environment for managing KVM-based virtualization on Linux hosts, acting as a centralized controller for both local and remote hypervisors. The project distinguishes itself through integrated management of the surrounding virtualization infrastructure. It includes dedicated interfaces for virtual network administration to connect guests to physical hardware and virtual storage management for organizing disk volumes into logical pool
This project is a collection of structured study notes and conceptual breakdowns designed for the AWS Certified Cloud Practitioner exam. It serves as a technical reference and study guide, organizing cloud service details and architectural principles to assist in certification preparation. The knowledge base is built using markdown files and includes curated cheat sheets and interactive mind-map visualizations. These tools map complex certification topics into visual hierarchies to enable drill-down study paths and rapid revision. The materials cover a wide range of cloud capabilities, inclu
phpipam is a web-based IP address management system and network asset manager used for tracking IPv4 and IPv6 address allocations, subnet masks, and network metadata. It functions as a centralized registry for coordinating virtual local area networks, routing instances, and DNS records. The platform includes data center infrastructure management capabilities to map physical hardware rack layouts and device placements. It also operates as a network scanner that identifies active addresses and monitors network capacity by automatically scanning subnets. The system provides a REST API for progr
Azure Docs is the official technical documentation repository for Microsoft Azure, the cloud computing platform. It provides comprehensive guidance on the full spectrum of Azure services, covering everything from core infrastructure components like virtual machines, Kubernetes clusters, and serverless computing to platform services for AI, machine learning, data analytics, and storage. The documentation details how to provision, manage, and govern cloud resources at scale, including policy enforcement, identity management, and cost optimization. The documentation distinguishes Azure through i
Foreman is a lifecycle infrastructure management platform used for automating the provisioning, configuration, and monitoring of physical, virtual, and cloud servers. It serves as a central hub for managing the entire lifespan of a server, from initial deployment and operating system upgrades to decommissioning and auditing. The platform functions as a hybrid cloud manager and bare-metal provisioning tool, providing a unified interface to control virtual machine lifecycles across diverse hypervisors and public cloud providers. It automates hardware discovery and operating system deployment us
NetBox is a data center infrastructure management tool designed to serve as a centralized source of truth for network environments. It provides a structured platform for documenting network topology, managing device inventories, and tracking IP address spaces, ensuring that physical and logical connections are maintained within a single, consistent database. The system is built on a modular framework that supports custom plugins, allowing organizations to extend its core functionality and tailor infrastructure modeling to specific operational requirements. By utilizing a declarative state mod
This project is a comprehensive educational curriculum and practical guide designed to teach the fundamentals of DevOps practices within the Amazon Web Services ecosystem. It provides a structured learning path for mastering cloud infrastructure automation, deployment workflows, and system management through hands-on tutorials. The curriculum covers the end-to-end lifecycle of cloud resources, focusing on defining infrastructure through version-controlled templates and orchestrating automated delivery pipelines. It distinguishes itself by integrating security and governance directly into the
Flare-VM is a collection of scripts and an orchestrator designed to automate the installation and configuration of a reverse engineering toolset on Windows virtual machines. It functions as a provisioning system that deploys a consistent environment for malware analysis and security research on guest operating systems. The project utilizes a configuration manager and a graphical interface to allow for the selection of specific software packages and environment variables. It employs a curated manifest to manage the installation of compatible security tools and modifies system registries and ta
Dry is a container lifecycle manager and cluster orchestrator designed to control groups of containers, services, and stacks across multiple nodes. It functions as a resource manager for inspecting and cleaning up images, persistent volumes, and network configurations, while providing a terminal-based dashboard for monitoring system events and resource usage. The project enables the coordination of distributed workloads through service-stack grouping and cluster orchestration. It provides a centralized control plane to synchronize the deployment and scaling of complex application architecture
MBE is a security research educational resource providing binary exploitation courseware and a deployable CTF wargame environment. It functions as a structured curriculum of labs and materials designed for learning reverse engineering and memory corruption. The project provides containerized lab infrastructure and a binary analysis toolchain to ensure a controlled setting for vulnerability research. It utilizes isolated environments to deploy binary exploitation tasks, preventing interference and system instability. The system covers the provisioning of vulnerable environments through virtua
This project is network firmware for the ESP32 that functions as a wireless repeater, NAT router, or wireless bridge to extend WiFi coverage. It can operate as a WiFi range extender, a layer-2 bridge for shared subnets, or a NAT router that creates a private secondary subnet to connect clients to an upstream network. A key differentiator is its ability to act as an enterprise WiFi to PSK converter, translating PEAP-authenticated networks into WPA2-PSK networks for devices that do not support enterprise authentication. Additionally, it includes a network traffic mirroring tool that streams int
Incus is a unified orchestration platform for managing system containers, OCI application containers, and virtual machines through a single control plane. It brings together cluster infrastructure management, secure multi-tenancy, software-defined networking, and pluggable storage backend orchestration into one cohesive system exposed via a full REST API and command-line interface. What distinguishes Incus is its ability to run multiple instance types side by side—full Linux system containers, OCI application containers, and QEMU virtual machines—all managed with consistent tooling. Networkin
LXD is a unified platform for managing both system containers and virtual machines through a single REST API and command-line interface. It provides a programmatic HTTP interface for controlling the full lifecycle of instances, enabling automation and integration with external tools. The system runs unprivileged containers with per-instance UID/GID mappings, seccomp filters, and AppArmor profiles for kernel-level isolation, while supporting multiple storage backends including directory, Btrfs, LVM, ZFS, Ceph, LINSTOR, and TrueNAS through a unified driver interface. The platform distinguishes
Open vSwitch is a software-defined network switch and high-performance data plane engine. It functions as a virtual layer 2 switch and network orchestrator, implementing the OpenFlow protocol to decouple the control plane from the data plane for programmable network forwarding. The project distinguishes itself through a userspace-kernel datapath split and the use of poll-mode drivers for kernel-bypass acceleration. It provides a network tunneling gateway to extend virtual networks across physical hosts and utilizes a transactional, schema-based configuration database with state replication fo
KubeOperator is a comprehensive Kubernetes cluster management platform, infrastructure orchestrator, and multi-cluster manager. It functions as an enterprise Kubernetes distribution designed to automate the deployment, scaling, and lifecycle management of production clusters across diverse cloud platforms and physical machines. The platform distinguishes itself with specialized capabilities for air-gapped environments, including an offline installation engine that generates software archives and manages private registries for secure, non-internet deployments. It also provides a centralized da
vphone-cli is a command line interface for booting virtual iOS devices using Apple's native virtualization framework. It provides a sandboxed virtual mobile environment and tools for executing iOS system images on a host operating system. The project includes a firmware flashing utility capable of building signed ramdisks and applying custom firmware patches to virtual device boot chains. It facilitates the installation of custom firmware variants to remove system security restrictions. The toolset covers virtual device provisioning through system image restoration and security blob retrieva
Deepagents is an LLM agent orchestration platform and stateful application server designed for deploying and managing AI agents built with computational graphs. It provides a containerized runtime environment that handles agent execution, state persistence, and the versioning of AI assistants. The platform distinguishes itself through deep integration with the Model Context Protocol, allowing agents to function as servers that expose tools and capabilities to external clients. It features a sophisticated observability suite for capturing execution traces, performing LLM-based evaluations agai
This project is a comprehensive reference guide and cheat sheet for the Docker CLI. It provides a structured collection of commands and documentation to help users manage container lifecycles, build images, and handle registries. The documentation specifically covers the orchestration of multi-container applications using Docker Compose and the management of scalable services across multiple nodes via Docker Swarm. It also includes detailed guides for configuring virtual networks, bridges, and ports to control container communication. The reference surface extends to container image administ
Trippy is a network diagnostic tool and terminal user interface that combines ping and traceroute functionality to analyze network paths and performance. It provides a network packet parser and path analyzer to detect packet loss, jitter, and multipath routing through continuous network probing. The project is distinguished by its support for specialized tracing strategies, including Paris and Dublin, to ensure consistent path discovery. It identifies network address translation devices and utilizes heuristic analysis to distinguish genuine packet loss from rate-limiting. Broad capability ar
Easy-GPU-PV is an administrative toolset for verifying hardware compatibility and automating the deployment of partitioned graphics acceleration across virtualized Windows environments. It functions as a resource orchestrator and manager for provisioning virtual machines with partitioned graphics processing units. The project focuses on Windows GPU partitioning, enabling a single physical graphics card to share hardware acceleration across multiple virtualized systems. It achieves this by automating the configuration of host hardware and software to allow virtualized environments to access gr
CJDNS is a peer-to-peer VPN and cryptographic network overlay that implements an encrypted IPv6 mesh network. It functions as a distributed hash table router, utilizing a non-hierarchical XOR metric to route traffic across nodes without relying on a central authority or registry. The project distinguishes itself by tying network identity to cryptographic ownership, deriving unique IPv6 addresses from public keys. It ensures secure peer connectivity across NAT boundaries using public-key authentication, end-to-end packet encryption, and a handshake protocol that provides perfect forward secrec
This is a practical, step-by-step guide to Linux system administration, command-line usage, and development environment setup, written from the perspective of a Java developer. The tutorial is structured as a sequence of terminal commands with explanations, teaching system administration through direct modification of plain-text configuration files. It provides separate workflows for CentOS, Ubuntu, and Kali Linux, covering both yum and apt package managers with equivalent commands for each operation. The guide emphasizes a security-first workflow, walking through firewall configuration, SSH