30 open-source projects similar to apple/containerization, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Containerization alternative.
Skopeo is a command line utility for inspecting, copying, and managing OCI and Docker container images across registries and local storage. It functions as a container image tool and registry manager that performs these operations without requiring a background daemon to be running on the host. The tool specializes in daemonless image manipulation, allowing users to retrieve metadata, manifests, and tags from remote registries without pulling the full image locally. It provides capabilities for mirroring external repositories to internal registries for air-gapped deployments and manages the t
img is a daemon-less tool for building Open Container Initiative compliant images without requiring root privileges. It functions as a standalone builder and registry client that creates container images from build files without the need for a background process or elevated system permissions. The project provides a multi-platform image generator capable of targeting different operating systems and hardware architectures. It includes an OCI registry client for authenticating with remote registries to push, pull, and manage image artifacts. The toolset covers image construction and artifact m
Distribution is an open-source container image registry that implements the OCI Distribution Specification, enabling any OCI-compatible client to push, pull, and manage container images over standard protocols. It serves as a content distribution toolkit for packaging, shipping, storing, and delivering container content across networked environments, storing and retrieving content by its cryptographic hash for integrity and deduplication. The registry separates image metadata from bulk data to enable efficient validation and partial pulls, and supports resumable blob uploads with chunked tran
This project is a comprehensive reference guide and cheat sheet for the Docker CLI. It provides a structured collection of commands and documentation to help users manage container lifecycles, build images, and handle registries. The documentation specifically covers the orchestration of multi-container applications using Docker Compose and the management of scalable services across multiple nodes via Docker Swarm. It also includes detailed guides for configuring virtual networks, bridges, and ports to control container communication. The reference surface extends to container image administ
proot-distro is a rootless container runtime and Linux distribution manager that allows users to install and run isolated guest environments without requiring administrative root privileges. It utilizes PRoot to simulate root access and filesystem redirection, enabling the deployment of full Linux distributions in a non-root space. The project functions as an OCI container image handler, capable of building, pulling, and pushing OCI-compatible images and manifests. It further serves as a cross-architecture execution layer, utilizing user-mode emulation to run binaries and containers built for
img is a collection of toolsets for building, managing, and manipulating OCI compliant container images. It functions as an image build tool and registry client, providing the capabilities to create images from configuration files, push and pull images to remote registries, and extract image layers into root filesystems or archives. The project distinguishes itself through support for multi-platform builds using hardware emulators and the ability to perform unprivileged container builds via namespace-based process isolation and user ID mapping. It also includes a cross-platform binary compile
Skopeo is an OCI container image manager and registry client designed for inspecting, copying, and signing container images across different registries and storage backends. It enables the manipulation of container images using direct API calls to registries, operating independently of a local container daemon or runtime. The tool provides specialized capabilities for container image mirroring and synchronization, specifically supporting the mirroring of external repositories to internal registries for air-gapped environments. It also functions as a container image signing tool, allowing for
Podman Desktop is a graphical user interface for building, managing, and deploying containers and Kubernetes clusters from a local workstation. It serves as a container engine manager and a Kubernetes cluster dashboard, providing a visual environment for tasks typically handled via the command line. The project includes a container extension framework that allows users to integrate additional tools and capabilities into the management environment through a plugin system and extension catalog. The software covers the full container lifecycle, including image building and pushing to registries
Finch is a virtual machine-based container runtime and OCI container management CLI used for local container development. It operates by running container workloads inside a background virtual machine to isolate them from the host operating system. The project serves as an OCI image builder and a multi-container service orchestrator for simulating complex production environments on a workstation. The runtime functions as a cross-platform container engine, utilizing emulation layers to execute container images built for foreign CPU architectures. It distinguishes its image distribution through
Buildah is a daemonless container tool used for building and managing OCI-compliant container images. It functions as a command line utility that creates and modifies images without requiring a background process or root privileges. The tool transforms Dockerfile instructions into standard images and allows for the generation of images by committing the state of a running container. It supports the creation of images from scratch or base images, ensuring that all output adheres to Open Container Initiative specifications for portability. Beyond image construction, it provides capabilities fo
docker-py is a Python library and SDK that serves as a programmatic client for the Docker Engine API. It provides a programmatic interface for controlling containers, images, and clusters, allowing for the automation of containerized applications and engine resources. The library enables remote Docker administration through various transport methods, including Unix domain sockets, TCP ports, and encrypted SSH tunnels. It handles real-time data links by using WebSockets to stream input and output from active containers. The project covers container lifecycle control, image management for buil
Earthly is a containerized build system and Docker build framework designed for creating reproducible build pipelines. It ensures environment consistency by executing every build step inside an isolated container, combining the isolation of container images with dependency tracking and parallel execution. The system differentiates itself through a focus on hermeticity and multiplatform support, allowing for the generation of container images targeting multiple CPU architectures within a single execution flow. It maintains a hermetic build environment by isolating network access and utilizing
This project is a comprehensive collection of web development reference guides and technical cheat sheets. It provides a curated set of markdown-based documentation designed to help developers quickly locate syntax patterns and API examples for common web technologies and programming languages. The repository serves as a specialized reference library covering several distinct technical domains. It includes extensive guides for CSS, focusing on selectors, Flexbox, Grid, and responsive layout properties, as well as a DevOps command reference for Docker, Kubernetes, AWS, Ansible, and general she
Tilt is a Kubernetes development orchestrator and containerized workflow manager that automates the build, deploy, and update loop for cloud-native services. It functions as an infrastructure-as-code environment, defining the entire local development setup as versioned code to synchronize local source changes with cluster deployments. The project distinguishes itself by offering live container updates, which sync files directly into running containers to bypass full image rebuilds and redeployments. It includes a cloud-native development dashboard for monitoring resource health, streaming agg
Exegol is an offensive security platform and containerized tooling orchestrator designed to deploy and manage isolated security operations environments. It functions as a workspace manager that provisions pre-configured security images and toolkits within Docker containers to protect host systems from malicious payloads. The platform distinguishes itself by integrating AI security workflow orchestration, allowing AI assistants to discover and trigger security tools through a standardized communication protocol. It further provides remote desktop gateway capabilities, enabling GUI access via X
Buildah is a tool for creating OCI-compliant container images without requiring a background daemon process. It functions as a daemonless image constructor and distribution tool, allowing users to build, push, and pull images between local storage and remote registries. The project distinguishes itself by supporting unprivileged image building through the use of user namespaces and rootless mode. It enables direct modification of container root filesystems by mounting them to the host, allowing images to be treated as directories that can be manipulated via standard shell commands or scripts.
go-containerregistry is a Go library and toolkit for interacting with OCI and Docker registries. It provides a programmatic implementation of the Open Container Initiative distribution specification to fetch, upload, and manage container images, manifests, and layers. The library functions as a container image manipulation tool and a multi-platform image index manager. It enables the resolution and management of manifest lists that target various hardware architectures and operating systems without requiring a local daemon. The toolkit covers a broad range of registry interactions, including
Libpod is a container management library for running and controlling the lifecycle of Open Container Initiative compliant containers and images across different storage backends. It provides a programmatic interface for the remote control and automation of container environments. The project enables the coordination of multiple containers into pods that share network namespaces and other shared resources. It supports rootless container execution by using user namespaces to launch containers without administrative privileges. The library covers a broad range of system operations, including im
Ramalama is a containerized runtime and management tool for large language models. It functions as an OCI AI model manager and registry client, allowing users to package, distribute, and execute AI models as standardized container images. The project differentiates itself by using OCI-compliant distribution for models and retrieval augmented generation assets, enabling the packaging of vector databases into immutable container images. It features hardware-aware image selection that automatically detects GPU or CPU capabilities to pull the most optimized image for the host environment. The sy
CRI-O is an open-source container runtime that implements the Kubernetes Container Runtime Interface (CRI) to manage container images, pods, and containers on cluster nodes using OCI-compatible runtimes. It serves as a node-level container manager that handles image pulling, container lifecycle, and resource monitoring for Kubernetes clusters, running containers according to the Open Container Initiative specifications. The runtime distinguishes itself through live configuration reloading that applies changes to runtime definitions, registry mirrors, and TLS certificates without restarting th
Dagger is a programmable CI/CD engine and containerized task runner designed to orchestrate build and test pipelines. It functions as an incremental build system that manages containers, filesystems, and secrets through a typed API to ensure consistent execution across local and cloud environments. The engine utilizes a language-agnostic client-server API to allow multi-language pipeline orchestration, enabling the sharing of typed artifacts and state across different SDKs without manual serialization. It optimizes execution through content-addressable caching and a directed acyclic graph to
Azure Docs is the official technical documentation repository for Microsoft Azure, the cloud computing platform. It provides comprehensive guidance on the full spectrum of Azure services, covering everything from core infrastructure components like virtual machines, Kubernetes clusters, and serverless computing to platform services for AI, machine learning, data analytics, and storage. The documentation details how to provision, manage, and govern cloud resources at scale, including policy enforcement, identity management, and cost optimization. The documentation distinguishes Azure through i
Moby is an OCI container engine and runtime manager designed for building, running, and managing isolated containers based on Open Container Initiative standards. It functions as a container daemon and image builder, providing a core engine to orchestrate the full lifecycle of containers and the packaging of source code into portable images. The project provides a standardized HTTP interface that allows for programmatic container management, enabling external clients to control daemon settings and container operations. It supports a rootless security model, allowing the engine daemon to execu
This project is a GitHub Action that automates the building and pushing of Docker container images to OCI registries. It functions as a multi-platform container builder and publisher using the Buildx engine to create images compatible with multiple hardware architectures. The tool distinguishes itself through software supply chain security features, including the generation of software bills of materials and provenance attestations to verify image integrity. It optimizes construction speed via remote cache management and supports secure secret injection to prevent sensitive data from persisti
Bocker is a minimal container management tool written in Bash that implements core container functionality using Linux namespaces and control groups. It serves as a Linux container manager capable of starting and managing isolated processes and images through low-level kernel features. The project includes an OCI image tool for pulling, saving, and building container images compatible with industry standards. It further integrates a cgroup resource controller to restrict CPU and memory consumption for isolated processes. The tool covers the full container lifecycle, including process isolati
Containerd is a daemon-based container runtime that manages the complete lifecycle of containers on a host system. It functions as a core orchestration backend, handling image distribution, storage, and process execution while adhering to industry-standard specifications for container execution and configuration. The project is distinguished by its modular, plugin-based architecture, which allows for the extension of storage, runtime, and networking capabilities without requiring a full daemon recompile. It utilizes a shim-based execution model to delegate low-level operations, ensuring isola
Skaffold is a command-line tool that automates the build, push, and deployment lifecycle for containerized applications on Kubernetes. It functions as a continuous development engine, monitoring source code for changes to trigger incremental updates, manifest hydration, and automated deployments to a cluster. By abstracting the underlying build and deployment tools, it provides a unified interface for managing the inner development loop. The platform distinguishes itself through its environment-aware configuration and flexible build orchestration. It supports diverse build strategies, includi
This project is a community-curated directory of open-source software designed for deployment in private server environments and home labs. It serves as a comprehensive resource for discovering independent, self-hosted alternatives to mainstream cloud services, enabling users to maintain full data ownership and control over their digital infrastructure. The directory is structured through a hierarchical taxonomy that organizes a vast collection of applications into logical categories, ranging from media management and data analytics to private communication and team productivity tools. It dis
Microsandbox is a runtime for creating and managing lightweight, hardware-isolated virtual machines — called sandboxes — that boot directly from standard OCI container images. Each sandbox runs as its own host process with a separate kernel, filesystem, and network stack, providing process-per-sandbox isolation. The project includes a command-line tool and multi-language SDKs (Rust, TypeScript, Python, Go) for programmatic lifecycle control, and it communicates with sandbox agents over Unix sockets using a CBOR-encoded protocol. What distinguishes Microsandbox is its combination of host-manag