30 open-source projects similar to docker/docker, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Docker alternative.
Docker CE is an OCI compliant container platform and runtime engine used for building and running applications within isolated environments. It functions as a Linux container orchestrator and provides a command-line interface to manage the entire lifecycle of running application instances. The platform enables containerized application deployment and cross-platform software distribution by packaging software with its dependencies. It supports microservices architecture management and the creation of reproducible local development environments. The system includes capabilities for application
This project is a Docker educational resource and a collection of practical examples designed for learning containerization technologies. It serves as a guide for understanding container fundamentals, including the creation and management of custom images and the use of registries. The repository provides specialized references for container security hardening, such as managing kernel privileges and implementing supply chain security. It also includes tutorials for multi-container orchestration and a DevOps guide focused on CI/CD automation and image optimization. The material covers a broad
Incus is a unified orchestration platform for managing system containers, OCI application containers, and virtual machines through a single control plane. It brings together cluster infrastructure management, secure multi-tenancy, software-defined networking, and pluggable storage backend orchestration into one cohesive system exposed via a full REST API and command-line interface. What distinguishes Incus is its ability to run multiple instance types side by side—full Linux system containers, OCI application containers, and QEMU virtual machines—all managed with consistent tooling. Networkin
crun is a low-level container runtime that implements the Open Container Initiative specification for managing the lifecycle of isolated processes. It provides the core mechanisms for container creation, execution, and deletion, ensuring compatibility across platforms through standardized lifecycle management. The project distinguishes itself by offering a shared C library that allows container runtime operations to be embedded directly into other compiled applications. It further extends execution capabilities through specialized handlers that enable the deployment of containers within isola
Moby is an OCI container engine and runtime manager designed for building, running, and managing isolated containers based on Open Container Initiative standards. It functions as a container daemon and image builder, providing a core engine to orchestrate the full lifecycle of containers and the packaging of source code into portable images. The project provides a standardized HTTP interface that allows for programmatic container management, enabling external clients to control daemon settings and container operations. It supports a rootless security model, allowing the engine daemon to execu
Containerd is a daemon-based container runtime that manages the complete lifecycle of containers on a host system. It functions as a core orchestration backend, handling image distribution, storage, and process execution while adhering to industry-standard specifications for container execution and configuration. The project is distinguished by its modular, plugin-based architecture, which allows for the extension of storage, runtime, and networking capabilities without requiring a full daemon recompile. It utilizes a shim-based execution model to delegate low-level operations, ensuring isola
Boto3 is the AWS SDK for Python, providing a programmatic interface for managing and automating AWS cloud infrastructure and services. It serves as a cloud management API client and resource manager for provisioning, configuring, and scaling virtual servers, databases, and storage. The library enables the implementation of infrastructure-as-code through declarative templates and scripts, allowing for the deployment of identical resource stacks across multiple accounts and geographic regions. It also provides a framework for coordinating distributed workflows, serverless functions, and contain
Minikube is a command-line tool designed for local Kubernetes development, enabling users to provision and manage full-featured container clusters directly on a workstation. It serves as a local orchestrator that automates the lifecycle of isolated environments, allowing developers to start, stop, pause, and delete clusters to support testing and integration workflows. The project distinguishes itself through its flexible architecture, which supports multiple virtualization drivers and container runtimes to accommodate diverse host environments. It provides deep integration between the host a
Docker Compose is a tool for defining and running multi-container applications through declarative configuration files. It functions as an application lifecycle manager, coordinating the startup, shutdown, and scaling of interconnected services within isolated environments. By using a standardized configuration format, it enables infrastructure as code, allowing developers to manage complex application stacks and their dependencies in a single, repeatable file. The project distinguishes itself by integrating directly with the broader Docker platform, leveraging a client-server architecture wh
k3d is a containerized Kubernetes orchestrator and wrapper that manages the lifecycle of k3s nodes and servers within container runtimes. It serves as a tool for deploying and destroying multi-node Kubernetes environments on a single machine for local development and testing. The project distinguishes itself by wrapping k3s to provide integrated networking, resource limit control, and local registry orchestration. It enables multi-node cluster simulation by wrapping nodes as isolated containers and using host-entry injection and port proxying to route host TCP and UDP traffic into the cluster
Buildkit is a programmable container build toolkit and OCI container image builder that converts build definitions into concurrent dependency graphs for image construction. It functions as an OCI image distribution engine, capable of generating container images and exporting artifacts to local storage or remote registries. The project is distinguished by its use of a low-level binary intermediate representation to decouple high-level build languages from the execution engine. It supports multi-platform image builds through user-mode architecture emulation and provides a distributed build cach
Libpod is a container management library for running and controlling the lifecycle of Open Container Initiative compliant containers and images across different storage backends. It provides a programmatic interface for the remote control and automation of container environments. The project enables the coordination of multiple containers into pods that share network namespaces and other shared resources. It supports rootless container execution by using user namespaces to launch containers without administrative privileges. The library covers a broad range of system operations, including im
Youki is a low-level container runtime written in Rust that creates and manages isolated containers according to Open Container Initiative specifications. It serves as an execution engine that can function as a rootless container manager or a pluggable Kubernetes CRI runtime to manage pods and containers within a cluster. The project distinguishes itself by providing a Wasm container runtime capable of executing WebAssembly modules as isolated workloads compatible with standard orchestration tools. It further supports a rootless execution model, allowing isolated environments to start as non-
Buildah is a tool for creating OCI-compliant container images without requiring a background daemon process. It functions as a daemonless image constructor and distribution tool, allowing users to build, push, and pull images between local storage and remote registries. The project distinguishes itself by supporting unprivileged image building through the use of user namespaces and rootless mode. It enables direct modification of container root filesystems by mounting them to the host, allowing images to be treated as directories that can be manipulated via standard shell commands or scripts.
Distribution is an open-source container image registry that implements the OCI Distribution Specification, enabling any OCI-compatible client to push, pull, and manage container images over standard protocols. It serves as a content distribution toolkit for packaging, shipping, storing, and delivering container content across networked environments, storing and retrieving content by its cryptographic hash for integrity and deduplication. The registry separates image metadata from bulk data to enable efficient validation and partial pulls, and supports resumable blob uploads with chunked tran
Awesome Compose is a collection of resources designed to demonstrate the orchestration of multi-container applications. It serves as a practical reference for using declarative configuration files to define, manage, and deploy complex software stacks, ensuring that services run consistently across development, testing, and production environments. The project highlights the capabilities of container lifecycle management by providing examples of how to bundle software with its dependencies into isolated, portable units. It emphasizes the use of multi-stage build pipelines to optimize image siz
This project is a comprehensive reference guide and cheat sheet for the Docker CLI. It provides a structured collection of commands and documentation to help users manage container lifecycles, build images, and handle registries. The documentation specifically covers the orchestration of multi-container applications using Docker Compose and the management of scalable services across multiple nodes via Docker Swarm. It also includes detailed guides for configuring virtual networks, bridges, and ports to control container communication. The reference surface extends to container image administ
This project is a container image registry and server-side storage system designed to house container images, layers, and manifests. It functions as an OCI compliant registry server that adheres to the Open Container Initiative Distribution Specification to store and deliver content over HTTP. The system provides a self-hosted solution for managing private libraries of container images within professional-grade infrastructure. It is designed to enable the development of custom registries by extending a base toolkit with specialized libraries and business logic. The registry covers image dist
dockerlabs is a collection of educational labs and technical tutorials designed to teach the fundamentals of containerization and microservice architecture. It provides instructional material and hands-on exercises covering image optimization, security training, infrastructure setup, and cluster orchestration. The project features specific courses and guides focused on reducing image size through multi-stage builds, securing workloads via vulnerability scanning and encrypted networks, and deploying multi-node clusters with high availability using Swarm orchestration. The materials cover a br
Pouch is a Linux container runtime and OCI container engine designed to execute containerized applications. It functions as a Kubernetes container runtime, integrating with orchestrators to manage the lifecycle of pods and isolated application environments. The project features a peer-to-peer image distribution system to deliver large container images across large-scale clusters while reducing bandwidth load. It also provides support for legacy Linux kernel versions, allowing modern container runtimes to maintain compatibility with older hardware. The runtime implements application isolation
Dokploy is a self-hosted platform-as-a-service designed to simplify the deployment and management of containerized applications and databases. It provides a centralized control plane that decouples administrative management from application workloads, allowing users to oversee infrastructure across multiple server nodes through a unified web interface or a command-line tool. The platform distinguishes itself through an extensive library of pre-configured application templates, enabling the rapid deployment of databases, identity providers, and various productivity or development tools. It sup
This project provides a standardized Python Docker image, serving as a Linux-based runtime environment for executing Python applications. It is an OCI-compliant container designed to ensure consistent software execution across different platforms. The images support containerized application deployment, enabling environment parity between local development and remote servers. This foundation allows for the creation of standardized build pipelines and the development of microservices architectures. The build process incorporates multi-stage builds and layered image hierarchies to manage image
LXC is an OS-level virtualization framework and Linux container manager used to run multiple isolated Linux systems on a single host. It functions as a kernel namespace orchestrator and unprivileged container runtime, allowing for the creation and management of system containers without the overhead of a hypervisor. The project provides unprivileged container execution by mapping container root users to unprivileged host users to prevent host system access. It ensures security through system call filtering and root user isolation, enabling containers to run without requiring host root privile
This project is a comprehensive collection of tutorials and guided laboratories designed to teach containerization, networking, and security using Docker. It serves as a learning path for building portable images and executing isolated processes. The materials provide specific guides for managing container clusters and scaling services through Docker Swarm and overlay networks. It includes a security handbook for implementing image scanning and secret management, as well as laboratories dedicated to modernizing legacy applications by wrapping older software installers into containers. The co
Deis is an open-source, self-hosted Platform-as-a-Service that deploys and manages containerized applications on a CoreOS cluster using a Heroku-inspired git push workflow. It accepts application code via git push, automatically builds a Docker image, and runs it as a container on the cluster, with systemd and etcd providing service discovery and configuration management. The platform provides a developer experience modeled after Heroku, with a command-line interface for creating, scaling, configuring, and monitoring applications. It hosts a private Git remote per application that triggers th
This project is a Buildroot-based Linux distribution and embedded home server operating system designed to host containerized home automation services. It serves as a dedicated platform that manages the hardware and software requirements of a local smart home hub. The system is built as an immutable operating system, utilizing a read-only root filesystem and image-based updates to ensure consistent versioning and prevent accidental changes. It employs container-based process isolation to decouple applications from the core operating system. The platform provides a supervised container manage
Bocker is a minimal container management tool written in Bash that implements core container functionality using Linux namespaces and control groups. It serves as a Linux container manager capable of starting and managing isolated processes and images through low-level kernel features. The project includes an OCI image tool for pulling, saving, and building container images compatible with industry standards. It further integrates a cgroup resource controller to restrict CPU and memory consumption for isolated processes. The tool covers the full container lifecycle, including process isolati
This project is a collection of curated and standardized Docker base images that serve as reliable starting points for building containerized applications. It functions as an OCI container image repository and a build template library, providing a central source of truth for images that adhere to Open Container Initiative standards for portability. The project utilizes an automated image lifecycle pipeline to build, tag, and push images, ensuring that dependencies remain current and security patches are applied. It specifically supports cross-platform distribution by providing a multi-archite
rkt is a pod-native container engine and runtime for Linux that executes containerized applications as isolated pods. It serves as an OCI container runtime and a Linux container manager, supporting the execution of images based on Open Container Initiative, appc, and Docker specifications. The project distinguishes itself by offering hardware-level container isolation, allowing pods to run within virtual machines using KVM or QEMU for a dedicated kernel. It further separates itself through secure container deployment practices, utilizing SELinux mandatory access control and TPM-backed integri