dotnet/dotnet-docker

Features

• NET Container Deployments - Packages and runs .NET applications in isolated environments using optimized images for various Linux and Windows distributions.
• Containerized Runtime Collections - Provides a comprehensive collection of official base images for building and running .NET applications across various platforms.
• Containerized SDK Environments - Allows compiling and testing applications using pre-configured SDK images to avoid installing development tools on the host.
• Native AOT Compilation - Provides native AOT compilation to increase application startup speed and lower memory usage within container images.
• Container Base Images - Provides stripped-down base images containing only essential packages to reduce security risks and startup time.
• Distroless Base Images - Provides minimal distroless base images that remove shells and package managers to reduce the security attack surface.
• Multi-Architecture Images - Provides multi-platform image manifests that support multiple CPU architectures and Linux distributions.
• Image Generation - Generates optimized container images for various application types and target platforms across different architectures.
• Container Execution - Provides optimized images for multiple Linux distributions to support diverse hosting environments.
• Container Image Optimizers - Reduces image size and startup time by using minimal, distroless, or composite .NET runtime images.
• Multi-Architecture Container Builds - Generates container images targeting multiple hardware architectures and operating system distributions through cross-compilation.
• Multi-Architecture Hardware Targeting - Supports various CPU architectures to ensure application portability across different hardware targets.
• Windows Container Orchestration - Provides images based on Nano Server or Windows Server Core for performance and compatibility.
• .NET Runtimes - Provides the minimal execution environments necessary to run .NET applications in isolated containers.
• SDK Images - Ships pre-configured SDK images to enable application compilation and testing without requiring host-level tool installation.
• Attack Surface Analysis - Reduces the security attack surface by providing distroless images that contain only essential packages.
• Non-Root Container Execution Environments - Enforces least-privilege access by executing applications as a default non-privileged user.
• Container Hardening - Provides base images designed to reduce the attack surface by removing unnecessary shells and package managers.
• Containerized Development Environments - Enables running multi-project solutions and test suites within SDK containers, including local HTTPS support.
• Package and Version Identification - Locates specific binary packages within images to distinguish between those installed by the OS and the application.
• Base Image Variants - Provides a range of base images with varying levels of package availability and size to balance footprint and flexibility.
• Composite Image Layering - Combines framework binaries and runtimes into optimized composites to reduce total container disk usage.
• Multi-Stage Container Builds - Implements multi-stage build patterns to separate compilation tools from final runtimes, reducing the production image size.
• Container Deployment - Offers specialized container images with different size and flexibility profiles optimized for development or production.
• Container Deployment Configurations - Utilizes pre-configured container images for hosting and running applications in isolated environments.
• Startup Optimization - Uses composite layering and pre-compiled binaries to optimize application startup speed and resource usage.
• Diagnostic Appliance Images - Provides ready-to-use images containing pre-installed diagnostic tools and dashboards for monitoring applications.
• Image Size Optimization - Offers various image variants, including distroless versions, to minimize deployment footprints and security risks.
• Container Image Distribution - Supports pushing built images to public or private registries for sharing and deployment.
• Integrated Container Publishing - Allows generating container images directly from the development kit using publish profiles without a separate Dockerfile.
• Self-Contained Bundles - Provides the minimum native OS dependencies required to run applications that include their own runtime.
• Sidecar Containers - Allows deploying diagnostic tools as sidecar containers to inspect and collect telemetry without modifying the application.
• Distribution Optimization - Provides optimized container images based on specific Linux distributions for various roles and versions.
• Runtime Installers - Facilitates setting up the necessary software environment and dependencies within a Dockerfile to execute applications.
• Native Dependency Management - Supplies the minimum native libraries required to run self-contained applications without the full development framework.
• Container Security - Enables secure HTTPS communication by binding certificates into containers via mount points instead of embedding keys.
• Container Image Vulnerability Scanners - Provides package installation metadata within images to enable security tools to identify and report known CVEs.
• Application Diagnostics - Implements sidecar patterns and specialized tools to capture telemetry and memory dumps from running containers.
• Trace Snapshot Capturers - Captures process dumps and traces via a web API to debug runtime behavior in production environments.
• Internal Telemetry Monitors - Exposes run-time information, logs, and telemetry through a browser-based interface for distributed applications.
• Build Automation - Official base images for containerizing .NET applications.

Star history