30 open-source projects similar to hexops-graveyard/dockerfile, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Dockerfile alternative.
dockerlabs is a collection of educational labs and technical tutorials designed to teach the fundamentals of containerization and microservice architecture. It provides instructional material and hands-on exercises covering image optimization, security training, infrastructure setup, and cluster orchestration. The project features specific courses and guides focused on reducing image size through multi-stage builds, securing workloads via vulnerability scanning and encrypted networks, and deploying multi-node clusters with high availability using Swarm orchestration. The materials cover a br
This project is a collection of curated and standardized Docker base images that serve as reliable starting points for building containerized applications. It functions as an OCI container image repository and a build template library, providing a central source of truth for images that adhere to Open Container Initiative standards for portability. The project utilizes an automated image lifecycle pipeline to build, tag, and push images, ensuring that dependencies remain current and security patches are applied. It specifically supports cross-platform distribution by providing a multi-archite
Tini is a lightweight process management tool designed to act as the entrypoint for OCI compliant containers. It functions as a minimal init process that manages the lifecycle of a primary child process, preventing the root process from ignoring critical termination signals. The project focuses on signal proxying and zombie process reaping. It forwards system signals from the container runtime to child processes and process groups to ensure graceful shutdowns. Additionally, it automatically collects terminated child processes to prevent the process table from filling with defunct entries. Ti
This project is a cloud-native software distribution and an OCI container image library. It provides a collection of pre-configured, hardened container images and Docker Compose application stacks designed for consistent deployment across cloud and on-premises environments. The images are production-ready and compiled using standardized security configurations and vulnerability scanning to reduce attack surfaces. These hardened application images are designed to minimize manual setup and security risks during deployment. The project covers container vulnerability management, production-ready
This project is a Docker educational resource and a collection of practical examples designed for learning containerization technologies. It serves as a guide for understanding container fundamentals, including the creation and management of custom images and the use of registries. The repository provides specialized references for container security hardening, such as managing kernel privileges and implementing supply chain security. It also includes tutorials for multi-container orchestration and a DevOps guide focused on CI/CD automation and image optimization. The material covers a broad
dumb-init is a lightweight process supervisor and minimal init system designed to run as the primary process in a Linux container. It functions as a manager for the first process in a namespace, specifically handling the responsibilities of a Linux init system. The project focuses on signal proxying and the reclamation of zombie processes. It captures incoming system signals and relays or translates them to child process groups to ensure graceful application shutdown and termination. It manages the lifecycle of spawned applications by monitoring child processes and collecting terminated ones
This project is a comprehensive reference guide and cheat sheet for the Docker CLI. It provides a structured collection of commands and documentation to help users manage container lifecycles, build images, and handle registries. The documentation specifically covers the orchestration of multi-container applications using Docker Compose and the management of scalable services across multiple nodes via Docker Swarm. It also includes detailed guides for configuring virtual networks, bridges, and ports to control container communication. The reference surface extends to container image administ
This project is an administrative reference for Docker, providing guides and command references for system maintenance, image building, network configuration, and security hardening. It serves as a comprehensive manual for managing the container lifecycle and performing general system administration. The reference covers the construction and optimization of images through build files, layering strategies, and registry integration. It also provides instructions for configuring isolated virtual networks, mapping ports, and implementing security hardening using Linux capabilities and read-only f
This project is a Docker container image library providing official Dockerfiles and configurations for deploying enterprise software and database products. It serves as a source of container specifications and OCI compatible image repositories for packaging commercial application software into standardized container images. The repository specifically focuses on Oracle software containerization, offering pre-configured images and build scripts to deploy Oracle database instances in containerized environments. The project implements a standardized image build workflow and utilizes multi-stage
Finch is a virtual machine-based container runtime and OCI container management CLI used for local container development. It operates by running container workloads inside a background virtual machine to isolate them from the host operating system. The project serves as an OCI image builder and a multi-container service orchestrator for simulating complex production environments on a workstation. The runtime functions as a cross-platform container engine, utilizing emulation layers to execute container images built for foreign CPU architectures. It distinguishes its image distribution through
This project provides a standardized Python Docker image, serving as a Linux-based runtime environment for executing Python applications. It is an OCI-compliant container designed to ensure consistent software execution across different platforms. The images support containerized application deployment, enabling environment parity between local development and remote servers. This foundation allows for the creation of standardized build pipelines and the development of microservices architectures. The build process incorporates multi-stage builds and layered image hierarchies to manage image
This project provides a functional package manager and a reproducible build system designed to ensure identical build inputs always produce the same outputs. It serves as the foundation for a declarative Linux distribution where the entire system state is defined in a configuration file, enabling predictable deployments and full-system rollbacks. The system uses a deterministic functional language and a lazy-evaluation expression engine to manage software dependencies and isolate build environments. It distinguishes itself through a content-addressable store that allows multiple versions of s
This project is a collection of reference implementations and demonstration projects covering computer vision, DevOps automation, distributed systems, and Java-based microservices. It provides a programming reference library and practical examples for building server-side applications, containerizing services, and orchestrating clusters. The repository features a comprehensive toolset for DevOps automation, including scripts and playbooks for CI/CD pipelines and automated cluster installation. It includes a computer vision demo project for image object detection and facial analysis, as well a
Kitematic is a graphical user interface for managing and running Docker containers on desktop operating systems. It serves as a visual Docker management tool and API client that translates user interface interactions into REST API calls to control the Docker daemon without requiring the command line. The application is built as a cross-platform Electron desktop application, utilizing a Chromium-based shell to provide a consistent administrative interface across Mac and Windows. The software covers the full container lifecycle, including the creation, configuration, and monitoring of containe
This project provides official container images for the Node.js runtime and its package managers. It serves as a containerized JavaScript runtime that bundles the engine and dependencies to ensure consistent application execution across different CPU architectures and operating systems. The project offers a range of Linux-based runtime images, including full, slim, and minimal distributions, allowing users to balance package availability against disk footprint. To improve security, it provides a non-root application environment that executes processes as an unprivileged user. The available i
gosu is a Go-based user identity switcher and process wrapper designed to execute commands under a specific user and group identity. It functions as a lightweight binary for switching user identities and forwarding signals before executing a target process. The tool focuses on container entrypoint optimization and user management within Docker containers. It enables the execution of processes as non-root users while ensuring that operating system signals reach the child process and the target command is established as the primary process. The utility manages Linux process identity switching
mcp-context-forge is a Model Context Protocol federation gateway that unifies diverse AI tool servers and APIs into a single consistent interface for discovery and execution. It acts as a centralized proxy that aggregates multiple servers and APIs, allowing AI agents to access and invoke a unified set of tools, prompts, and resources. The project distinguishes itself through a multi-protocol translation bridge that converts communication between standard I/O, SSE, gRPC, and REST to enable interoperability between disparate tool servers. It includes a comprehensive LLM evaluation framework for
CRI-O is an open-source container runtime that implements the Kubernetes Container Runtime Interface (CRI) to manage container images, pods, and containers on cluster nodes using OCI-compatible runtimes. It serves as a node-level container manager that handles image pulling, container lifecycle, and resource monitoring for Kubernetes clusters, running containers according to the Open Container Initiative specifications. The runtime distinguishes itself through live configuration reloading that applies changes to runtime definitions, registry mirrors, and TLS certificates without restarting th
Werf is a container image builder, Kubernetes continuous delivery tool, and deployment orchestrator. It creates container images using Dockerfiles or assembly syntax and manages the automated rollout of applications to Kubernetes clusters by translating package definitions into resource manifests. The system differentiates itself through a multi-architecture build pipeline that integrates system emulators to produce images for different CPU architectures on a single host. It employs content-based tagging and layer caching to avoid uploading redundant image layers to remote registries. Beyond
This project is a container-based workspace orchestrator and a standard for defining development environments using Docker. It provides a mechanism to automate the build, launch, and management of isolated toolchains, ensuring that software dependencies and runtimes are separated from the local host system. The system enables the distribution of environment definitions, editor settings, and toolchain configurations via source control. This ensures portability and standardization across teams, allowing contributors to instantiate identical workspaces on different machines. It also supports rem
Tsuru is an open-source platform as a service for automating the build, deployment, and scaling of containerized applications. It functions as a container-based deployment engine and a management layer for Kubernetes, transforming source code into container images and coordinating their lifecycles. The platform is designed for multi-cloud infrastructure management, allowing applications to be distributed across different cloud providers and regions to increase resilience. It features a flexible deployment model that supports multi-process containers, enabling a single repository to run differ
Docker is an OCI container engine and runtime orchestrator used to build, run, and manage isolated applications. It functions as a container image builder for creating portable snapshots of applications and a registry manager for storing, versioning, and distributing those images across environments. The platform provides a centralized daemon to control the creation, execution, and termination of containerized workloads. It allows for the assembly of modular container systems by combining build tools, registries, and runtimes. Its core capabilities cover container image creation, registry ad
Devspace is a Kubernetes development workflow tool and declarative deployment orchestrator. It automates the build, deploy, and debug cycle for applications running inside Kubernetes clusters, functioning as a container image pipeline automator and a remote Kubernetes debugger. The project features a Kubernetes hot reloading engine that provides real-time code synchronization and bi-directional file synchronization between local filesystems and running containers. This allows for updates without requiring image rebuilds or restarts. It further enables environment parity by running build, test
Deis is an open-source, self-hosted Platform-as-a-Service that deploys and manages containerized applications on a CoreOS cluster using a Heroku-inspired git push workflow. It accepts application code via git push, automatically builds a Docker image, and runs it as a container on the cluster, with systemd and etcd providing service discovery and configuration management. The platform provides a developer experience modeled after Heroku, with a command-line interface for creating, scaling, configuring, and monitoring applications. It hosts a private Git remote per application that triggers th
This is a step-by-step tutorial that teaches Docker from the ground up, covering how to build images from Dockerfiles, run and manage containers, and connect them on user-defined networks. The guide walks through packaging applications into portable containers and using Docker Compose to define and orchestrate multi-service applications with a single YAML configuration. The curriculum extends into cloud deployment, explaining how to push images to registries like Docker Hub and deploy single-container applications to AWS Elastic Beanstalk as well as multi-container setups to AWS ECS. It also
jx is a GitOps delivery platform and Kubernetes CI/CD orchestrator designed to automate the building and deployment of applications. It functions as a cloud native pipeline manager that executes container-based build and deployment sequences using a catalog of reusable tasks. The project distinguishes itself through the automated orchestration of preview environments, which are created and destroyed based on pull request activity to enable validation before merging. It employs a GitOps-based state synchronization model to maintain the desired state of clusters by polling git repositories and
Buck is a multi-language build system and modular build orchestrator designed to compile and package software modules across different programming languages and hardware platforms. It functions as a hermetic build tool, isolating the build process from the host system to ensure consistent and reproducible outputs. The system manages polyglot software builds by organizing code into small, independent units to facilitate faster compilation. It operates as a cross-platform package manager that creates and distributes software components across various operating systems and language ecosystems.
Earthly is a containerized build system and Docker build framework designed for creating reproducible build pipelines. It ensures environment consistency by executing every build step inside an isolated container, combining the isolation of container images with dependency tracking and parallel execution. The system differentiates itself through a focus on hermeticity and multiplatform support, allowing for the generation of container images targeting multiple CPU architectures within a single execution flow. It maintains a hermetic build environment by isolating network access and utilizing
Dockerode is a Node.js library that provides programmatic management of Docker containers, images, and volumes by acting as a wrapper for the Docker Remote API. It enables JavaScript applications to interact with a Docker engine via Unix sockets or TCP network interfaces. The project covers container lifecycle management, including launching instances and executing commands with bidirectional input and output streaming. It also provides capabilities for building container images, pulling images from registries, and configuring virtual networks. Additional functionality includes the coordinat
Distroless provides a collection of security-hardened, minimal base container images designed to reduce attack surfaces by excluding non-essential system utilities, package managers, and shells. These images are constructed to contain only an application and its specific runtime dependencies, enforcing the principle of least privilege by configuring environments for non-root execution. The project distinguishes itself through a focus on supply chain integrity and reproducible builds. It utilizes declarative build configurations to track package versions and validates container image integrity