30 open-source projects similar to openshift/origin, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Origin alternative.
NATS Server is a high-performance, lightweight messaging system designed for cloud-native applications, edge computing, and distributed microservices. It functions as a distributed publish-subscribe broker that routes messages using hierarchical, dot-separated subject strings, enabling decoupled communication between services without requiring centralized broker lookups. The system supports core messaging patterns including asynchronous publish-subscribe, request-reply, and load-balanced queue processing. The platform distinguishes itself through a decentralized architecture that eliminates t
The Operator SDK is a framework for building, packaging, and managing custom controllers that extend the Kubernetes API. It serves as a toolset for defining new API types and implementing reconcile loops to automate the lifecycles of complex applications. The project provides specialized support for creating operators based on Helm charts or Ansible playbooks, allowing users to maintain a desired cluster state using existing automation tools. It includes a dedicated system for packaging controllers into standardized container image bundles for distribution via the Operator Lifecycle Manager.
Quarkus is a Kubernetes-native Java framework designed for building high-performance, memory-efficient applications. It utilizes ahead-of-time native compilation to transform Java code into standalone, optimized binaries that eliminate the need for a virtual machine, enabling rapid startup and reduced memory consumption. By performing code augmentation during the build phase, it shifts heavy processing tasks away from runtime, ensuring that applications are optimized for cloud-native environments. The framework distinguishes itself through a unified approach to reactive and imperative program
Rainbond is a Kubernetes-native application platform that deploys and manages containerized applications through a graphical interface, abstracting Kubernetes complexity so users can work without needing to learn Kubernetes commands or concepts. It provides a complete application lifecycle management system covering development, architecture, delivery, and operations from a single unified web interface, with automated workflows that handle cluster provisioning, application deployment, and ongoing management. The platform distinguishes itself through its application marketplace, which packages
Flynn is an open-source Platform as a Service (PaaS) that automates the full lifecycle of containerized applications across any infrastructure. It functions as a container orchestration platform, scheduling and managing application containers with isolated filesystem and network stacks, while also providing a health-checked service discovery router that directs traffic only to healthy container instances. The platform is built around a Git-push deployment model, where pushing code to a configured repository triggers an automated build-test-deploy cycle. It supports declarative scaling, allowi
This project is a set of deployment tools for initializing and configuring local Kubernetes environments specifically within Docker Desktop for Mac and Windows. It functions as a local cluster bootstrapper that installs essential components including the Kubernetes dashboard, ingress controllers, and the Istio service mesh. The toolkit includes a container image mirroring system that remaps registries to mirrors, allowing the environment to bypass network restrictions and accelerate image pulls during the bootstrapping process. Broad capabilities cover microservices environment setup, includ
KubeSphere is a distributed operating system for cloud-native application management that provides a centralized control plane for Kubernetes clusters. It functions as a comprehensive DevOps portal, enabling teams to orchestrate containerized workloads, manage CI/CD pipelines, and enforce security policies across hybrid cloud, datacenter, and edge environments. The platform distinguishes itself through its multi-cluster federation capabilities and robust multi-tenancy model, which allow for logical resource isolation and granular access control across shared infrastructure. It integrates a mo
Cluster API is a declarative framework and multi-cluster management system for automating the creation, scaling, and destruction of Kubernetes clusters across diverse infrastructures. It acts as a cluster provisioning orchestrator and infrastructure provisioner, using a centralized management cluster to operate the full lifecycle of multiple remote workload clusters. The project employs a provider-based plugin architecture that decouples core orchestration logic from specific cloud or bare-metal implementations. This allows the system to standardize the deployment of control planes, the boots
This project is a distributed computing platform designed to orchestrate containerized workloads across heterogeneous hardware clusters. It functions as a centralized control plane that manages resource allocation, scheduling, and execution environments, enabling organizations to share high-performance computing infrastructure securely among multiple users and projects. The platform distinguishes itself through advanced hardware virtualization and multi-tenant management capabilities. It supports the partitioning of physical graphics processing units into fractional slices, allowing multiple
Pigsty is a full-stack orchestration suite for deploying, monitoring, and managing high-availability PostgreSQL clusters and their supporting infrastructure. It functions as a cluster management platform and high-availability suite that automates failover, manages virtual IPs, and ensures data consistency through distributed consensus. The project distinguishes itself by providing a comprehensive database infrastructure-as-code framework and a dedicated observability stack. It incorporates a backup and recovery manager supporting point-in-time recovery via S3-compatible object storage, alongs
This project is a collection of curated and standardized Docker base images that serve as reliable starting points for building containerized applications. It functions as an OCI container image repository and a build template library, providing a central source of truth for images that adhere to Open Container Initiative standards for portability. The project utilizes an automated image lifecycle pipeline to build, tag, and push images, ensuring that dependencies remain current and security patches are applied. It specifically supports cross-platform distribution by providing a multi-archite
Kubero is a self-hosted Platform as a Service (PaaS) that simplifies the deployment, scaling, and management of containerized applications on Kubernetes. It functions as an application manager, CI/CD orchestrator, and multi-tenant manager, allowing users to run workloads without writing manual configuration files. The platform distinguishes itself through automated image synthesis, transforming source code from Git repositories into deployable containers via buildpacks, Dockerfiles, or nixpacks. It implements a GitOps delivery model with automated pipelines that trigger builds on push events
The AWS Load Balancer Controller is a Kubernetes controller that automates the provisioning and lifecycle management of cloud-native load balancing resources. It functions as an infrastructure orchestrator, translating declarative cluster configurations into specific requests for external cloud services to route traffic into containerized workloads. By implementing standard ingress and gateway specifications, the system ensures that cluster networking adheres to official industry standards for HTTP, HTTPS, and transport-layer traffic. The controller distinguishes itself through its deep integ
Incus is a unified orchestration platform for managing system containers, OCI application containers, and virtual machines through a single control plane. It brings together cluster infrastructure management, secure multi-tenancy, software-defined networking, and pluggable storage backend orchestration into one cohesive system exposed via a full REST API and command-line interface. What distinguishes Incus is its ability to run multiple instance types side by side—full Linux system containers, OCI application containers, and QEMU virtual machines—all managed with consistent tooling. Networkin
Karmada is a Kubernetes multi-cluster orchestrator and multi-cloud cluster manager designed to deploy and manage cloud-native applications across multiple clusters and cloud providers. It serves as a centralized control plane that functions as a resource propagator and workload scheduler, coordinating resources across public clouds, on-premises data centers, and edge locations. The project distinguishes itself through a policy-based engine that distributes applications using affinity, topology constraints, and resource quotas. It provides specific capabilities for multi-region disaster recove
dockerlabs is a collection of educational labs and technical tutorials designed to teach the fundamentals of containerization and microservice architecture. It provides instructional material and hands-on exercises covering image optimization, security training, infrastructure setup, and cluster orchestration. The project features specific courses and guides focused on reducing image size through multi-stage builds, securing workloads via vulnerability scanning and encrypted networks, and deploying multi-node clusters with high availability using Swarm orchestration. The materials cover a br
Datree is a policy enforcement framework for Kubernetes that validates configurations against rules written in Rego, JSON Schema, or CEL. It operates as both a command-line tool for pre-deployment scanning and as a cluster-side admission webhook for real-time enforcement, integrating with CI/CD pipelines and continuous delivery tools like ArgoCD and FluxCD. The framework supports namespace-scoped policy mapping, allowing different policies to apply to different namespaces, and provides a skip annotation mechanism for selectively bypassing rules on individual resources or entire namespaces. It
Meshery is a service mesh management plane and cloud native infrastructure orchestrator. It provides a visual design-as-code environment for modeling microservices and infrastructure components through declarative blueprints, functioning as a centralized platform for designing, deploying, and managing service mesh infrastructure. The platform is distinguished by its ability to translate visual designs into active deployments and its use of gRPC-based adapters to integrate with diverse infrastructure providers. It features a multi-tenant architecture that manages shared workspaces and role-bas
LXC is an OS-level virtualization framework and Linux container manager used to run multiple isolated Linux systems on a single host. It functions as a kernel namespace orchestrator and unprivileged container runtime, allowing for the creation and management of system containers without the overhead of a hypervisor. The project provides unprivileged container execution by mapping container root users to unprivileged host users to prevent host system access. It ensures security through system call filtering and root user isolation, enabling containers to run without requiring host root privile
This project is a security compliance tool and configuration auditor designed to evaluate Docker deployments against industry security benchmarks. It functions as a script-based scanner that identifies misconfigurations and vulnerabilities within both the host operating system and container settings. The tool specifically implements the Center for Internet Security standards for Docker to verify host and container configurations. It enables a hardening workflow by comparing system states against these standards to identify security gaps and document compliance status. The audit engine suppor
Kubescape is a Kubernetes security posture management platform designed to scan clusters, manifests, and images for misconfigurations, vulnerabilities, and compliance risks. It functions as a comprehensive security suite incorporating a compliance scanner, a container image vulnerability scanner, an admission controller for policy enforcement, and a runtime security monitor. The platform distinguishes itself through runtime-aware vulnerability filtering, which maps libraries loaded in memory to determine if vulnerabilities are actually reachable. It also integrates with AI assistants via a Mo
VictoriaMetrics is a high-performance, scalable time series database and observability platform designed for long-term storage and analysis of metric, log, and trace data. It functions as a unified backend for monitoring ecosystems, offering full compatibility with industry-standard protocols and query languages. The system is built to handle massive data volumes through a distributed architecture that supports horizontal scaling and efficient data lifecycle management. The platform distinguishes itself through a storage engine that utilizes consistent hashing for data sharding and log-struct
This project provides a comprehensive architectural blueprint and implementation set for building a platform-as-a-service on Kubernetes. It serves as a technical resource for deploying container orchestration environments, managing the full software development lifecycle, and integrating a complete DevOps toolchain. The implementation emphasizes automated software delivery through the integration of build and delivery pipelines, private container registries, and distributed configuration systems. It enables the decoupling of application settings from images via a centralized configuration man
This project provides a comprehensive guide and set of scripts for deploying and configuring a production-ready Kubernetes cluster from scratch. It centers on establishing a functional environment by installing core management components, storage, and networking across multiple nodes. The implementation emphasizes high availability for the control plane, utilizing layer-4 load balancing and leader election for the API server, scheduler, and controller manager. It further ensures reliability through the deployment of a distributed key-value store for persistent runtime data. The project cover
Presto is a distributed SQL query engine designed for high-performance analytical processing across heterogeneous data sources. It functions as a data federation platform and massively parallel processing engine, allowing users to execute interactive queries against diverse storage systems without requiring data migration. By mapping remote metadata and structures to a unified relational namespace, it enables seamless cross-platform analysis through a standard SQL interface. The engine distinguishes itself through a pluggable connector architecture and a shared-nothing distributed processing
Portainer is a unified infrastructure management platform that provides a centralized control plane for deploying, monitoring, and managing containerized applications. It functions as an orchestration-abstraction layer, translating user actions into platform-specific API calls to maintain consistency across diverse container runtimes and cluster technologies. By organizing users, teams, and resources into a single interface, it enables granular role-based access control and lifecycle management for containerized services and stacks. The platform distinguishes itself through its support for di
Docker Compose is a tool for defining and running multi-container applications through declarative configuration files. It functions as an application lifecycle manager, coordinating the startup, shutdown, and scaling of interconnected services within isolated environments. By using a standardized configuration format, it enables infrastructure as code, allowing developers to manage complex application stacks and their dependencies in a single, repeatable file. The project distinguishes itself by integrating directly with the broader Docker platform, leveraging a client-server architecture wh
Nomad is a distributed workload orchestrator and infrastructure automation platform designed to manage the lifecycle of applications across large-scale, heterogeneous environments. It functions as a multi-cloud orchestration engine, providing a unified control plane to deploy, scale, and govern containers, virtual machines, and legacy applications. By utilizing declarative job specifications, the system ensures infrastructure convergence and maintains the desired state across distributed data centers and geographic regions. The platform distinguishes itself through a flexible, plugin-based ar
Redis is a high-performance in-memory key-value store that functions as a distributed cache, message broker, and NoSQL database. It provides sub-millisecond read and write access to data stored in RAM and can operate as a vector database for indexing high-dimensional embeddings. The system supports a wide range of data storage and synchronization primitives, including the management of strings, hashes, lists, sets, and JSON documents. It enables real-time data operations through atomic transactions, hybrid persistence using snapshots and append-only logs, and high-availability configurations
This project is a Kubernetes controller that automates the issuance, renewal, and lifecycle management of TLS certificates. It functions as a native extension to the cluster API, using custom resource definitions and reconciliation loops to maintain the desired state of certificates and trust bundles across distributed services. By integrating directly with the cluster's admission control and secret storage systems, it ensures that cryptographic identities are consistently provisioned and available for application workloads. The project distinguishes itself through its extensive support for a