30 open-source projects similar to wsargent/docker-cheat-sheet, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Docker Cheat Sheet alternative.
This project is a Docker educational resource and a collection of practical examples designed for learning containerization technologies. It serves as a guide for understanding container fundamentals, including the creation and management of custom images and the use of registries. The repository provides specialized references for container security hardening, such as managing kernel privileges and implementing supply chain security. It also includes tutorials for multi-container orchestration and a DevOps guide focused on CI/CD automation and image optimization. The material covers a broad
dockerlabs is a collection of educational labs and technical tutorials designed to teach the fundamentals of containerization and microservice architecture. It provides instructional material and hands-on exercises covering image optimization, security training, infrastructure setup, and cluster orchestration. The project features specific courses and guides focused on reducing image size through multi-stage builds, securing workloads via vulnerability scanning and encrypted networks, and deploying multi-node clusters with high availability using Swarm orchestration. The materials cover a br
Exegol is an offensive security platform and containerized tooling orchestrator designed to deploy and manage isolated security operations environments. It functions as a workspace manager that provisions pre-configured security images and toolkits within Docker containers to protect host systems from malicious payloads. The platform distinguishes itself by integrating AI security workflow orchestration, allowing AI assistants to discover and trigger security tools through a standardized communication protocol. It further provides remote desktop gateway capabilities, enabling GUI access via X
This project is a comprehensive collection of web development reference guides and technical cheat sheets. It provides a curated set of markdown-based documentation designed to help developers quickly locate syntax patterns and API examples for common web technologies and programming languages. The repository serves as a specialized reference library covering several distinct technical domains. It includes extensive guides for CSS, focusing on selectors, Flexbox, Grid, and responsive layout properties, as well as a DevOps command reference for Docker, Kubernetes, AWS, Ansible, and general she
This project is a comprehensive collection of tutorials and guided laboratories designed to teach containerization, networking, and security using Docker. It serves as a learning path for building portable images and executing isolated processes. The materials provide specific guides for managing container clusters and scaling services through Docker Swarm and overlay networks. It includes a security handbook for implementing image scanning and secret management, as well as laboratories dedicated to modernizing legacy applications by wrapping older software installers into containers. The co
This project is a collection of curated and standardized Docker base images that serve as reliable starting points for building containerized applications. It functions as an OCI container image repository and a build template library, providing a central source of truth for images that adhere to Open Container Initiative standards for portability. The project utilizes an automated image lifecycle pipeline to build, tag, and push images, ensuring that dependencies remain current and security patches are applied. It specifically supports cross-platform distribution by providing a multi-archite
This is a step-by-step tutorial that teaches Docker from the ground up, covering how to build images from Dockerfiles, run and manage containers, and connect them on user-defined networks. The guide walks through packaging applications into portable containers and using Docker Compose to define and orchestrate multi-service applications with a single YAML configuration. The curriculum extends into cloud deployment, explaining how to push images to registries like Docker Hub and deploy single-container applications to AWS Elastic Beanstalk as well as multi-container setups to AWS ECS. It also
Dry is a container lifecycle manager and cluster orchestrator designed to control groups of containers, services, and stacks across multiple nodes. It functions as a resource manager for inspecting and cleaning up images, persistent volumes, and network configurations, while providing a terminal-based dashboard for monitoring system events and resource usage. The project enables the coordination of distributed workloads through service-stack grouping and cluster orchestration. It provides a centralized control plane to synchronize the deployment and scaling of complex application architecture
Podman Desktop is a graphical user interface for building, managing, and deploying containers and Kubernetes clusters from a local workstation. It serves as a container engine manager and a Kubernetes cluster dashboard, providing a visual environment for tasks typically handled via the command line. The project includes a container extension framework that allows users to integrate additional tools and capabilities into the management environment through a plugin system and extension catalog. The software covers the full container lifecycle, including image building and pushing to registries
VictoriaMetrics is a high-performance, scalable time series database and observability platform designed for long-term storage and analysis of metric, log, and trace data. It functions as a unified backend for monitoring ecosystems, offering full compatibility with industry-standard protocols and query languages. The system is built to handle massive data volumes through a distributed architecture that supports horizontal scaling and efficient data lifecycle management. The platform distinguishes itself through a storage engine that utilizes consistent hashing for data sharding and log-struct
This project is an AI-powered IDE extension and LLM coding assistant that provides a conversational interface for generating, refactoring, and debugging code. It functions as an AI agent framework and a Model Context Protocol client, connecting AI models to external data sources and tools to automate complex development tasks. The system is distinguished by its use of autonomous AI agents capable of multi-step task execution, including the ability to read files, modify code, and run terminal commands iteratively. It supports recursive agent orchestration through subagent delegation and employ
rkt is a pod-native container engine and runtime for Linux that executes containerized applications as isolated pods. It serves as an OCI container runtime and a Linux container manager, supporting the execution of images based on Open Container Initiative, appc, and Docker specifications. The project distinguishes itself by offering hardware-level container isolation, allowing pods to run within virtual machines using KVM or QEMU for a dedicated kernel. It further separates itself through secure container deployment practices, utilizing SELinux mandatory access control and TPM-backed integri
testcontainers-go is a Docker integration testing library for Go designed to provision and manage disposable containerized infrastructure. It functions as a container lifecycle manager and ephemeral infrastructure provisioner, allowing developers to programmatically create, start, and destroy containers as dependencies for automated integration tests. The library acts as a Docker network orchestrator by mapping container ports to random host ports and resolving network endpoints for test clients. This capability enables parallel test execution by preventing network collisions and ensures that
Bocker is a minimal container management tool written in Bash that implements core container functionality using Linux namespaces and control groups. It serves as a Linux container manager capable of starting and managing isolated processes and images through low-level kernel features. The project includes an OCI image tool for pulling, saving, and building container images compatible with industry standards. It further integrates a cgroup resource controller to restrict CPU and memory consumption for isolated processes. The tool covers the full container lifecycle, including process isolati
Slim is a comprehensive suite for container lifecycle management, providing tools for image inspection, optimization, security hardening, and service troubleshooting. It functions as a platform for analyzing containerized applications through both static metadata review and dynamic behavioral probing, enabling users to understand image composition and runtime dependencies. The project distinguishes itself by automating the creation of minimal, production-ready container images. It achieves this by removing unnecessary files and components, flattening image layers, and synthesizing restrictive
This project provides a comprehensive architectural blueprint and implementation set for building a platform-as-a-service on Kubernetes. It serves as a technical resource for deploying container orchestration environments, managing the full software development lifecycle, and integrating a complete DevOps toolchain. The implementation emphasizes automated software delivery through the integration of build and delivery pipelines, private container registries, and distributed configuration systems. It enables the decoupling of application settings from images via a centralized configuration man
Boto3 is the AWS SDK for Python, providing a programmatic interface for managing and automating AWS cloud infrastructure and services. It serves as a cloud management API client and resource manager for provisioning, configuring, and scaling virtual servers, databases, and storage. The library enables the implementation of infrastructure-as-code through declarative templates and scripts, allowing for the deployment of identical resource stacks across multiple accounts and geographic regions. It also provides a framework for coordinating distributed workflows, serverless functions, and contain
podman-compose is a command line tool and compose specification wrapper that translates YAML definitions into commands for the Podman container engine. It functions as a multi-container orchestrator that deploys application stacks without requiring a background daemon process. The tool enables rootless container management, allowing the execution of containerized applications and services without administrative privileges on the host. It translates high-level compose commands into individual shell calls to coordinate the deployment of multiple containers. The system manages container network
This project is an interactive programming curriculum and educational system designed to teach computer science and software engineering. It provides a structured set of courses and professional roadmaps focused on backend engineering, DevOps, and systems fundamentals. The platform is distinguished by an AI-powered coding tutor that provides Socratic guidance and contextual hints to help students find solutions independently. It features a browser-based code sandbox using WebAssembly to eliminate local environment setup, alongside automated test-based grading and spaced-repetition logic to re
Firejail is a Linux application sandbox and kernel security wrapper that isolates untrusted applications from the host system. It uses kernel namespaces and seccomp filters to restrict filesystem access, drop kernel capabilities, and limit the system attack surface. The project is distinguished by its use of predefined security profiles to automatically apply filesystem restrictions and syscall limits based on the executable being launched. It provides specialized isolation for portable packages such as AppImages and implements X11 display isolation via proxy servers to prevent keyboard loggi
Incus is a unified orchestration platform for managing system containers, OCI application containers, and virtual machines through a single control plane. It brings together cluster infrastructure management, secure multi-tenancy, software-defined networking, and pluggable storage backend orchestration into one cohesive system exposed via a full REST API and command-line interface. What distinguishes Incus is its ability to run multiple instance types side by side—full Linux system containers, OCI application containers, and QEMU virtual machines—all managed with consistent tooling. Networkin
This project provides a collection of official base images for building and running .NET applications across various operating systems and hardware architectures. It includes standardized runtime environments, containerized development kits, and specialized images designed for isolated application execution. The collection is distinguished by its focus on image optimization and security hardening. It offers distroless images that remove shells and package managers to reduce the attack surface, as well as composite layering and ahead-of-time compilation to improve startup performance and lower
Youki is a low-level container runtime written in Rust that creates and manages isolated containers according to Open Container Initiative specifications. It serves as an execution engine that can function as a rootless container manager or a pluggable Kubernetes CRI runtime to manage pods and containers within a cluster. The project distinguishes itself by providing a Wasm container runtime capable of executing WebAssembly modules as isolated workloads compatible with standard orchestration tools. It further supports a rootless execution model, allowing isolated environments to start as non-
proot-distro is a rootless container runtime and Linux distribution manager that allows users to install and run isolated guest environments without requiring administrative root privileges. It utilizes PRoot to simulate root access and filesystem redirection, enabling the deployment of full Linux distributions in a non-root space. The project functions as an OCI container image handler, capable of building, pulling, and pushing OCI-compatible images and manifests. It further serves as a cross-architecture execution layer, utilizing user-mode emulation to run binaries and containers built for
This project serves as a comprehensive educational repository and technical reference collection, documenting a wide range of software engineering practices and modern development technologies. It provides a structured learning path for developers, curating tutorials and practical examples that cover the full lifecycle of application development, from initial project scaffolding to deployment and maintenance. The repository distinguishes itself by offering deep technical insights into complex architectural patterns, including actor-based concurrency models for managing parallel tasks and cont
img is a collection of toolsets for building, managing, and manipulating OCI compliant container images. It functions as an image build tool and registry client, providing the capabilities to create images from configuration files, push and pull images to remote registries, and extract image layers into root filesystems or archives. The project distinguishes itself through support for multi-platform builds using hardware emulators and the ability to perform unprivileged container builds via namespace-based process isolation and user ID mapping. It also includes a cross-platform binary compile
x-cmd is an AI agent orchestrator, cloud infrastructure CLI, and cross-platform package manager that provides an enhanced POSIX shell toolkit. It integrates large language models directly into the terminal for chatting, code generation, and the execution of agentic workflows, while offering a framework for building interactive terminal user interface components. The project distinguishes itself by deploying containerized AI agents within isolated sandboxes, provisioning them with specialized skills and headless browser automation capabilities. It further streamlines development through a unif
Testcontainers for Java is a library for launching and managing disposable Docker containers to provide isolated dependencies for automated tests. It provides specialized provisioners for containerized databases, a manager for WebDriver browser containers, and an orchestrator for deploying multi-container applications via Docker Compose. The project ensures reproducible data states through database schema initialization and provides integration with JUnit to manage the lifecycle of external services. It supports automated browser testing by launching Selenium containers with the ability to re
Research was done to find "weak places" in regular expressions of Web Application Firewalls (WAFs). Repository contains SAST, which can help you to find security vulnerabilities in custom regular expressions in own projects. Contribution is highly welcomed. This repo was first presented during…