kaniko - Build Container Images In Kubernetes

  •        167

kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. kaniko doesn't depend on a Docker daemon and executes each command within a Dockerfile completely in userspace. This enables building container images in environments that can't easily or securely run a Docker daemon, such as a standard Kubernetes cluster.

https://github.com/GoogleContainerTools/kaniko

Tags
Implementation
License
Platform

   




Related Projects

jib - Build container images for your Java applications.

  •    Java

Jib builds optimized Docker and OCI images for your Java applications without a Docker daemon - and without deep mastery of Docker best-practices. It is available as plugins for Maven and Gradle and as a Java library.

lcfs - LCFS Graph driver for Docker

  •    C

tl;dr: Every time you build, pull or destroy a Docker container, you are using a storage driver. Current storage drivers like Device Mapper, AUFS, and Overlay2 implement container behavior using file systems designed to run a full OS. We are open-sourcing a file system that is purpose-built for the container lifecycle. We call this new file system Layer Cloning File System (LCFS). Because it is designed only for containers, it is up to 2.5x faster to build an image and up to almost 2x faster to pull an image. We're looking forward to working with the container community to improve and expand this new tool. Layer Cloning FileSystem (LCFS) is a new filesystem purpose-built to be a Docker storage driver. All Docker images are constructed of layers using storage drivers (graph drivers) like AUFS, OverlayFS, and Device Mapper. As a design principle, LCFS focuses on layers as the first-class citizen. The LCFS filesystem operates directly on top of block devices, as opposed to merging separate filesystems. Thereby, LCFS aims to directly manage at the container image’s layer level, eliminate the overhead of having a second filesystem that then is merged, and to optimize for density.

Portainer - Simple management UI for Docker

  •    Javascript

Portainer is a lightweight management UI which allows you to easily manage your different Docker environments (Docker hosts or Swarm clusters). Portainer is meant to be as simple to deploy as it is to use. It consists of a single container that can run on any Docker engine (can be deployed as Linux container or a Windows native container). It allows you to manage your Docker containers, images, volumes, networks and more ! It is compatible with the standalone Docker engine and with Docker Swarm mode.

aws-lambda-container-image-converter - The AWS Lambda container image converter tool (img2lambda) repackages container images (such as Docker images) into AWS Lambda layers, and publishes them as new layer versions

  •    Go

This container image converter tool (img2lambda) repackages container images (such as Docker images) into AWS Lambda layers, and publishes them as new layer versions to Lambda. The tool copies all files under '/opt' in the Docker image, maintaining the individual Docker image layers as individual Lambda layers. The published layer ARNs will be stored in a file 'output/layers.json', which can be used as input when creating Lambda functions. Each layer is named using a "namespace" prefix (like img2lambda or my-docker-image) and the SHA256 digest of the Docker image layer, in order to provide a way of tracking the provenance of the Lambda layer back to the Docker image that created it.

nginx-php-fpm - Nginx and php-fpm for dockerhub builds

  •    Shell

This is a Dockerfile/image to build a container for nginx and php-fpm, with the ability to pull website code from git when the container is created, as well as allowing the container to push and pull changes to the code to and from git. The container also has the ability to update templated files with variables passed to docker in order to update your code and settings. There is support for lets encrypt SSL configurations, custom nginx configs, core nginx/PHP variable overrides for running preferences, X-Forwarded-For headers and UID mapping for local volume support. If you have improvements or suggestions please open an issue or pull request on the GitHub project page.


Buildah - A tool that facilitates building OCI images

  •    Go

Buildah - a tool that facilitates building Open Container Initiative (OCI) container images. The Buildah package provides a command line tool that can be used to Create a working container, either from scratch or using an image, Images can be built in either the OCI image format or the traditional upstream docker image format, Mount / Unmount / Delete / Rename the container.

humpback - Quickly build lightweight docker cloud for enterprise user.

  •    

Quickly build lightweight docker cloud for enterprise user. Single Mode Single mode, which implements container management for a single group of hosts, providing container creation, container operations, container renaming, container upgrade and cloning, container monitoring, and container log output.

openvas-docker - A Docker container for Openvas

  •    Shell

A Docker container for OpenVAS on Ubuntu. By default, the latest images includes the OpenVAS Base as well as the NVTs and Certs required to run OpenVAS. We made the decision to move to 9 as the default branch since 8 seems to have many issues in docker. We suggest you use 9 as it is much more stable. Our Openvas9 build was designed to be a smaller image with fewer extras built in. Please note, OpenVAS 8 is no longer being built as OpenVAS 9 is now standard. The image is can still be pulled from the Docker hub, however the source has been removed in this github as is standard with deprecated Docker Images. In the output, look for the process scanning cert data. It contains a percentage.

Moby Project - An open framework to assemble specialized container systems

  •    Go

Moby is an open-source project created by Docker to advance the software containerization movement. It provides a “Lego set” of dozens of components, the framework for assembling them into custom container-based systems, and a place for all container enthusiasts to experiment and exchange ideas.

acs-engine - Azure Container Service Engine - a place for community to collaborate and build the best open Docker container infrastructure for Azure

  •    Go

The Azure Container Service Engine (acs-engine) generates ARM (Azure Resource Manager) templates for Docker enabled clusters on Microsoft Azure with your choice of DC/OS, Kubernetes, Swarm Mode, or Swarm orchestrators. The input to the tool is a cluster definition. The cluster definition is very similar to (in many cases the same as) the ARM template syntax used to deploy a Microsoft Azure Container Service cluster.Execute make ci to run the checkin validation tests.

gs-spring-boot-docker - Spring Boot with Docker :: Learn how to create a Docker container from a Spring Boot application with Maven or Gradle

  •    Java

This guide walks you through the process of building a Docker image for running a Spring Boot application. Docker is a Linux container management toolkit with a "social" aspect, allowing users to publish container images and consume those published by others. A Docker image is a recipe for running a containerized process, and in this guide we will build one for a simple Spring boot application.

uwsgi-nginx-flask-docker - Docker image with uWSGI and Nginx for Flask applications in Python running in a single container

  •    Shell

Docker image with uWSGI and Nginx for Flask web applications in Python 3.6, Python 3.5 and Python 2.7 running in a single container. Optionally using Alpine Linux. This Docker image allows you to create Flask web applications in Python that run with uWSGI and Nginx in a single container.

sysbox - An open-source, next-generation "runc" that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs

  •    Shell

Improves container isolation: Sysbox always enables the Linux user-namespace on containers (i.e., root user in the container has zero privileges on the host), hides host info inside the container, locks the container's initial mounts, and more. Sysbox is an OCI-based "runc", meaning that you typically use Docker and Kubernetes to deploy these enhanced containers (in fact Sysbox works under the covers, you don't interact with it directly). Thus there is no need to learn new tools or modify your existing container workflows to take advantage of Sysbox. Just install it and point your container manager / orchestrator to it.

PiCluster - Manage Docker Containers

  •    Javascript

PiCluster is a simple way to manage Docker containers on multiple hosts. Docker Swarm not that good and Kubernetes was too difficult to install currently on ARM. PiCluster will only build and run images from Dockerfile's on the host specified in the config file. This software will work on regular x86 hardware also and is not tied to ARM.

nixery - Container registry which transparently builds images using the Nix package manager

  •    Go

Nixery is a Docker-compatible container registry that is capable of transparently building and serving container images using Nix. Images are built on-demand based on the image name. Every package that the user intends to include in the image is specified as a path component of the image name.

k3c - Lightweight local container engine for container development

  •    Go

k3c brings the Classic ™ Docker images manipulation UX to your k3s development workflow. It is designed to enable the rapid feedback when developing and testing local container images in k3s and rke2. Currently k3s, the lightweight Kubernetes distribution, provides a great solution for Kubernetes from dev to production. While k3s satisifies the Kubernetes runtime needs, one still needs to run docker (or a docker-like tool) to actually develop and build the container images. k3c is intended to replace docker for just the functionality needed for building and manipulating images in the Kubernetes ecosystem. There really is nothing better than the classic Docker UX of build/push/pull/tag. This tool copies the same UX as classic Docker (think Docker v1.12). The intention is to follow the same style but not be a 100% drop in replacement. Behaviour and arguments have been changed to better match the behavior of the Kubernetes ecosystem.

Skopeo - Work with remote images registries - retrieving information, images, signing content

  •    Go

skopeo is a command line utility that performs various operations on container images and image repositories. skopeo can work with OCI images as well as the original Docker v2 images. Skopeo works with API V2 container image registries such as docker.io and quay.io registries, private registries, local directories and local OCI-layout directories.

anchore - Legacy Anchore container analysis, inspection and control toolset

  •    Python

Anchore is a set of tools that provides visibility, transparency, and control of your container environment. With anchore, users can analyze, inspect, perform security scans, and apply custom policies to container images within a CI/CD build system, or used/integrated directly into your container environment. This repository contains the anchore analysis scanner tool (with a basic CLI interface), which can be appropriate for lower-level integrations - for new users and current users who have been looking to deploy Anchore as a centralized service with an API, an open source project called the Anchore Engine has been released (with its own light-weight client CLI) which extends the capabilities of anchore beyond what usage of this scanner tool alone can provide. The project page links are below, which include installation/quickstart instructions, API documents and usage guides.

docker-cleanup - Automatic Docker image, container and volume cleanup

  •    Shell

This image will periodically clean up exited containers and remove images and volumes that aren't in use by a running container. Based on tutumcloud/image-cleanup and chadoe/docker-cleanup-volumes with some small fixes. WARNING: This script will remove all exited containers, data-only containers and unused images unless you carefully exclude them. Take care if you mount /var/lib/docker into the container since that will clean up all unused data volumes. If it's not compatible with your system or Docker version it may delete all your volumes, even from under running containers.

zabbix-docker-monitoring - :whale: Docker/Kubernetes/Mesos/Marathon/Chronos/LXC/LXD/Swarm container monitoring - Docker image, Zabbix template and C module

  •    C

If you like or use this project, please provide feedback to author - Star it ★ and write what's missing for you.Monitoring of Docker container by using Zabbix. Available CPU, mem, blkio, net container metrics and some containers config details, e.g. IP, name, ... Zabbix Docker module has native support for Docker containers (Systemd included) and should also support a few other container types (e.g. LXC) out of the box. Please feel free to test and provide feedback/open issue. The module is focused on performance, see section Module vs. UserParameter script.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.