docker-gc - Docker garbage collection of containers and images

  •        83

A simple Docker container and image garbage collection script.Although docker normally prevents removal of images that are in use by containers, we take extra care to not remove any image tags (e.g., ubuntu:14.04, busybox, etc) that are in use by containers. A naive docker rmi $(docker images -q) will leave images stripped of all tags, forcing docker to re-pull the repositories when starting new containers even though the images themselves are still on disk.

https://github.com/spotify/docker-gc

Tags
Implementation
License
Platform

   




Related Projects

jvmgcprof - A simple utility for profile allocation and garbage collection activity in the JVM

  •    C

gcprof [-p period] [-n class:fieldpath] [-no ostrichcounter] [-w nwarmup] java ...Profile allocation and garbage collection activity in the JVM. The gcprof command runs a java command under profiling. Allocation and collection statistics are printed periodically. If -n or -no are provided, statistics are also reported in terms of the given application metric. Total allocation, allocation rate, and a survival histogram is given. The intended use for this tool is twofold: (1) monitor and test garbage allocation and GC behavior, and (2) inform GC tuning.

jvmgcprof - A simple utility for profile allocation and garbage collection activity in the JVM

  •    C

gcprof [-p period] [-n class:fieldpath] [-no ostrichcounter] [-w nwarmup] java ... Profile allocation and garbage collection activity in the JVM. The gcprof command runs a java command under profiling. Allocation and collection statistics are printed periodically. If -n or -no are provided, statistics are also reported in terms of the given application metric. Total allocation, allocation rate, and a survival histogram is given. The intended use for this tool is twofold: (1) monitor and test garbage allocation and GC behavior, and (2) inform GC tuning.

vulhub - Pre-Built Vulnerable Environments Based on Docker-Compose

  •    Shell

Vulhub is an open-source collection of pre-built vulnerable docker environments. No pre-existing knowledge of docker is required, just execute two simple commands and you have a vulnerable environment. The installation steps of docker and docker-compose for others operating system might be slightly different, please refer to the docker documentation for details.


labs - This is a collection of tutorials for learning how to use Docker with various tools

  •    PHP

This repo contains Docker labs and tutorials authored both by Docker, and by members of the community. We welcome contributions and want to grow the repo.

docker-windows-box - Various Vagrant envs with Windows 2016/10 and Docker, Swarm mode, LCOW, ...

  •    PowerShell

This repo is a collection of various Vagrant environments to work with Windows Containers on a Windows Server 2016 or Windows 10 VM. This repo has started with a single Vagrantfile that is explained below. As you can see there are several interesting setups here as well in the sub folders.

docker-best-practices - Collection of some docker practices

  •    

There are hundreds of useful tips around on how to use Docker. Unfortunately, the most useful bits of information are often buried in blog posts, talks or within long-winded documentation. I thought it might be useful to collect all these Docker tips and consolidate them in one place. Try to reduce the number of layers that will be created in your Dockerfile. Most Dockerfile instructions will add a new layer on top of the current image and commit the results.

awesome-docker - :whale: A curated list of Docker resources and projects

  •    Javascript

A curated list of Docker resources and projects Inspired by @sindresorhus' awesome and improved by these amazing contributors. The creators and maintainers of this list do not receive any form of payment to accept a change made by any contributor. This page is not an official Docker product in any way. It is a list of links to projects and is maintained by volunteers. Everybody is welcome to contribute. The goal of this repo is to index open-source projects, not to advertise for profit.

Portainer - Simple management UI for Docker

  •    Javascript

Portainer is a lightweight management UI which allows you to easily manage your different Docker environments (Docker hosts or Swarm clusters). Portainer is meant to be as simple to deploy as it is to use. It consists of a single container that can run on any Docker engine (can be deployed as Linux container or a Windows native container). It allows you to manage your Docker containers, images, volumes, networks and more ! It is compatible with the standalone Docker engine and with Docker Swarm mode.

docker - Docker Official Image packaging for Docker

  •    Shell

This is the Git repo of the Docker "Official Image" for docker (not to be confused with any official docker image provided by docker upstream). See the Docker Hub page for the full readme on how to use this Docker image and for information regarding contributing and issues. The full description from Docker Hub is generated over in docker-library/docs, specifically in docker-library/docs/docker.

stego-toolkit - Collection of steganography tools - helps with CTF challenges

  •    Shell

This project is a Docker image useful for solving Steganography challenges as those you can find at CTF platforms like hackthebox.eu. The image comes pre-installed with many popular tools (see list below) and several screening scripts you can use check simple things (for instance, run check_jpg.sh image.jpg to get a report for a JPG file). First make sure you have Docker installed (how to). Then you can use the shell scripts bin/buid.sh and bin/run.sh in this repo to build the image and run the container. You will be dropped into a bash shell inside the container. It will have the data folder mounted, into which you can put the files to analyze.

prometheus - A docker-compose stack for Prometheus monitoring

  •    

Before we get started installing the Prometheus stack. Ensure you install the latest version of docker and docker swarm on your Docker host machine. Docker Swarm is installed automatically when using Docker for Mac or Docker for Windows.Clone the project locally to your Docker host.

Distribution - The Docker toolset to pack, ship, store, and deliver content

  •    Go

The Docker toolset to pack, ship, store, and deliver content. This repository's main product is the Docker Registry 2.0 implementation for storing and distributing Docker images. It supersedes the docker/docker-registry project with a new API design, focused around security and performance.

Dry - A Docker container manager for the terminal

  •    Go

Dry is a terminal application to manage Docker. It shows information about Containers, Images and Networks, and, if running a Docker Swarm, it also shows all kinds of information about the state of the Swarm cluster. It can connect to both local or remote Docker daemons. Besides showing information, it can be used to manage Docker. Most of the commands that the official Docker CLI has, are available in dry with the same behaviour.

scala-offheap - Experimental type-safe off-heap memory for Scala.

  •    Scala

Garbage collection is the standard memory management paradigm on the JVM. In theory, it lets one completely forget about the hurdles of memory management and delegate all of it to the underlying runtime. In practice, GC often leads to scalability issues on large heaps and latency-sensitive workloads. The goal of this project is to expose a completely different memory management paradigm to the developers: explicitly annotated region-based memory. This paradigm gives more control over memory management without the need to micro-manage allocations.

docker-compose-nodejs-examples - Finally some real world examples on getting started with Docker Compose and Nodejs

  •    Javascript

Docker Compose is an awesome tool for creating isolated development environments with Docker by using simple configurations with YAML. It's clean and easy enough to wrap your head around, even if you are new to Docker. Even though, the official website is lacking some practial, real world examples for getting started with Docker Compose and Nodejs. I hope the following real world examples will save you from some headache (like I had) while trying to figure out how to (pragmatically) use Docker Compose for your Nodejs apps.

Docker-Secure-Deployment-Guidelines - Deployment checklist for securely deploying Docker

  •    

Within today’s growing cloud-based IT market, there is a strong demand for virtualisation technologies. Unfortunately most virtualisation solutions are not flexible enough to meet developer requirements and the overhead implied by the use of full virtualisation solutions becomes a burden on the scalability of the infrastructure. Docker reduces that overhead by allowing developers and system administrators to seamlessly deploy containers for applications and services required for business operations. However, because Docker leverages the same kernel as the host system to reduce the need for resources, containers can be exposed to significant security risks if not adequately configured. The following itemised list suggests hardening actions that can be undertaken to improve the security posture of the containers within their respective environment. It should be noted that proposed solutions only apply to deployment of Linux Docker containers on Linux-based hosts, using the most recent release of Docker at the time of this writing (1.4.0, commit 4595d4f, dating 11/12/14). Part of the content below is based on publications from Jérôme Petazzoni [1] and Daniel J Walsh [2]. This document aims at adding on to their recommendations and how they can specifically be implemented within Docker. Note: Most of suggested command line options can be stored and used in a similar manner inside a Dockerfile for automated image building. Docker 1.3 now supports cryptographic signatures [3] to ascertain the origin and integrity of official repository images. This feature is however still a work in progress as Docker will issue a warning but not prevent the image from actually running. Furthermore, it does not apply to non-official images. In general, ensure that images are only retrieved from trusted repositories and that the --insecure-registry=[] command line option is never used.