TrivialRC - A minimalistic RC system and process manager for containers and applications

  •        119

The minimalistic Run-time Configuration (RC) system and process manager is written in pure BASH and uses just a few external utilities like ls, ps, date and sleep. Minimally, installation of TrivialRC consists of only one file which can be downloaded directly from the Github. Originaly, it was designed for use in containers but it also can be well used for running a group of processes asynchronously and synchronously, as well as managing their running order and exit codes.TrivialRC is not a replacement for an init process that usually resides in /sbin/init and has a PID 1. In containers for this purpose projects like dumb-init or tini can be used, although in most cases, having only TrivialRC as a first/main process (PID 1) in containers is quite enough. In terms of Docker, the best place for it is ENTRYPOINT.



Related Projects

dumb-init - A minimal init system for Linux containers

  •    Python

dumb-init is a simple process supervisor and init system designed to run as PID 1 inside minimal container environments (such as Docker). It is deployed as a small, statically-linked binary written in C.Lightweight containers have popularized the idea of running a single process or service without normal init systems like systemd or sysvinit. However, omitting an init system often leads to incorrect handling of processes and signals, and can result in problems such as containers which can't be gracefully stopped, or leaking containers which should have been destroyed.

Supervisor - A Process Control System

  •    Python

Supervisor is a client/server system that allows its users to monitor and control a number of processes on UNIX-like operating systems. It shares some of the same goals of programs like launchd, daemontools, and runit. Unlike some of these programs, it is not meant to be run as a substitute for init as “process id 1”. Instead it is meant to be used to control processes related to a project or a customer, and is meant to start like any other program at boot time.

railcar - RailCar: Rust implementation of the Open Containers Initiative oci-runtime

  •    Rust

If you build using stable instead of nightly, the set_name feature will be disabled and the init process inside the container will not be named rc-init when viewed via ps or /proc/$pid/cmdline.

containerpilot - A service for autodiscovery and configuration of applications running in containers

  •    Go

An init system for cloud-native distributed applications that automates the process of service discovery, configuration, and lifecycle management inside the container, so you can focus on your apps.We can write our new applications to do that, but existing apps will need some help. We can wrap each application in a shell script that registers itself with the discovery service easily enough, but watching for changes to that service and ensuring that health checks are being made is more complicated. We can put a second process in the container, but as soon as we do that we need an init system running inside the container as well.

x11docker - Run GUI applications and desktops in docker. Focus on security.

  •    Shell

Graphical applications and desktops in docker are similar in usage to a Virtual Machine. They are isolated from host in several ways. It is possible to run applications that would not run on host due to missing dependencies. For example, you can run latest development versions or outdated versions of applications, or even multiple versions at the same time. Practical differences to a VM: Docker containers need much less resources. x11docker discardes containers after use. Persistant data and configuration storage is done with shared folders. Persistant container system changes can be done in Dockerfile. System changes in running containers are discarded after use.

pm2 - Node.js Production Process Manager with a built-in Load Balancer

  •    Javascript

PM2 is a production process manager for Node.js applications with a built-in load balancer. It allows you to keep applications alive forever, to reload them without downtime and to facilitate common system admin tasks.PM2 is constantly assailed by more than 1800 tests.

Spinnaker - Global Continuous Delivery

  •    Python

Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence. It helps codify the process of safely and reliably deploying artifacts to the cloud. It can deploy across multiple cloud providers: AWS EC2, Google Compute Engine, Microsoft Azure, OpenStack and Cloud Foundry.

Docker-Secure-Deployment-Guidelines - Deployment checklist for securely deploying Docker


Within today’s growing cloud-based IT market, there is a strong demand for virtualisation technologies. Unfortunately most virtualisation solutions are not flexible enough to meet developer requirements and the overhead implied by the use of full virtualisation solutions becomes a burden on the scalability of the infrastructure. Docker reduces that overhead by allowing developers and system administrators to seamlessly deploy containers for applications and services required for business operations. However, because Docker leverages the same kernel as the host system to reduce the need for resources, containers can be exposed to significant security risks if not adequately configured. The following itemised list suggests hardening actions that can be undertaken to improve the security posture of the containers within their respective environment. It should be noted that proposed solutions only apply to deployment of Linux Docker containers on Linux-based hosts, using the most recent release of Docker at the time of this writing (1.4.0, commit 4595d4f, dating 11/12/14). Part of the content below is based on publications from Jérôme Petazzoni [1] and Daniel J Walsh [2]. This document aims at adding on to their recommendations and how they can specifically be implemented within Docker. Note: Most of suggested command line options can be stored and used in a similar manner inside a Dockerfile for automated image building. Docker 1.3 now supports cryptographic signatures [3] to ascertain the origin and integrity of official repository images. This feature is however still a work in progress as Docker will issue a warning but not prevent the image from actually running. Furthermore, it does not apply to non-official images. In general, ensure that images are only retrieved from trusted repositories and that the --insecure-registry=[] command line option is never used.

docker-osx-dev - A productive development environment with Docker on OS X

  •    Shell

As of March 4, 2018, this project is no longer actively maintained. The Docker for Mac app has made significant improvements in terms of mounted volume performance and file watching, so docker-osx-dev is no longer necessary. I tried many different solutions (see Alternatives) that didn't work until I finally stumbled across one that does: rsync. With rsync, build and compilation performance in mounted folders is on par with native OS X performance and standard file watching mechanisms work properly too. However, setting it up correctly is a painful process that involves many steps, so to make life easier, I've packaged this process up in this docker-osx-dev project.

PiCluster - Manage Docker Containers

  •    Javascript

PiCluster is a simple way to manage Docker containers on multiple hosts. Docker Swarm not that good and Kubernetes was too difficult to install currently on ARM. PiCluster will only build and run images from Dockerfile's on the host specified in the config file. This software will work on regular x86 hardware also and is not tied to ARM.

goss - Quick and Easy server testing/validation

  •    Go

Note: For some Docker/Kubernetes healthcheck, health endpoint, and container ordering examples, see my blog post here. Goss is a YAML based serverspec alternative tool for validating a server’s configuration. It eases the process of writing tests by allowing the user to generate tests from the current system state. Once the test suite is written they can be executed, waited-on, or served as a health endpoint.

Circus - A Process & Socket Manager

  •    Python

Circus is a process & socket manager. It can be used to monitor and control processes and sockets. Circus can be driven via a command-line interface or programmatically through its python API.

Distribution - The Docker toolset to pack, ship, store, and deliver content

  •    Go

The Docker toolset to pack, ship, store, and deliver content. This repository's main product is the Docker Registry 2.0 implementation for storing and distributing Docker images. It supersedes the docker/docker-registry project with a new API design, focused around security and performance.

dockersh - A shell which places users into individual docker containers

  •    Go

A user shell for isolated, containerized environments. dockersh is designed to be used as a login shell on machines with multiple interactive users. When a user invokes dockersh, it will bring up a Docker container (if not already running), and then spawn a new interactive shell in the container's namespace.

habitus - A Build Flow Tool for Docker

  •    Go

Habitus adds workflows to Docker build. This means you can create a chain of builds to generate your final Docker image based on a workflow. This is particularly useful if your code is in compiled languages like Java or Go or if you need to use secrets like SSH keys during the build.Habitus is a standalone build flow tool for Docker. It’s a command line tool that builds Docker images based on their Dockerfile and a build.yml.

atomic - Atomic Run Tool for installing/running/managing container images.

  •    Python

This project defines the entrypoint for Project Atomic hosts. On an Atomic Host, there are at least two distinct software delivery vehicles; Docker (often used in combination with the traditional RPM/yum/dnf), and rpm-ostree to provide atomic upgrades of the host system. The goal of Atomic is to provide a high level, coherent entrypoint to the system, and fill in gaps in Linux container implementations.

go-system-programming - Go System Programming

  •    Go

But I found there's no books introduce Go System Programming these years. Actually Go is the best system language in 21th Century. There's so many system developed by Go. like Docker, etcd, consul etc. It's all related with system programming. But if we want to develop an application related with Linux. There's rarely materials about how to use Go to do the system. Like Linux IO, Socket, mmap, Lock, Thread, Process etc. So I want to write this book to introduce Linux System Programming. I will write this book in Chinese. Later will translate into other languages.

watchtower - Automatically update running Docker containers

  •    Go

A process for watching your Docker containers and automatically restarting them whenever their base image is refreshed. Watchtower is an application that will monitor your running Docker containers and watch for changes to the images that those containers were originally started from. If watchtower detects that an image has changed, it will automatically restart the container using the new image.

docker-alpine - Docker containers running Alpine Linux and s6 for process management

  •    Shell

Highly configurable Docker images running Alpine linux and s6 process management. Using Docker makes your infrastructure and environment consistent, testable, scalable and repeatable.

awesome-docker - :whale: A curated list of Docker resources and projects

  •    Javascript

A curated list of Docker resources and projects Inspired by @sindresorhus' awesome and improved by these amazing contributors. The creators and maintainers of this list do not receive any form of payment to accept a change made by any contributor. This page is not an official Docker product in any way. It is a list of links to projects and is maintained by volunteers. Everybody is welcome to contribute. The goal of this repo is to index open-source projects, not to advertise for profit.