163 Resources
Golang container Libraries
Provide task runtime implementation with pidfd and eBPF sched_process_exit tracepoint to manage deamonless container with low overhead.
embedshim The embedshim is the kind of task runtime implementation, which can be used as plugin in containerd. With current shim design, it is used to
WIP - Pin - local pipeline project with Docker Golang API.
pin 🔥 WIP - Local pipeline project with Docker Golang API. 🌐 Installation Download latest release You can download latest release from here Install
CetusGuard is a tool that allows to protect the Docker daemon socket by filtering the calls to its API endpoints.
CetusGuard CetusGuard is a tool that allows to protect the Docker daemon socket by filtering the calls to its API endpoints. Some highlights: It is wr
How to get a Go / Golang app using the Gin web framework running natively on Windows Azure App Service WITHOUT using a Docker container
Go on Azure App Service View the running app - https://go-azure-appservice.azurewebsites.net 😎 This is an example repo of how to get a Go / Golang a
Ixia-c-one - A re-packaged (as a single-container) flavor of multi-container application ixia-c
ixia-c-one ixia-c-one is a re-packaged (as a single-container) flavor of multi-c
MongoBackup - This is container that takes backup of MongoDB
MongoBackup This is container that takes backup of MongoDB. It is ment to be ran
Build & Scan - Container Image
BSImage (build&scan image) Requirements Trivy Docker BSImage (shell script version) Usage of build (shell script version) ./bsimage.sh start image:ta
Display (Namespace, Pod, Container, Primary PID) from a host PID, fails if the target process is running on host
Display (Namespace, Pod, Container, Primary PID) from a host PID, fails if the target process is running on host
Generic-list-go - Go container/list but with generics
generic-list-go Go container/list but with generics. The code is based on contai
An os/exec like interface for running a command in a container, and being able to easily interact with stdin, stdout, and other adjustments
dockerexec An "os/exec" like interface for running a command in a container, and being able to easily interact with stdin, stdout, and other adjustmen
Common Image Registry for Testcontainers-Go
Testcontainers-Go Common Image Registry Common Image Registry for Testcontainers-Go Prerequisites Go = 1.16 Install go get github.com/nhatthm/testcon
Undock - Extract contents of a container image in a local folder
About Undock is a CLI application that allows you to extract contents of a conta
Container image sweeper kube
container-image-sweeper-kube container-image-sweeper-kube は、不要になった Docker イメージを自
The Container Storage Interface (CSI) Driver for Fortress Block Storage This driver allows you to use Fortress Block Storage with your container orchestrator
fortress-csi The Container Storage Interface (CSI) Driver for Fortress Block Storage This driver allows you to use Fortress Block Storage with your co
Returns which registry from the container image name
Returns which registry from the container image name
Logkubed - Serve K8s container logs in realtime with websockets
log3 (logkubed) logcubed is a mini app that helps you stream Kubernetes pod logs
Container Runtime Interface profile
criprof Container Runtime Interface profiling and introspection. Useful for tracking down containers in logs or grouping by runtime characteristics. c
KNoC is a Kubernetes Virtual Kubelet that uses an HPC cluster as the container execution environment
Kubernetes Node on Cluster KNoC is a Virtual Kubelet Provider implementation that manages real pods and containers in a remote container runtime by su
Kubernetes controller for backing up public container images to our own registry repository
image-clone-controller Kubernetes controller which watches applications (Deployment and DaemonSet) and "caches" the images (public container images) b
Ssh-lxd - A proof of concept for an ssh server that spawns a bash session inside a LXD container
SSH LXD A proof of concept for an ssh server that spawns a bash session inside a
Mcc - The MESH Companion Container (MCC) is a p2p layer and modified Kademlia DHT that provides functionality for service discovery
MCC The MESH Companion Container (MCC) is a p2p layer and modified Kademlia DHT
Nydus-snapshotter - A containerd snapshotter with capability of on-demand read
Nydus Snapshotter Nydus-snapshotter is a non-core sub-project of containerd. Pul
Watches container registries for new and changed tags and creates an RSS feed for detected changes.
Tagwatch Watches container registries for new and changed tags and creates an RSS feed for detected changes. Configuration Tagwatch is configured thro
🤖 Prune old images on GitHub (ghcr.io) and GitLab (registry.gitlab.com) container registry
✨ Prune container images in a CLI way ✨ Prune old images on GitHub (ghcr.io) and GitLab (registry.gitlab.com) Container Registry Getting Started | Des
rkt is a pod-native container engine for Linux. It is composable, secure, and built on standards.
rkt is a pod-native container engine for Linux. It is composable, secure, and built on standards.
Tool (in Go!) to compare and diff container and host environments. Dinosaur fun!
Compe compare environments and other things between containers, and host 📦️ This is a simple tool to compare environments and other features of conta
Aws-secretsmanager-caching-extension - Cache server for AWS Secrets Manager
AWS Lambda Extension / Sidecar Container Cache Server The cache server is writte
Tool (in Go!) to compare and diff container and host environments. Dinosaur fun!
Compenv compare environments between containers, and host 📦️ This is a simple tool to compare environments. This means the environment on your host v
Core - Eru, a simple, stateless, flexible, production-ready orchestrator designed to easily integrate into existing workflows. Can run any virtualization things in long or short time.
Eru Eru is a stateless, flexible, production-ready resource scheduler designed to easily integrate into existing systems. Eru can use multiple engines
Amazon ECS Container Agent: a component of Amazon Elastic Container Service
Amazon ECS Container Agent The Amazon ECS Container Agent is a component of Amazon Elastic Container Service (Amazon ECS) and is responsible for manag
NVIDIA container runtime
nvidia-container-runtime A modified version of runc adding a custom pre-start hook to all containers. If environment variable NVIDIA_VISIBLE_DEVICES i
Amazon Elastic Container Service Agent
Amazon ECS Container Agent The Amazon ECS Container Agent is a component of Amazon Elastic Container Service (Amazon ECS) and is responsible for manag
Automatically exposes the remote container's listening ports back to the local machine
Auto-portforward (apf) A handy tool to automatically set up proxies that expose the remote container's listening ports back to the local machine. Just
Container actions using Golang Docker SDK
container-go Prototyping continuous integration for microservices using only Gol
An app/container built in Go to automate a Twitter account using Notion
Notion Tweeter Notion Tweeter is a utility I built using Go to help automate scheduling my tweets using Notion as a backend. More documentation coming
A vulnerability scanner for container images and filesystems
A vulnerability scanner for container images and filesystems. Easily install the
Traefik plugin to proxy requests to owasp/modsecurity-crs:apache container
Traefik Modsecurity Plugin Traefik plugin to proxy requests to owasp/modsecurity-crs:apache Traefik Modsecurity Plugin Demo Full Configuration with do
TibiaData API written in Golang and deployed in container (which contains v3)
TibiaData API in Golang TibiaData API written in Golang and deployed in container (which contains v3) Current status of v3 is in beta and information
Go client for Apptainer key storage and retrieval using HKP
Container Key Client This project provides a Go client to Apptainer for key stor
Run the mysql container standalone
Run the mysql container standalone docker container run -v "//c/Users/javier/Goo
Accelerated Container Image is an open-source implementation of paper "DADI: Block-Level Image Service for Agile and Elastic Application Deployment. USENIX ATC'20".
Accelerated Container Image Accelerated Container Image is an open-source implementation of paper "DADI: Block-Level Image Service for Agile and Elast
Drone is a Container-Native, Continuous Delivery Platform
Drone Welcome to the Drone codebase, we are thrilled to have you here! What is Drone? Drone is a continuous delivery system built on container technol
Option container for golang
Option Option provides an Option container which can be used to force some addit
Docker4ssh: Docker containers and more via ssh
docker4ssh - docker containers and more via ssh docker4ssh is an ssh server that
Simple docker container to publish a fixed message to a specified queue. Created to be used with k8s CRON scheduling.
RabbitMQ Publish CRON Simple docker container to publish a fixed message to a specified rabbitmq exchange. Created to be used as part of a Kubernetes
Edge Orchestration project is to implement distributed computing between Docker Container enabled devices.
Edge Orchestration Introduction The main purpose of Edge Orchestration project is to implement distributed computing between Docker Container enabled
A Continuous Delivery system built on container technology
Drone is a Continuous Delivery system built on container technology. Drone uses a simple yaml configuration file, a superset of docker-compose, to def
VPN client in a thin Docker container for multiple VPN providers, written in Go
VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
poCo: portable Containers. Create statically linked, portable binaries from container images (daemonless)
poCo Containers - Binaries Create statically linked, portable binaries from container images A simple, static golang bundler! poCo (portable-Containe
A controller(CES) for controlling container egress traffic. Working with F5 AFM.
Container Egress Services (CES) Kubernetes is piloting projects transition to enterprise-wide application rollouts, companies must be able to extend t
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes.
What is Argo Workflows? Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Argo Workflow
wy : a set of command-line tools to test your container-based platform
wy wy (Abbreviation of Would You) is a set of command-line tools to test your container-based platform. ToC: Commands Deployment Monitoring Contributi
Realtime log viewer for docker containers.
Dozzle - dozzle.dev Dozzle is a small lightweight application with a web based interface to monitor Docker logs. It doesn’t store any log files. It is
Simple container orchestration
Metis Super simple orchestration for stateless HTTP containers. This is a personal project I developed in an attempt to understand how a container orc
Web gateway for OCI artifacts
Containerbay Web gateway for OCI artifacts Container images gateway browser and indexer Website static server - Reverse Container image browser Contai
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Exceptional for vulnerability dete
prometheus docker-container-exporter
Start with docker cd /home git clone https://github.com/sanggi-wjg/docker-container-exporter.git docker build -t dc-exporter . docker run -p 9091:90
Prototype of signing container images in the index
Prototype for inline signing of images in the image index. When designing Notary v2 there was a strong consensus for having detached signatures. These
An little docker container to send an heartbeat to uptime kuma.
Uptime Kuma Push Service This Docker image is for sending a heartbeat to an Uptime Kuma server. Here you will find a little introduction on how to use
Go application of a gRPC client and server, built for Azure Container Apps
gRPC Sample : Go View this sample in other languages C# Go Java JavaScript Python The following is a sample of a gRPC client calling another container
Nanovms running in Docker x86 container for M1 Mac ARM64.
Docker Ops This project is an attempt to enable Nanos unikernels to be managed by Ops on non-intel architectures such as the Mac M1 ARM64. Unless ther
Weave Ignite is an open source Virtual Machine (VM) manager with a container UX and built-in GitOps management.
Weave Ignite is an open source Virtual Machine (VM) manager with a container UX and built-in GitOps management.
A vulnerability scanner for container images and filesystems
A vulnerability scanner for container images and filesystems
Boxygen is a container as code framework that allows you to build container images from code
Boxygen is a container as code framework that allows you to build container images from code, allowing integration of container image builds into other tooling such as servers or CLI tooling.
A small tool used to correspond to the IP address according to the name, id, and network alias of the docker container, which can be run as a DNS server
A small tool used to correspond to the IP address according to the name, id, and network alias of the docker container, which can be run as a DNS server
Hybridnet is an open source container networking solution, integrated with Kubernetes and used officially by following well-known PaaS platforms
Hybridnet What is Hybridnet? Hybridnet is an open source container networking solution, integrated with Kubernetes and used officially by following we
FaaSNet: Scalable and Fast Provisioning of Custom Serverless Container Runtimes at Alibaba Cloud Function Compute (USENIX ATC'21)
FaaSNet FaaSNet is the first system that provides an end-to-end, integrated solution for FaaS-optimized container runtime provisioning. FaaSNet uses l
CDK - Zero Dependency Container Penetration Toolkit
CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily.
The dumb container runtime trying to be compatible with Kubernetes CRI
Go Dumb CRI The dumb container runtime trying to be compatible with Kubernetes CRI. Usage Run the server and create an IPC socket in /tmp/go-dumbcri.s
A cookbook with the best practices to working with kubernetes.
A cookbook with the best practices to working with kubernetes.
Mount your podman container into WireGuard networks on spawn
wg-pod A tool to quickly join your podman container/pod into a WireGuard network. Explanation wg-pod wires up the tools ip,route,wg and podman. It cre
Monitoring Go application inside docker container by InfluxDB, Telegraf, Grafana
REST API for TreatField app Docker compose for TIG and Golang simple app: https://github.com/tochytskyi/treatfield-api/blob/main/docker-compose.yml Gr
Visualizer of container layer sizes
Container Layer Analyzer Have you ever wondered what exactly is eating up your precious space in each layer of your container images? Would you like t
Automatic container image update for Argo CD
Argo CD Image Updater Introduction Argo CD Image Updater is a tool to automatically update the container images of Kubernetes workloads which are mana
Container-Explorer is a tool to explore containerd installation on a mounted image.
Container-Explorer Container-Explorer is a tool to explore containerd installation on a mounted image. Container-Explorer attempts to provide the simi
A docker container that can be deployed as a sidecar on any kubernetes pod to monitor PSI metrics
CgroupV2 PSI Sidecar CgroupV2 PSI Sidecar can be deployed on any kubernetes pod with access to cgroupv2 PSI metrics. About This is a docker container
Sidecar container for injecting secrets into configuration files from Hashicorp Vault
talebearer noun A person who spreads scandal or tells secrets; gossip Note This code is not being actively developed, and has not seen substantial cha
This action prints "true" if image is required to update based on the base image update.
container-image-updater This action prints "true" if image is required to update based on the base image update. Inputs Name Type Description base-ima
WIP. Converts Azure Container Scan Action output to SARIF, for an easier integration with GitHub Code Scanning
container-scan-to-sarif container-scan-to-sarif converts Azure Container Scan Action output to Static Analysis Results Interchange Format (SARIF), for
Go project to manage an ubuntu docker container
Go-docker-manager This project consist of a Go app that connects to a Docker backend, spans a Ubuntu container and shows live CPU/Memory information f
✨ Create a new production-ready project with backend, frontend and deploy automation by running one CLI command!
✨ Create a new production-ready project with backend, frontend and deploy automation by running one CLI command!
Container Storage Interface driver for Synology NAS
Synology CSI Driver for Kubernetes The official Container Storage Interface driver for Synology NAS. Container Images & Kubernetes Compatibility Drive
Envoy file based dynamic routing using kubernetes config map
Envoy File Based Dynamic Routing Config mapを使用してEnvoy File Based Dynamic Routingを実現します。 概要 アーキテクチャとしては、 +----------+ +--------------+ +-----------
Image clone controller is a kubernetes controller to safe guard against the risk of container images disappearing
Image clone controller image clone controller is a kubernetes controller to safe guard against the risk of container images disappearing from public r
Docker container lazy loading
Lazytainer Putting your containers to sleep I don't really wanna do the work today How it works Lazy loading containers monitor network traffic for ac
Jacket of google/wire: advanced DI approach wrapping google/wire for cloud.
Wire-Jacket: IoC Container of google/wire for cloud-native Jacket of google/wire: advanced DI approach wrapping google/wire for cloud. google/wire : h
DevSpace - The Fastest Developer Tool for Kubernetes ⚡ Automate your deployment workflow with DevSpace and develop software directly inside Kubernetes.
Website • Quickstart • Examples • Documentation • Blog • Twitter Client-Only Developer Tool for Cloud-Native Development with Kubernetes Build, test a
Container runtimes on MacOS with minimal setup
Colima Container runtimes on macOS with minimal setup. Features Simple CLI interface Docker and Containerd support Port Forwarding Volume mounts Kuber
A lightweight IoC dependency injection container for Golang
iocgo A lightweight IoC dependency injection container for Golang English | 中文 How to use Installation it requires Go 1.15 or newer versions. install
Demo repository for Infrastructure as Code testing tools and frameworks.
Testing Infrastructure as Code Demo repository for Infrastructure as Code testing tools and frameworks. Maintainer M.-Leander Reimer (@lreimer), mario
Small wrapper for containers/image which exposes a HTTP API to fetch
CLI to expose containers/image fetching via HTTP This is a small CLI program which vendors the containers/image Go library and exposes a HTTP API to f
Kubernetes workload controller for container image deployment
kube-image-deployer kube-image-deployer는 Docker Registry의 Image:Tag를 감시하는 Kubernetes Controller입니다. Keel과 유사하지만 단일 태그만 감시하며 더 간결하게 동작합니다. Container, I
Prometheus exporter for Amazon Elastic Container Service (ECS)
ecs_exporter 🚧 🚧 🚧 This repo is still work in progress and is subject to change. This repo contains a Prometheus exporter for Amazon Elastic Contai
top in container - Running the original top command in a container
Running the original top command in a container will not get information of the container, many metrics like uptime, users, load average, tasks, cpu, memory, are about the host in fact. topic(top in container) will retrieve those metrics from container instead, and shows the status of the container, not the host.
Container Storage Interface components for SPIFFE
SPIFFE CSI Driver WARNING: This project is in the "Development" phase of the SPIFFE Project Maturity Phases. A Container Storage Interface driver for
Open-Local is a local disk management system composed of multiple components.
Open-Local is a local disk management system composed of multiple components. With Open-Local, using local storage in Kubernetes will be as simple as centralized storage.
Ananas is an experimental project for kubernetes CSI (Container Storage Interface) by using azure disk. Likewise, Ananas is the name of my cute british shorthair.
ananas Ananas is an experimental project for kubernetes CSI (Container Storage Interface) by using azure disk. Likewise, Ananas is the name of my cute
Tool to scan a container image's rootfs
image-rootfs-scanner A tool to pull and scan the rootfs of any container image for different binaries. It started out as a means of finding "restricte
ctrsploit: A penetration toolkit for container environment
ctrsploit: A penetration toolkit for container environment