Podman is a daemonless, open source, Linux native tool designed to make it easy to find, run, build, share and deploy applications using Open Containers Initiative (OCI) Containers and Container Images. Podman provides a command line interface (CLI) familiar to anyone who has used the Docker Container Engine. Most users can simply alias Docker to Podman (alias docker=podman) without any problems. Similar to other common Container Engines (Docker, CRI-O, containerd), Podman relies on an OCI compliant Container Runtime (runc, crun, runv, etc) to interface with the operating system and create the running containers. This makes the running containers created by Podman nearly indistinguishable from those created by any other common container engine.
Containers under the control of Podman can either be run by root or by a non-privileged user. Podman manages the entire container ecosystem which includes pods, containers, container images, and container volumes using the libpod library. Podman specializes in all of the commands and functions that help you to maintain and modify OCI container images, such as pulling and tagging. It allows you to create, run, and maintain those containers and container images in a production environment.
Harbor is a self-hosted Docker registry that offers a large number of additional features that big companies probably love. Among those features are vulnerability scanning, third party authentication support, cryptographic signature and authentication, and a GUI.
When you use Docker Hub, this is what you're using.
docs/deploying.md describes how to deploy Registry as a Docker container. They definitely don't make it easy to break out of their ecosystem.
Quay is a self-hosted Docker container registry. Supports Docker registry protocol v2, Docker manifest schema v2.1 and v2.2, image discovery and squashing, third-party authentication, and more.
Github org for Simplenetes, a full implementation of Kubernetes with shell scripts. Does not require root.
Docker re-implemented as a 100 line shell script.
Language focused docker images, minus the operating system. Put a statically linked binary in there and fire it up. Designed with Go in mind.
tfviz analyzes Terraform deployment files and generates maps which depict what it's going to do in production. Right now it only works with AWS environments.
A simple terminal UI for docker and docker-compose. Written in Go, has a full text-based UI for monitoring and exploring your containers. Tries to make it easier to work with Docker and docker-compose. Keeps everything in a single terminal window with shortcuts for common Docker commands. You can add custom commands, too. Seems to also support mousing around.
This repo contains a CLI tool to delete all cloud (AWS, Azure, GCP) resources in an account. cloud-nuke was created for situations when you might have an account you use for testing and need to clean up leftover resources so you're not charged for them. Also great for cleaning out accounts with redundant resources.
A number of Github repos of code meant to be used to harden servers in various ways prior to deployment.
k3s is intended to be a fully compliant Kubernetes distribution with the following changes:
Legacy, alpha, non-default features are removed. Hopefully, you shouldn't notice the stuff that has been removed. Removed most in-tree plugins (cloud providers and storage plugins) which can be replaced with out of tree addons. Add sqlite3 as the default storage mechanism. etcd3 is still available, but not the default. Wrapped in simple launcher that handles a lot of the complexity of TLS and options. Minimal to no OS dependencies (just a sane kernel and cgroup mounts needed). k3s packages required dependencies
wait-for-it.sh is a pure bash script that will wait on the availability of a host and TCP port. It is useful for synchronizing the spin-up of interdependent services, such as linked docker containers. Since it is a pure bash script, it does not have any external dependencies.
A compiled list of links to public failure stories related to Kubernetes. Most recent publications on top.
A page that teaches you just enough Ruby to let you use Chef.
A list of default usernames for Linux AMI's in Amazon's EC2.
How to specify relationships between files and packages in puppet.