photon by vmware

Minimal Linux container host

updated at May 24, 2024, 3:03 a.m.

188 +0

2,986 +2

705 +1

runv by hyperhq

Hypervisor-based Runtime for OCI

updated at May 24, 2024, 8:20 a.m.

43 +0

826 +1

129 +0

nsjail by google

A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.

updated at May 24, 2024, 10:55 a.m.

90 +0

2,812 +3

265 +1

railcar by oracle

RailCar: Rust implementation of the Open Containers Initiative oci-runtime

updated at May 24, 2024, 11:30 a.m.

52 +0

1,114 +1

102 +0

udocker by indigo-dc

A basic user tool to execute simple docker containers in batch or interactive systems without root privileges.

updated at May 24, 2024, 1 p.m.

34 +0

1,242 +7

130 +1

subuser by subuser-security

Run programs on linux with selectively restricted permissions.

updated at May 24, 2024, 3:05 p.m.

26 +0

887 +2

65 +0

Whaler by P3GLEG

Program to reverse Docker images into Dockerfiles

updated at May 24, 2024, 3:08 p.m.

24 +0

1,032 +4

92 +0

container-diff by GoogleContainerTools

container-diff: Diff your Docker containers

updated at May 24, 2024, 7:22 p.m.

64 +0

3,745 +4

233 +2

img by genuinetools

Standalone, daemon-less, unprivileged Dockerfile and OCI compatible container image builder.

updated at May 24, 2024, 10:36 p.m.

52 +0

3,865 +1

229 +0

singularity by apptainer

Singularity has been renamed to Apptainer as part of us moving the project to the Linux Foundation. This repo has been persisted as a snapshot right before the changes.

updated at May 25, 2024, 12:58 a.m.

89 +0

2,506 +2

424 +0

goss by goss-org

Quick and Easy server testing/validation

updated at May 25, 2024, 1:39 a.m.

81 -1

5,452 +1

471 +0

go-containerregistry by google

Go library and CLIs for working with container registries

updated at May 25, 2024, 6:52 a.m.

36 +0

2,989 +8

505 +1

docker-bench-security by docker

The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.

updated at May 25, 2024, 8:44 a.m.

237 +0

8,944 +5

996 +1

gvisor by google

Application Kernel for Containers

updated at May 25, 2024, 9:36 a.m.

308 +0

15,169 +20

1,265 +5

sysbox by nestybox

An open-source, next-generation "runc" that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.

updated at May 25, 2024, 12:43 p.m.

38 +0

2,563 +11

146 +1

bubblewrap by containers

Low-level unprivileged sandboxing tool used by Flatpak and similar projects

updated at May 25, 2024, 1:12 p.m.

54 +0

3,686 +5

227 +1

dive by wagoodman

A tool for exploring each layer in a docker image

updated at May 25, 2024, 2:40 p.m.

356 +0

43,979 +97

1,668 +4

runc by opencontainers

CLI tool for spawning and running containers according to the OCI specification

updated at May 25, 2024, 2:59 p.m.

386 +2

11,488 +18

2,049 +0

buildah by containers

A tool that facilitates building OCI images.

updated at May 25, 2024, 6:40 p.m.

96 +0

7,066 +8

757 +3

skopeo by containers

Work with remote images registries - retrieving information, images, signing content

updated at May 25, 2024, 6:40 p.m.

99 +0

7,508 +38

742 +4