Ankit Anand ✨

Posted on Oct 23, 2021

7 GitHub projects to supercharge your Docker practices 🚀🧑‍💻

#devops #docker #kubernetes #cloud

Docker is an open-source container management platform used to build, run and package applications for deployment. It is an essential tool in every developer's toolkit.

Here's a list of 7 GitHub projects which can make your Docker workflow better.😎

1. Docker Labs

⭐️ GitHub stars: 10.1k

This repo contains Docker labs and tutorials authored both by Docker, and by members of the community. We welcome contributions and want to grow the repo.

Docker Tutorials and Labs

At this time we are not actively adding labs to this repository. Our focus is on training.play-with-docker.com where new lab and workshop oriented content is being added. We welcome fixes to existing content. For any new content you wish to contribute, please use this repository:https://github.com/play-with-docker/play-with-docker.github.io.

This repo contains Docker labs and tutorials authored both by Docker, and by members of the community. We welcome contributions and want to grow the repo.

Docker tutorials:

Community tutorials

Docker Tutorials from the Community - links to a different repository
Advanced…

View on GitHub

2. Minify Docker Container image by 30x

⭐️ GitHub stars: 10.8k

This repo can be used to optimize and secure containers, and the author also claims that you can minify your Docker images by 30x.

Optimize Your Experience with Containers. Make Your Containers Better, Smaller, More Secure and Do Less to Get There (free and open source!)

Note that DockerSlim is now just Slim (SlimToolkit is the full name, so it's easier to find it online) to show its growing support for additional container tools and runtimes in the cloud native ecosystem.

Slim is now a CNCF Sandbox project. It was created by Kyle Quest and it's been improved by many contributors. The project is supported by Slim.AI.

Overview

Slim allows developers to inspect, optimize and debug their containers using its xray, lint, build, debug, run, images, merge, registry, vulnerability (and other) commands. It simplifies and improves your developer experience building, customizing and using containers. It makes your containers better, smaller and more secure while providing advanced visibility and improved usability working with the…

View on GitHub

3. Dockerfiles for popular Apps

⭐️ GitHub stars: 11.3k

Author Jessie Frazelle has built Docker images of popular applications to run on desktop.

jessfraz / dockerfiles

Various Dockerfiles I use on the desktop and on servers.

dockerfiles

This is a repo to hold various Dockerfiles for images I create.

Table of Contents

About

Almost all of these live on dockerhub under jess. Because you cannot use notary with autobuilds on dockerhub I also build these continuously on a private registry at r.j3ss.co for public download. (You're welcome.)

Resources

My dotfiles

You may also want to checkout my dotfiles, specifically the aliases for all these files which are here: github.com/jessfraz/dotfiles/blob/master/.dockerfunc.

Contributing

I try to make sure each Dockerfile has a command at the top to document running it, if a file you are looking at does not have a command, please pull request it!

Using the `Makefile`

$ make help
build                          Builds all the dockerfiles in the repository
dockerfiles                    Tests the changes to the Dockerfiles build.
image                          Build a Dockerfile (ex. DIR=telnet).
latest-versions                Checks all the

…

View on GitHub

4. Dockerfile best practices

⭐️ GitHub stars: 3.3k

This repository has best-practices for writing Dockerfiles.

hexops-graveyard / dockerfile

Dockerfile best-practices for writing production-worthy Docker images.

Dockerfile best practices

Writing production-worthy Dockerfiles is, unfortunately, not as simple as you would imagine. Most Docker images in the wild fail here, and even professionals often[1] get[2] this[3] wrong[4].

This repository has best-practices for writing Dockerfiles that I (@slimsag) have quite painfully learned over the years both from my personal projects and from my work @sourcegraph. This is all guidance, not a mandate - there may sometimes be reasons to not do what is described here, but if you don't know then this is probably what you should be doing.

How to use this

Copy the Dockerfile into your own project and follow the comments to create your Dockerfile.

Best practices included in the Dockerfile

The following are included in the Dockerfile in this repository:

View on GitHub

5. Distroless Docker images

⭐️ GitHub stars: 11k

This repo has language focused docker images that contains only the applications and its runtime dependencies.

GoogleContainerTools / distroless

🥑 Language focused docker images, minus the operating system.

"Distroless" Container Images.

"Distroless" images contain only your application and its runtime dependencies They do not contain package managers, shells or any other programs you would expect to find in a standard Linux distribution.

For more information, see this talk (video).

Since March 2023, Distroless images use oci manifests, if you see errors referencing application/vnd.oci.image.manifest.v1+json or application/vnd.oci.image.index.v1+json, update your container tooling (docker, jib, etc) to latest.

Why should I use distroless images?

Restricting what's in your runtime container to precisely what's necessary for your app is a best practice employed by Google and other tech giants that have used containers in production for many years. It improves the signal to noise of scanners (e.g. CVE) and reduces the burden of establishing provenance to just what you need.

Distroless images are very small The smallest distroless image, gcr.io/distroless/static-debian12, is around 2 MiB. That's about 50% of…

View on GitHub

6. WatchTower

⭐️ GitHub stars: 9.1k

This GitHub repo can be used to automate Docker container base image updates.

containrrr / watchtower

A process for automating Docker container base image updates.

Watchtower

A process for automating Docker container base image updates

Quick Start

With watchtower you can update the running version of your containerized app simply by pushing a new image to the Docker Hub or your own image registry.

Watchtower will pull down your new image, gracefully shut down your existing container and restart it with the same options that were used when it was deployed initially. Run the watchtower container with the following command:

$ docker run --detach \
    --name watchtower \
    --volume /var/run/docker.sock:/var/run/docker.sock \
    containrrr/watchtower

Watchtower is intended to be used in homelabs, media centers, local dev environments, and similar. We do not recommend using Watchtower in a commercial or production environment. If that is you, you should be looking into using Kubernetes. If that feels like too big a step for you, please look into solutions like MicroK8s and k3s that take away a lot of the…

View on GitHub

7. Docker bench for security

⭐️ GitHub stars: 7.1k

The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.

I hope you enjoyed this list!

We are currently building SigNoz - a full-stack open-source application performance monitoring tool. SigNoz is built to give SaaS like user experience combined with the perks of open-source software.

If interested, do check out our GitHub repo👇

SigNoz / signoz

SigNoz is an open-source observability platform native to OpenTelemetry with logs, traces and metrics in a single application. An open-source alternative to DataDog, NewRelic, etc. 🔥 🖥. 👉 Open source Application Performance Monitoring (APM) & Observability tool

Monitor your applications and troubleshoot problems in your deployed applications, an open-source alternative to DataDog, New Relic, etc.

Documentation • ReadMe in Chinese • ReadMe in German • ReadMe in Portuguese • Slack Community • Twitter

SigNoz helps developers monitor applications and troubleshoot problems in their deployed applications. With SigNoz, you can:

👉 Visualise Metrics, Traces and Logs in a single pane of glass

👉 You can see metrics like p99 latency, error rates for your services, external API calls and individual end points.

👉 You can find the root cause of the problem by going to the exact traces which are causing the problem and see detailed flamegraphs of individual request traces.

👉 Run aggregates on trace data to get business relevant metrics

👉 Filter and query logs, build dashboards and alerts based on attributes in logs

👉 Record exceptions automatically in Python, Java, Ruby, and Javascript

👉 Easy…

View on GitHub

Top comments (9)

Jason Hooper • Oct 23 '21

Here's 7 projects! Followed by an ad that's not identified as an ad. Dishonest priming, should be considered a dark pattern

Ankit Anand ✨ • Oct 24 '21

Hi Jason,
Get your point. Updated the article for better context. :)

Rolf Streefkerk • Oct 24 '21

Agreed, ad plugs diminish the quality of articles on this platform.

Rammina • Oct 26 '21

Agreed. I really can't stand the top articles mostly being self-promotion. It's such a shame.

Bernd Wechner • Oct 26 '21

I'm blown away by the harsh criticisms here. All I read was a short list of docker resources followed with a brief footer introducing the author and what they're working on. Which itself looks like a lovely FOSS project and hardly some commercial enterprise surreptitiously advertising.

Gets my vote of approval.