Earthly is a syntax for defining your build. It works with your existing build system. Get repeatable and understandable builds today.

This started with a consulting snafu: Government organisation A got government organisation B to develop a web application. Government organisation B subcontracted part of the work to somebody. Hosting and maintenance of the project was later contracted out to a private-sector company C. Company C discovered that the subcontracted somebody (who was long gone) had built a custom Docker image and made it a dependency of the build system, but without committing the original Dockerfile. That left company C with a contractual obligation to manage a Docker image they had no source code for. Company C calls me in once in a while to do various things, so doing something about this mystery meat Docker image became my job.

Have you ever experienced that your Kubernetes cluster cannot create new Pods because Docker Hub or other container registries are down?

kim is a Kubernetes-aware CLI that will install a small builder backend consisting of a BuildKit daemon bound to the Kubelet's underlying containerd socket (for building images) along with a small server-side agent that the CLI leverages for image management (think push, pull, etc) rather than talking to the backing containerd/CRI directly. kim enables building images locally, natively on your k3s cluster.

Ever Given in Suez Canal

Co-op Cloud aims to make hosting libre software applications simple for small providers. It uses the latest container technologies and innovations and configurations are shared into the commons for the benefit of all. The project is intended for small service providers such as tech co-operatives who are looking to standardise around an open, transparent and scalable infrastructure.

Vorteil is an operating system for running cloud applications on micro virtual machines. It takes only the files you need and runs them on a custom Linux kernel without any unnecessary background services: there's no ssh, no shell, and no login; just a toml file that Vorteil's init process (vinitd) uses to configure the system and launch your apps.

Kubectl build mimics the kaniko executor, but performs building on your Kubernetes cluster side.

GitHub Container Registry introduces easy sharing across organizations, fine-grained permissions, and free, anonymous access for public container images

Sysbox is an open-source container runtime (aka runc), originally developed by Nestybox, that enables Docker containers to act as virtual servers capable of running software such as Systemd, Docker, and Kubernetes in them, easily and with proper isolation. This allows you to use containers in new ways, and provides a faster, more efficient, and more portable alternative to virtual machines in many scenarios.

A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI.

Stellar is designed to provide simple container runtime clustering. One or more nodes are joined together to create a cluster. The cluster is eventually consistent making it ideal for transient workloads or edge computing where nodes are not always guaranteed to have high bandwidth, low latency connectivity.

Run containers like a boss

kaniko - Build Container Images In Kubernetes

Flatcar Linux website

It is deceptively simple to get started with Linux Containers, but how well do you really understand the underlying technology? Could you explain the architectural trade offs of container hosts, images, and application definitions within Kubernetes? This article is intended to help you build that knowledge.

Kata Containers is an open source project building extremely lightweight virtual machines that seamlessly plug into the containers ecosystem.

amicontained - Container introspection tool. Find out what container runtime is being used as well as features available.

Rootbox is a tool that lets you create and distribute “boxes”: isolated environments designed for building code thanks to the power of chroots and mounts.

Unlike full-blown containerization tools like Docker and rkt, Rootbox is intentionally non-secure. This allows it to be incredibly lightweight, ideally suited for creating portable, reproducible development environments.