DEV Community

Cover image for 7 GitHub projects to supercharge your Docker practices 🚀🧑‍💻
Ankit Anand ✨
Ankit Anand ✨

Posted on

7 GitHub projects to supercharge your Docker practices 🚀🧑‍💻

Docker is an open-source container management platform used to build, run and package applications for deployment. It is an essential tool in every developer's toolkit.

Here's a list of 7 GitHub projects which can make your Docker workflow better.😎

1. Docker Labs

⭐️ GitHub stars: 10.1k

This repo contains Docker labs and tutorials authored both by Docker, and by members of the community. We welcome contributions and want to grow the repo.

GitHub logo docker / labs

This is a collection of tutorials for learning how to use Docker with various tools. Contributions welcome.

Docker Tutorials and Labs

At this time we are not actively adding labs to this repository. Our focus is on training.play-with-docker.com where new lab and workshop oriented content is being added. We welcome fixes to existing content. For any new content you wish to contribute, please use this repository:https://github.com/play-with-docker/play-with-docker.github.io.

This repo contains Docker labs and tutorials authored both by Docker, and by members of the community. We welcome contributions and want to grow the repo.

Docker tutorials:

Community tutorials

2. Minify Docker Container image by 30x

⭐️ GitHub stars: 10.8k

This repo can be used to optimize and secure containers, and the author also claims that you can minify your Docker images by 30x.

GitHub logo docker-slim / docker-slim

DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

DSLIM1

Gitter chat Discord chat Follow Youtube

Gitpod ready-to-code Install DockerSlim Get Examples

Try Slim SaaS

Optimize Your Experience with Containers. Make Your Containers Better, Smaller, More Secure and Do Less to Get There (free and open source!)

Don't change anything in your Docker container image and minify it by up to 30x making it secure too! Optimizing images isn't the only thing it can do though. It can also help you understand and author better container images.

Keep doing what you are doing. No need to change anything. Use the base image you want. Use the package manager you want. Don't worry about hand optimizing your Dockerfile. You shouldn't have to throw away your tools and your workflow to have small container images.

Don't worry about manually creating Seccomp and AppArmor security profiles. You shouldn't have to become an expert in Linux syscalls, Seccomp and AppArmor to have secure containers. Even if you do know enough about it wasting time reverse engineering your application behavior…

3. Dockerfiles for popular Apps

⭐️ GitHub stars: 11.3k

Author Jessie Frazelle has built Docker images of popular applications to run on desktop.

GitHub logo jessfraz / dockerfiles

Various Dockerfiles I use on the desktop and on servers.

dockerfiles

make test

This is a repo to hold various Dockerfiles for images I create.

Table of Contents

About

Almost all of these live on dockerhub under jess Because you cannot use notary with autobuilds on dockerhub I also build these continuously on a private registry at r.j3ss.co for public download. (You're welcome.)

Resources

My dotfiles

You may also want to checkout my dotfiles, specifically the aliases for all these files which are here: github.com/jessfraz/dotfiles/blob/master/.dockerfunc.

Contributing

I try to make sure each Dockerfile has a command at the top to document running it, if a file you are looking at does not have a command, please pull request it!

Using the Makefile

$ make help
build                          Builds all the dockerfiles in the repository
dockerfiles                    Tests the changes to the Dockerfiles build.
image                          Build a Dockerfile (ex. DIR=telnet).
latest-versions                Checks all the

4. Dockerfile best practices

⭐️ GitHub stars: 3.3k

This repository has best-practices for writing Dockerfiles.

GitHub logo hexops / dockerfile

Dockerfile best-practices for writing production-worthy Docker images.

Dockerfile best practices Hexops logo

Writing production-worthy Dockerfiles is, unfortunately, not as simple as you would imagine. Most Docker images in the wild fail here, and even professionals often[1] get[2] this[3] wrong[4].

This repository has best-practices for writing Dockerfiles that I (@slimsag) have quite painfully learned over the years both from my personal projects and from my work @sourcegraph. This is all guidance, not a mandate - there may sometimes be reasons to not do what is described here, but if you don't know then this is probably what you should be doing.

How to use this

Copy the Dockerfile into your own project and follow the comments to create your Dockerfile.

Best practices included in the Dockerfile

The following are included in the Dockerfile in this repository:

5. Distroless Docker images

⭐️ GitHub stars: 11k

This repo has language focused docker images that contains only the applications and its runtime dependencies.

GitHub logo GoogleContainerTools / distroless

🥑 Language focused docker images, minus the operating system.

"Distroless" Docker Images

CI Build Status

"Distroless" images contain only your application and its runtime dependencies They do not contain package managers, shells or any other programs you would expect to find in a standard Linux distribution.

For more information, see this talk (video).

Why should I use distroless images?

Restricting what's in your runtime container to precisely what's necessary for your app is a best practice employed by Google and other tech giants that have used containers in production for many years It improves the signal to noise of scanners (e.g. CVE) and reduces the burden of establishing provenance to just what you need.

Distroless images are very small The smallest distroless image, gcr.io/distroless/static-debian11, is around 2 MiB. That's about 50% of the size of alpine (~5 MiB), and less than 2% of the size of debian (124 MiB).

How do I use distroless images?

These images are…

6. WatchTower

⭐️ GitHub stars: 9.1k

This GitHub repo can be used to automate Docker container base image updates.

GitHub logo containrrr / watchtower

A process for automating Docker container base image updates.

Watchtower

A process for automating Docker container base image updates

Circle CI codecov GoDoc Go Report Card latest version Apache-2.0 License Codacy Badge All Contributors Pulls from DockerHub

Quick Start

With watchtower you can update the running version of your containerized app simply by pushing a new image to the Docker Hub or your own image registry.

Watchtower will pull down your new image, gracefully shut down your existing container and restart it with the same options that were used when it was deployed initially. Run the watchtower container with the following command:

$ docker run -d \
    --name watchtower \
    -v /var/run/docker.sock:/var/run/docker.sock \
    containrrr/watchtower

Documentation

The full documentation is available at https://containrrr.dev/watchtower.

Contributors

Thanks goes to these wonderful people (emoji key):

7. Docker bench for security

⭐️ GitHub stars: 7.1k

The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.


I hope you enjoyed this list!


We are currently building SigNoz - a full-stack open-source application performance monitoring tool. SigNoz is built to give SaaS like user experience combined with the perks of open-source software.

If interested, do check out our GitHub repo👇

GitHub logo SigNoz / signoz

SigNoz helps developers monitor their applications & troubleshoot problems, an open-source alternative to DataDog, NewRelic, etc. 🔥 🖥. 👉 Open source Application Performance Monitoring (APM) & Observability tool

SigNoz-logo

Monitor your applications and troubleshoot problems in your deployed applications, an open-source alternative to DataDog, New Relic, etc.

License Downloads GitHub issues tweet

DocumentationReadMe in ChineseReadMe in GermanReadMe in PortugueseSlack CommunityTwitter

SigNoz helps developers monitor applications and troubleshoot problems in their deployed applications. SigNoz uses distributed tracing to gain visibility into your software stack.

👉 You can see metrics like p99 latency, error rates for your services, external API calls and individual end points.

👉 You can find the root cause of the problem by going to the exact traces which are causing the problem and see detailed flamegraphs of individual request traces.

👉 Run aggregates on trace data to get business relevant metrics

SigNoz Feature

Join our Slack community

Come say Hi to us on Slack 👋

Features:

  • Application overview metrics like RPS, 50th/90th/99th Percentile latencies, and Error Rate
  • Slowest endpoints in your application
  • See exact…

Discussion (9)

Collapse
jasonincanada profile image
Jason Hooper

Here's 7 projects! Followed by an ad that's not identified as an ad. Dishonest priming, should be considered a dark pattern

Collapse
ankit01oss profile image
Ankit Anand ✨ Author

Hi Jason,
Get your point. Updated the article for better context. :)

Collapse
rolfstreefkerk profile image
Rolf Streefkerk

Agreed, ad plugs diminish the quality of articles on this platform.

Collapse
rammina profile image
Rammina

Agreed. I really can't stand the top articles mostly being self-promotion. It's such a shame.

Collapse
thumbone profile image
Bernd Wechner

I'm blown away by the harsh criticisms here. All I read was a short list of docker resources followed with a brief footer introducing the author and what they're working on. Which itself looks like a lovely FOSS project and hardly some commercial enterprise surreptitiously advertising.

Gets my vote of approval.

Collapse
nightfall profile image
jbs123

Sneaking in ads should not be tolerated. The author should know better and did this on purpose. This type of sleeziness should not be tolerated.

Collapse
jlchavezgt profile image
José Luis Chávez • Edited on

Well, people that receive free content shouldn't be that picky... ;)

Collapse
nightfall profile image
jbs123 • Edited on

ad's....so is it free?
The content was good. Just hiding"free" ads isn't.

Collapse
victorrguez profile image
Victor Rodriguez

Thanks for sharing. Awesome list.