Skip to content

Building

Kubernetes

Building

Tool Description
Skaffold
  • Command line tool that facilitates continuous development for Kubernetes applications
  • Allows to iterate on your application source code locally then deploy to local or remote Kubernetes clusters
  • It handles the workflow for building, pushing and deploying your application
tekton
  • A Kubernetes-native pipeline resource
  • The Tekton Pipelines project provides Kubernetes-style resources for declaring CI/CD-style pipelines
cosign

Registries

Tool Description
quay
  • Registry: Build, Store, and Distribute your Applications and Containers
distribution
  • Basis of the container registry that is part of Docker Hub
reg
  • Docker registry v2 command line client and repo listing generator with security checks
kraken
  • P2P Docker registry capable of distributing TBs of data in seconds
go-containerregistry
  • Go library and CLIs for working with container registries
  • It also lets you build your own layers and images programmatically
crane
  • crane is a tool for interacting with remote images and registries
sinker
  • Syncs container images from one registry to another
  • Useful in cases when you rely on images that exist in a public container registry, but need to pull from a private registry
serverless-registry-proxy
  • Serverless reverse proxy for exposing container registries (GCR, Docker Hub, Artifact Registry etc) on custom domains

Utils

Tool Description
velero
  • Backup and migrate Kubernetes applications and their persistent volumes
kube-janitor
  • Cleans up (deletes) Kubernetes resources after a configured TTL
kube-resource-report
  • Report Kubernetes cluster and pod resource requests vs usage and generate static HTML
k8s-image-swapper
  • Mirror images into your own registry and swap image references automatically
outdated
  • Kubectl plugin to find and report outdated images running in a Kubernetes cluster
Kubernetes Instance Calculator
  • Visualize Kubernetes cost calculations in an interactive way
Public Container Images Detector
  • A collection of tools to statically and dynamically identify public container images that are hosted on Docker Hub
kubectl-cost
  • CLI for determining the cost of Kubernetes workloads

Monitoring

Tool Description
kube-state-metrics
kwatch
  • Monitor and detect crashes in your Kubernetes cluster instantly

Docker

Build Docker Images

Tool Description
img
  • Standalone, daemon-less, unprivileged Dockerfile and OCI compatible container image builder
jib
  • Build container images for your Java applications
makisu
  • Docker image building tool, works in unprivileged containerized environments like Mesos and Kubernetes
copilot-cli
  • Tool to build, release and operate production ready containerized applications on Amazon ECS and AWS Fargate
apko
  • Build OCI images using APK directly without Dockerfile
  • You can also refer to the companion blog post

Minify Images

Tool Description
distroless
  • Language focused docker images, minus the operating system
  • "Distroless" images contain only your application and its runtime dependencies
  • They do not contain package managers, shells or any other programs
docker-slim
  • Minifies container images by analysing what is actually used at runtime, and throwing away the rest
  • Not a replacement for scratch builds entirely, but a useful stepping-stone towards them

Utils

Tool Description
hadolint
  • A smarter Dockerfile linter that helps you build best practice Docker images
amazon-ecr-credential-helper
  • Automatically gets credentials for Amazon ECR on docker push/docker pull

AWS

Tool Description
Bottlerocket
  • Linux-based open source operating system designed and optimized specifically for use as a container host
  • Bottlerocket Security Guidance: Recommendations, details, and examples to help you create a configuration that meets your security and compliance requirements
EC2 Image Builder
  • Build a golden Windows OS image that follows the STIGs compliance guidelines
Back to top