Skip to content

Building

Kubernetes

Building

Tool Description
Skaffold
  • Command line tool that facilitates continuous development for Kubernetes applications
  • Allows to iterate on your application source code locally then deploy to local or remote Kubernetes clusters
  • It handles the workflow for building, pushing and deploying your application
tekton
  • A Kubernetes-native pipeline resource
  • The Tekton Pipelines project provides Kubernetes-style resources for declaring CI/CD-style pipelines
cosign
k8s-digester
  • Add digests to container and init container images in Kubernetes pod and pod template specs
  • Can be used either as a mutating admission webhook, or as a client-side KRM function with kpt or kustomize

Registries

Tool Description
quay Registry: Build, Store, and Distribute your Applications and Containers
distribution Basis of the container registry that is part of Docker Hub
reg Docker registry v2 command line client and repo listing generator with security checks
kraken P2P Docker registry capable of distributing TBs of data in seconds
go-containerregistry
  • Go library and CLIs for working with container registries
  • It also lets you build your own layers and images programmatically
crane crane is a tool for interacting with remote images and registries
sinker
  • Syncs container images from one registry to another
  • Useful in cases when you rely on images that exist in a public container registry, but need to pull from a private registry
serverless-registry-proxy Serverless reverse proxy for exposing container registries (GCR, Docker Hub, Artifact Registry etc) on custom domains

Utils

Tool Description
velero Backup and migrate Kubernetes applications and their persistent volumes
kube-janitor Cleans up (deletes) Kubernetes resources after a configured TTL
kube-resource-report Report Kubernetes cluster and pod resource requests vs usage and generate static HTML
k8s-image-swapper Mirror images into your own registry and swap image references automatically
outdated Kubectl plugin to find and report outdated images running in a Kubernetes cluster
eraser Remove a list of non-running images from all Kubernetes nodes in a cluster
Kubernetes Instance Calculator Visualize Kubernetes cost calculations in an interactive way
Public Container Images Detector A collection of tools to statically and dynamically identify public container images that are hosted on Docker Hub
kubectl-cost CLI for determining the cost of Kubernetes workloads

Monitoring

Tool Description
kube-state-metrics
kwatch Monitor and detect crashes in your Kubernetes cluster instantly

Docker

Build Docker Images

Tool Description
img Standalone, daemon-less, unprivileged Dockerfile and OCI compatible container image builder
jib Build container images for your Java applications
makisu Docker image building tool, works in unprivileged containerized environments like Mesos and Kubernetes
copilot-cli Tool to build, release and operate production ready containerized applications on Amazon ECS and AWS Fargate
apko
  • Build OCI images using APK directly without Dockerfile
  • You can also refer to the companion blog post

Minify Images

Tool Description
distroless
  • Language focused docker images, minus the operating system
  • "Distroless" images contain only your application and its runtime dependencies
  • They do not contain package managers, shells or any other programs
docker-slim
  • Minifies container images by analysing what is actually used at runtime, and throwing away the rest
  • Not a replacement for scratch builds entirely, but a useful stepping-stone towards them

Utils

Tool Description
hadolint A smarter Dockerfile linter that helps you build best practice Docker images
amazon-ecr-credential-helper Automatically gets credentials for Amazon ECR on docker push/docker pull

AWS

Tool Description
Bottlerocket
  • Linux-based open source operating system designed and optimized specifically for use as a container host
  • Bottlerocket Security Guidance: Recommendations, details, and examples to help you create a configuration that meets your security and compliance requirements
EC2 Image Builder Build a golden Windows OS image that follows the STIGs compliance guidelines