# docker

Container-native local AI model serving with Podman

RamaLama is an open-source tool that containerizes AI model inference using Podman or Docker, eliminating host system configuration complexity. It auto-detects GPUs (NVIDIA, AMD, Intel, Apple Silicon), pulls models from HuggingFace, Ollama, and OCI registries, and runs them in isolated rootless containers with read-only mounts and network isolation. Developed under the Containers project (Red Hat ecosystem), it brings familiar container workflows to local LLM serving.

Instant isolated dev environments powered by Nix

Devbox is an open-source command-line tool that creates instant, reproducible development environments using Nix packages without requiring you to learn Nix. Define your project dependencies in a simple devbox.json file and get isolated shells with access to over 400,000 package versions. It eliminates dependency conflicts between projects and ensures every team member works in an identical environment, with support for devcontainers, Docker, and cloud deployment.

Instant GraphQL and REST APIs on any database

Hasura auto-generates real-time GraphQL and REST APIs directly from your database schema—PostgreSQL, MySQL, SQL Server, MongoDB, and more. It provides fine-grained row-level and column-level access control, event triggers on database changes, remote schema stitching, and real-time subscriptions out of the box. Available as a managed cloud service or self-hosted, Hasura eliminates weeks of boilerplate API development while maintaining full control over authorization logic.

Self-hosted AI accounting for freelancers and small teams

TaxHacker is an open-source, self-hosted AI accounting app that automatically extracts financial data from receipts, invoices, and bank statements using LLMs. It supports 170+ currencies and 14 cryptocurrencies with historical exchange rate conversion, multi-project accounting, and custom AI extraction fields. Works with OpenAI, Gemini, Mistral, or local models via Ollama—deploy with Docker and keep all financial data under your control.

Native Linux containers on macOS via Apple Virtualization

Apple Containerization is Apple's official Swift package for running Linux containers natively on macOS using the Virtualization framework. It provides near-native performance without Docker Desktop's heavyweight VM, supporting OCI images, container networking, and a command-line interface. The library leverages Apple Silicon hardware acceleration for minimal overhead container execution on Mac development machines.

Headless browsers in Docker for automation at scale

Browserless is a headless browser-as-a-service platform that deploys Chrome, Firefox, and WebKit in Docker containers for web scraping, testing, and AI agent automation. It provides Puppeteer and Playwright-compatible APIs, a built-in MCP server for connecting AI assistants to browser automation, screenshot and PDF generation, and connection pooling for high-concurrency workloads. Available as self-hosted open source or managed cloud.

Run GitHub Actions locally for fast feedback

Act is an open-source tool that runs GitHub Actions workflows locally using Docker containers that match GitHub's execution environment. It provides instant feedback on workflow changes without pushing to a repository, supports matrix builds, secret management, and artifact handling. Act can also replace Makefiles by using workflow files as task definitions, making it useful for both CI/CD development and local task automation across development teams.

Managed Docker build acceleration with up to 40x faster builds

Depot provides managed infrastructure for dramatically faster Docker image builds. It uses persistent build caches, native Intel and ARM builders, and optimized build scheduling to achieve up to 40x faster builds compared to standard Docker build workflows. Drop-in replacement for docker build that requires no Dockerfile changes. Used by major engineering teams to cut CI/CD pipeline times.

Benchmark for evaluating AI coding agents on real GitHub issues

SWE-bench is a benchmark from Princeton NLP that evaluates AI coding agents by testing their ability to resolve real GitHub issues from popular open-source projects. Each task provides an issue description and repository state, and the agent must produce a working patch that passes the project's test suite. With 4,600+ GitHub stars, it has become the standard yardstick for comparing autonomous coding tools like Devin, Claude Code, and OpenHands.

Open-source control plane for AI workloads across multi-cloud GPU infrastructure

dstack is an open-source platform that orchestrates AI training and inference workloads across heterogeneous GPU infrastructure spanning multiple clouds, Kubernetes clusters, and bare-metal servers. It abstracts away cloud-specific APIs so teams define GPU requirements declaratively and dstack automatically provisions the cheapest available resources from AWS, GCP, Azure, Lambda, or on-premises hardware.

Enterprise-grade RAG and MCP knowledge base with one-click deployment

MaxKB is an enterprise-grade RAG platform with 21,000+ GitHub stars from the 1Panel team. It provides one-click deployment of knowledge bases with built-in LLM integration, MCP support, and a streamlined approach to document ingestion and retrieval that prioritizes operational simplicity over configuration complexity.

No-code knowledge base platform with visual AI workflow and built-in RAG

FastGPT is an open-source no-code AI knowledge base platform with 27,000+ GitHub stars and 500,000+ users worldwide. It combines visual workflow orchestration, built-in RAG pipelines, QA-pair extraction, and API-aligned completions into a single deployable stack that runs on just 2GB RAM via Docker one-liner deployment.

2x faster LLM fine-tuning with 70% less VRAM on a single GPU

Unsloth is an open-source framework for fine-tuning large language models up to 2x faster while using 70% less VRAM. Built with custom Triton kernels, it supports 500+ model architectures including Llama 4, Qwen 3, and DeepSeek on consumer NVIDIA GPUs. Unsloth Studio adds a no-code web UI for dataset creation, training observability, model comparison, and GGUF export for Ollama and vLLM deployment.

Run GitHub Actions 2x faster at half the cost on bare-metal gaming CPUs

Blacksmith is a drop-in replacement for GitHub-hosted runners that executes Actions on bare-metal gaming CPUs with higher single-core performance. Migration requires one line change in YAML. Features colocated warm caches, persistent Docker layer caching on NVMe, CI observability with log search, and Firecracker microVM isolation. SOC 2 Type II certified, pay-as-you-go at ~$0.004/min versus GitHub's $0.008/min.

Extensibility-first open-source no-code/low-code platform for business apps

NocoBase is an open-source, self-hosted no-code and low-code platform built around a data-model-driven architecture and plugin-based microkernel. Unlike form-centric no-code tools, it separates data structure from UI, enabling unlimited block types and views per data collection. All functionality is delivered through plugins similar to WordPress. Features include AI Employees for in-app automation, visual workflow builder, RBAC permissions, and automatic REST/GraphQL API generation.

High-performance S3-compatible object storage built in Rust

RustFS is an open-source distributed object storage system built entirely in Rust, offering 2.3x faster performance than MinIO for small object payloads. It provides full S3 API compatibility, enabling seamless migration from MinIO, Ceph, and AWS S3 with existing SDKs and CLI tools. Released under Apache 2.0 license, it avoids MinIO's restrictive AGPL terms. Features include distributed architecture, erasure coding, WORM compliance, encryption via RustyVault, and a web management console.

Open-source sandboxes and SDKs for AI agents that control desktops

CUA is an open-source infrastructure platform for building, benchmarking, and deploying AI agents that autonomously control full desktop environments. It provides secure sandboxed VMs across macOS, Linux, Windows, and Android with a unified Python SDK for screenshots, mouse/keyboard control, shell commands, and file I/O. Includes CuaBot CLI for running agents in sandboxes, Cua-Bench for standardized evaluation, and Lume for near-native macOS virtualization on Apple Silicon.

Identity-aware VPN and reverse proxy for zero-trust remote access

Pangolin is an open-source, identity-based remote access platform built on WireGuard that combines reverse proxy and VPN into a single self-hosted stack. It provides browser-based access to web apps and client-based access to private resources like SSH, databases, and RDP with zero-trust security. A self-hosted alternative to Cloudflare Tunnels, it handles routing, load balancing, health checking, and automatic SSL without exposing your network.

Zig-built headless browser engineered for AI agent workloads

Lightpanda is an open-source headless browser built from scratch in Zig for AI agents and automation. It strips away Chrome's rendering overhead, keeping only DOM and V8 JavaScript execution. Benchmarks show 11x faster execution and 9x less memory than headless Chrome, enabling ~140 concurrent sessions per server versus 15 with Puppeteer. Full CDP compatibility means existing Playwright and Puppeteer scripts migrate with zero code changes. Includes built-in MCP server for AI agent integration.

Free open-source local AWS emulator as a drop-in LocalStack replacement

Floci is a free open-source AWS emulator designed as a lightweight drop-in replacement for LocalStack Community Edition. It runs on port 4566 with the same endpoint conventions, supporting S3, SQS, DynamoDB, RDS, ElastiCache, API Gateway, Cognito, IAM, and twenty-plus other services. The Docker image is ninety megabytes versus LocalStack's one gigabyte and starts in twenty-four milliseconds.

Sandbox any command with file, network, and credential controls

Zerobox is a security-focused command sandboxing tool that isolates command execution with fine-grained controls over file system access, network connectivity, and credential exposure. It wraps any shell command in a secure container that enforces policy restrictions, preventing unauthorized file reads, network calls, or environment variable leaks during execution.

Free and open-source Kubernetes IDE for managing clusters visually

Freelens is a free open-source Kubernetes IDE that provides a visual desktop interface for managing clusters, workloads, and configurations. Forked from the original Lens project after its licensing change, Freelens offers the same powerful cluster management experience with real-time monitoring, log viewing, and resource editing under the MIT license.

Open-source PaaS alternative to Vercel, Heroku, and Netlify

Dokploy is a free open-source platform-as-a-service for self-hosting applications without cloud vendor lock-in. It provides automated deployments from Git repositories, built-in SSL certificates, database provisioning, Docker and Docker Compose support, and a clean web dashboard for managing multiple applications on your own servers. With 18,000+ GitHub stars, it fills the gap for teams wanting Vercel-like deployment simplicity on their own infrastructure.

Free MIT-licensed drop-in replacement for LocalStack

MiniStack is a free, MIT-licensed drop-in replacement for LocalStack that emulates 33 AWS services using real infrastructure — actual Postgres for RDS, real Redis for ElastiCache, real Docker for ECS — rather than faking API responses. Born from LocalStack's surprise paywall in March 2026, it starts in 2 seconds, idles at 30MB RAM versus LocalStack's ~500MB, and runs real services for accurate local AWS development.