KubePlus Platform toolkit simplifies discovery and use of Kubernetes Operators and Custom Resources in a cluster.
Kubernetes Custom Resource Definitions (CRDs), popularly known as Operators, extend Kubernetes to run and manage third-party software directly on Kubernetes. Today, number of Operators are being built for middlewares like databases, queues, ssl certificates, etc. The Custom Resources introduced by Operators essentially represent 'platform elements' as their Spec definitions encapsulate some higher-level workflow actions on the underlying infrastructure resource that they are managing (database, queue, ssl certificate, etc.). A novel approach for building platforms on Kubernetes is to construct a platform stack from multiple Custom Resources, essentially building platforms as Code.
Platform as Code approach provides true portability across Cloud providers as your entire platform stack is running on Kubernetes. It also enables Kubernetes YAML to become common language between Operations team and application development teams.
Fabrikate helps make operating Kubernetes clusters with a GitOps workflow more productive. It allows you to write DRY resource definitions and configuration for multiple environments while leveraging the broad Helm chart ecosystem, capture higher level definitions into abstracted and shareable components, and enable a GitOps deployment workflow that both simplifies and makes deployments more auditable.
This project is our humble attempt to combine the collective wisdom of the cloud native community for building best practice cloud native Kubernetes clusters, based on real world experiences deploying and operating applications and Kubernetes clusters.
Bedrock is a set of automation, tooling, and infrastructure for deploying production-level Kubernetes clusters with a secure and auditable GitOps workflow.
Terraform-operator - This is a low level tool to run Git controlled Terraform modules in Kubernetes. The operator manages the TF state file using Kubernetes as a remote statefile backend! Backend upstream PR You can have changes auto-applied or wait for an explicit "OK" before running.
BotKube integration with Slack or Mattermost helps you monitor your Kubernetes cluster, debug critical deployments and gives recommendations for standard practices by running checks on the Kubernetes resources.
Grafana Dashboards for Kubernetes Administrators. I've build Kubernetes Control Plane dashboards for better oncall experience and faster outage resolution.
Kubernetes Tools that follow Unix philosophy to be simple, modular, and extensible - k14s
Wormhole is a simple CNI plugin designed to create an encrypted overlay network for kubernetes clusters.
WireGuard is a fascinating Fast, Modern, Secure VPN tunnel, that has been gaining significant praise from security experts, and is currently proposed for inclusion within the linux kernel.
Kubernetes External Secrets allows you to use external secret management systems (e.g., AWS Secrets Manager) to securely add secrets in Kubernetes
Think of kboom as the Kubernetes equivalent of boom, allowing you to create short-term load for scale testing and long-term load for soak testing. Supported load out of the box for scale testing are pods and custom resources via CRDs for soak testing is planned.
kube-iptables-tailer is a service that gives you better visibility on networking issues in your Kubernetes cluster by detecting the traffic denied by iptables and surfacing corresponding information to the affected Pods via Kubernetes events.
Kubernetes liveness and readiness probes can be used to make a service more robust and more resilient, by reducing operational issues and improving the quality of service. However, if these probes are not implemented carefully, they can severely degrade the overall operation of a service, to a point where you
This repository collects Kubernetes manifests, Grafana dashboards, and Prometheus rules combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus Operator.
Kroki provides a unified API with support for BlockDiag (BlockDiag, SeqDiag, ActDiag, NwDiag), C4 (with PlantUML), Ditaa, Erd, GraphViz, Mermaid, Nomnoml, PlantUML, SvgBob and UMLet... and more to come!
We're building an image management solution for Kubernetes (and possibly other orchestrators). At its heart is the Trow Registry, which runs inside the cluster, is simple to set-up and fully integrated with Kubernetes, including support for auditing and RBAC.
dnscrypt-proxy 2 - A flexible DNS proxy, with support for encrypted DNS protocols. - jedisct1/dnscrypt-proxy
CScanner scans your cloud accounts for potential security problems.
Web server with built-in support for QUIC, HTTP/2, Lua, Markdown, Pongo2, HyperApp, Amber, Sass(SCSS), GCSS, JSX, BoltDB (built-in, stores the database in a file, like SQLite), Redis, PostgreSQL, MariaDB/MySQL, rate limiting, graceful shutdown, plugins, users and permissions.
All in one small self-contained executable.
Sonic is a fast, lightweight and schema-less search backend. It ingests search texts and identifier tuples that can then be queried against in a microsecond's time.
Sonic can be used as a simple alternative to super-heavy and full-featured search backends such as Elasticsearch in some use-cases. It is capable of normalizing natural language search queries, auto-completing a search query and providing the most relevant results for a query. Sonic is an identifier index, rather than a document index; when queried, it returns IDs that can then be used to refer to the matched documents in an external database.