An open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters.
Kubescape is an open-source Kubernetes security platform. It includes risk analysis, security compliance, and misconfiguration scanning. Targeted at the DevSecOps practitioner or platform engineer, it offers an easy-to-use CLI interface, flexible output formats, and automated scanning capabilities. It saves Kubernetes users and admins precious time, effort, and resources.
Kubescape @ GitHub.
Get your resource requests "Just Right".
Goldilocks is a utility that can help you identify a starting point for resource requests and limits.
By using the kubernetes vertical-pod-autoscaler in recommendation mode, we can see a suggestion for resource requests on each of our apps. This tool creates a VPA for each workload in a namespace and then queries them for information.
Goldilocks @ GitHub.
Kubernetes-native CI/CD building blocks.
Tekton is a powerful yet flexible Kubernetes-native open source framework for creating continuous integration and delivery (CI/CD) systems. It lets you build, test, and deploy across multiple cloud providers or on-premises systems by abstracting away the underlying implementation details.
Tekton @ GitHub
A vulnerability scanner for container images and filesystems.
Work with remote images registries - retrieving information, images, signing content.
skopeo is a command line utility that performs various operations on container images and image repositories.
he Most Flexible IaC Management Platform.
Spacelift is a sophisticated CI/CD platform for Terraform, Terragrunt, CloudFormation, Pulumi, Kubernetes, and Ansible
An open source control plane manager for unified cluster management.
k0smotron allows you to unify your Kubernetes cluster management for an efficient use of resources. It’s designed for k0s.
From pets to cattle: Streamline your Kubernetes control plane management with k0smotron.
Experience unparalleled isolation, scalability, and resource efficiency for your Kubernetes control planes with k0smotron - the ultimate Kubernetes management solution. It’s designed for k0s
k0smotron @ GitHub.
Flux is a set of continuous and progressive delivery solutions for Kubernetes that are open and extensible.
Flux @ GitHub.
Building a virtualization API for Kubernetes.
KubeVirt technology addresses the needs of development teams that have adopted or want to adopt Kubernetes but possess existing Virtual Machine-based workloads that cannot be easily containerized. More specifically, the technology provides a unified development platform where developers can build, modify, and deploy applications residing in both Application Containers as well as Virtual Machines in a common, shared environment.
KubeVirt @ GitHub
Supersonic Subatomic Java.
A Kubernetes Native Java stack tailored for OpenJDK HotSpot and GraalVM, crafted from the best of breed Java libraries and standards.
Quarkus @ GitHub.
Telegraf is the open source server agent to help you collect metrics from your stacks, sensors, and systems.
Telegraf is a server-based agent for collecting and sending all metrics and events from databases, systems, and IoT sensors. Telegraf is written in Go and compiles into a single binary with no external dependencies, and requires a very minimal memory footprint.
Telegraf @ GitHub.
Hardened Containers, Faster Teams, Secure Software.
Automatically eliminate unused software components and deploy smaller, faster, more secure workloads.
The Certified Enterprise Kubernetes Distribution
k0s is a highly scalable, certified Kubernetes distribution that
works on any infrastructure. It’s built on open source and free.
Linux Native, API-Aware Networking and Security for Containers. eBPF-based Networking, Observability, Security.
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. It provides a simple flat Layer 3 network with the ability to span multiple clusters in either a native routing or overlay mode. It is L7-protocol aware and can enforce network policies on L3-L7 using an identity based security model that is decoupled from network addressing.
Cilium @ GitHub.
Portable logs post-processing awk script - colours, emojis and more for Kubernetes logs, containers, journalctl, etc..
Tiny awk script to improve kubernetes logs reading experience.
Kubegres is a Kubernetes operator allowing to deploy one or many clusters of PostgreSql instances with data replication and failover enabled out-of-the box. It brings simplicity when using PostgreSql considering how complex managing stateful-set's life-cycle and data replication could be with Kubernetes.
Kubegres @ GitHub
An open specification for enriching containers with development specific content and settings.
A Development Container (or Dev Container for short) allows you to use a container as a full-featured development environment. It can be used to run an application, to separate tools, libraries, or runtimes needed for working with a codebase, and to aid in continuous integration and testing. Dev containers can be run locally or remotely, in a private or public cloud.
Deploy a Production Ready Kubernetes Cluster
- Can be deployed on AWS, GCE, Azure, OpenStack, vSphere, Equinix Metal (bare metal), Oracle Cloud Infrastructure (Experimental), or Baremetal
- Highly available cluster
- Composable (Choice of the network plugin for instance)
- Supports most popular Linux distributions
- Continuous integration tests
K8sGPT is a tool for scanning your kubernetes clusters, diagnosing and triaging issues in simple english. It has SRE experience codified into it’s analyzers and helps to pull out the most relevant information to enrich it with AI.
Scale down Kubernetes deployments after work hours.
Scale down / "pause" Kubernetes workload (Deployments, StatefulSets, and/or HorizontalPodAutoscalers and CronJobs too !) during non-work hours.
5293 links, including 1 private