Multi-Cluster Kubernetes Orchestration.
KubeAdmiral is a multi-cluster management system for Kubernetes, developed from Kubernetes Federation v2. Kubernetes Federation v2 allows users to manage Kubernetes resources across multiple clusters through the use of federated types such as FederatedDeployment, FederatedReplicaSet, FederatedSecret, etc. KubeAdmiral extends the Kubernetes Federation v2 API, providing compatibility with the Kubernetes native API and more powerful resource management capabilities.
Kubernetes Native Policy Management.
Kyverno is a policy engine designed for Kubernetes.
It can validate, mutate, and generate configurations using admission controls and background scans.
Kyverno policies are Kubernetes resources and do not require learning a new language.
Kyverno is designed to work nicely with tools you already use like kubectl, kustomize, and Git.
KubeSkoop is a kubernetes networking diagnose tool for different CNI plug-ins and IAAS providers. KubeSkoop automatic construct network traffic graph of Pod in the Kubernetes cluster, monitoring and analysis of the kernel's critical path by eBPF, to resolve most of Kubernetes cluster network problems.
The Kubernetes control plane manager.
An open source control plane manager for unified cluster management. k0smotron allows you to unify your Kubernetes cluster management for an efficient use of resources. It’s designed for k0s.
Efficient and consistent CI/CD with Kubernetes.
A solution for implementing efficient and consistent software delivery to Kubernetes facilitating best practices.
werf is a CNCF Sandbox CLI tool to implement full-cycle CI/CD to Kubernetes easily. werf integrates into your CI system and leverages familiar and reliable technologies, such as Git, Dockerfile, Helm, and Buildah.
PuzzleFS is a next-generation container filesystem.
Puzzlefs is a container filesystem designed to address the limitations of the existing OCI format. The main goals of the project are reduced duplication, reproducible image builds, direct mounting support and memory safety guarantees, some inspired by the OCIv2 design document.
An open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters.
Kubescape is an open-source Kubernetes security platform. It includes risk analysis, security compliance, and misconfiguration scanning. Targeted at the DevSecOps practitioner or platform engineer, it offers an easy-to-use CLI interface, flexible output formats, and automated scanning capabilities. It saves Kubernetes users and admins precious time, effort, and resources.
Kubescape @ GitHub.
Get your resource requests "Just Right".
Goldilocks is a utility that can help you identify a starting point for resource requests and limits.
By using the kubernetes vertical-pod-autoscaler in recommendation mode, we can see a suggestion for resource requests on each of our apps. This tool creates a VPA for each workload in a namespace and then queries them for information.
Goldilocks @ GitHub.
Kubernetes-native CI/CD building blocks.
Tekton is a powerful yet flexible Kubernetes-native open source framework for creating continuous integration and delivery (CI/CD) systems. It lets you build, test, and deploy across multiple cloud providers or on-premises systems by abstracting away the underlying implementation details.
Tekton @ GitHub
A vulnerability scanner for container images and filesystems.
Work with remote images registries - retrieving information, images, signing content.
skopeo is a command line utility that performs various operations on container images and image repositories.
he Most Flexible IaC Management Platform.
Spacelift is a sophisticated CI/CD platform for Terraform, Terragrunt, CloudFormation, Pulumi, Kubernetes, and Ansible
An open source control plane manager for unified cluster management.
k0smotron allows you to unify your Kubernetes cluster management for an efficient use of resources. It’s designed for k0s.
From pets to cattle: Streamline your Kubernetes control plane management with k0smotron.
Experience unparalleled isolation, scalability, and resource efficiency for your Kubernetes control planes with k0smotron - the ultimate Kubernetes management solution. It’s designed for k0s
Flux is a set of continuous and progressive delivery solutions for Kubernetes that are open and extensible.
Flux @ GitHub.
Building a virtualization API for Kubernetes.
KubeVirt technology addresses the needs of development teams that have adopted or want to adopt Kubernetes but possess existing Virtual Machine-based workloads that cannot be easily containerized. More specifically, the technology provides a unified development platform where developers can build, modify, and deploy applications residing in both Application Containers as well as Virtual Machines in a common, shared environment.
KubeVirt @ GitHub
Supersonic Subatomic Java.
A Kubernetes Native Java stack tailored for OpenJDK HotSpot and GraalVM, crafted from the best of breed Java libraries and standards.
Telegraf is the open source server agent to help you collect metrics from your stacks, sensors, and systems.
Telegraf is a server-based agent for collecting and sending all metrics and events from databases, systems, and IoT sensors. Telegraf is written in Go and compiles into a single binary with no external dependencies, and requires a very minimal memory footprint.
Telegraf @ GitHub.
Hardened Containers, Faster Teams, Secure Software.
Automatically eliminate unused software components and deploy smaller, faster, more secure workloads.
The Certified Enterprise Kubernetes Distribution
k0s is a highly scalable, certified Kubernetes distribution that
works on any infrastructure. It’s built on open source and free.
Linux Native, API-Aware Networking and Security for Containers. eBPF-based Networking, Observability, Security.
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. It provides a simple flat Layer 3 network with the ability to span multiple clusters in either a native routing or overlay mode. It is L7-protocol aware and can enforce network policies on L3-L7 using an identity based security model that is decoupled from network addressing.
Cilium @ GitHub.
5450 links, including 1 private