A curated list of awesome Kubernetes tools and resources.
Inspired by awesome list and donnemartin/awesome-aws.
- Repo with 0050+ Stars: ๐ฅ
- Repo with 0200+ Stars: ๐ฅ๐ฅ
- Repo with 0500+ Stars: ๐ฅ๐ฅ๐ฅ
- Repo with 1000+ Stars: ๐ฅ๐ฅ๐ฅ๐ฅ
- Repo with 2000+ Stars: ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ
Idea taken from donnemartin/awesome-aws.
- Tools and Libraries
- Command Line Tools
- Cluster Provisioning
- Automation and CI/CD
- Cluster Resources Management
- Secrets Management
- Networking
- Storage
- Testing and Troubleshooting
- Monitoring, Alerts, and Visualization
- Backup and Restore
- Security and Compliance
- Service Mesh
- Development Tools
- Data Processing and Machine Learning
- Data Management
- Miscellaneous
- Guides, Documentations, Blogs, and Learnings
- Contribute
- License
Items with ๐ indicate open source projects.
- ๐Helm ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources.
- ๐Infra ๐ฅ๐ฅ๐ฅ - Infra enables you to discover and access infrastructure (e.g. Kubernetes, databases). We help you connect an identity provider such as Okta or Azure active directory, and map users/groups with the permissions you set to your infrastructure.
- ๐K9s ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - K9s provides a terminal UI to interact with your Kubernetes clusters.
- ๐kapp ๐ฅ๐ฅ๐ฅ - kapp is a simple deployment tool focused on the concept of "Kubernetes application" โ a set of resources with the same label
- ๐kconnect ๐ฅ๐ฅ - kconnect is a CLI utility that can be used to discover and securely access Kubernetes clusters across multiple operating environments.
- ๐Ktunnel ๐ฅ๐ฅ - Ktunnel is a CLI tool that establishes a reverse tunnel between a kubernetes cluster and your local machine.
- ๐Kubebox ๐ฅ๐ฅ๐ฅ๐ฅ - Terminal and Web console for Kubernetes
- ๐Kubetail ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Bash script that enables you to aggregate (tail/follow) logs from multiple pods into one stream.
- ๐kube-shell ๐ฅ๐ฅ๐ฅ๐ฅ - Kube-shell: An integrated shell for working with the Kubernetes CLI.
- ๐kubecolor ๐ฅ๐ฅ๐ฅ - colorizes kubectl output
- ๐kubectl tree ๐ฅ๐ฅ๐ฅ๐ฅ - A kubectl plugin to explore ownership relationships between Kubernetes objects through owners.
- ๐kubectl-aliases ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - This repository contains a script to generate hundreds of convenient shell aliases for kubectl.
- ๐kubectx + kubens ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ -
kubectx
helps you switch between clusters back and forth, andkubens
helps you switch between Kubernetes namespaces smoothly. - ๐kubediff ๐ฅ๐ฅ๐ฅ - Kubediff is a tool for Kubernetes to show you the differences between your running configuration and your version controlled configuration.
- ๐kubeprompt ๐ฅ - Isolates KUBECONFIG in each shell and shows the current Kubernetes context/namespace in your prompt
- ๐Kubevela ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - KubeVela is an easy-to-use yet extensible platform that enables them to design and ship applications with minimal effort.
- ๐Move2Kube ๐ฅ๐ฅ - A tool to help users migrate their apps from legacy platforms like Cloud Foundry to Kubernetes and Openshift. Analyses the application source code and generates Kubernetes YAMLs, Helm Charts, Tekton Pipelines, etc. The analysis and generation can be heavily customized to produce the exact output that you want.
- ๐nova ๐ฅ๐ฅ - Nova scans your cluster for installed Helm charts, then cross-checks them against all known Helm repositories.
- ๐Plural ๐ฅ๐ฅ - Plural is a CLI tool and holistic DevOps management platform for rapidly deploying, managing, and monitoring open-source applications on Kubernetes.
- ๐RBAC Lookup ๐ฅ๐ฅ๐ฅ - RBAC Lookup is a CLI that allows you to easily find Kubernetes roles and cluster roles bound to any user, service account, or group name.
- ๐stern ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Stern allows you to tail multiple pods on Kubernetes and multiple containers within the pod.
- ๐Bootkube ๐ฅ๐ฅ๐ฅ๐ฅ - Bootkube is a tool for launching self-hosted Kubernetes clusters.
- ๐Claudie ๐ฅ - Multi-cloud clusters with each nodepool in a different cloud provider.
- ๐Cluster API ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Cluster API is a Kubernetes sub-project focused on providing declarative APIs and tooling to simplify provisioning, upgrading, and operating multiple Kubernetes clusters.
- ๐eksctl ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ -
eksctl
is a simple CLI tool for creating clusters on EKS - Amazon's new managed Kubernetes service for EC2. - ๐k0s ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - k0s - Zero Friction Kubernetes (The Simple, Solid & Certified Kubernetes Distribution)
- ๐k3d ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - k3d,and Windows.,destroy,half the memory,highly available,is a tool for running local k3s clusters in docker. It's a single binary about 20 MB. You need to have docker installed.
- ๐k3s ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Lightweight Kubernetes. Easy to install,Kubernetes clusters from the command line.
- ๐kind ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - kind is a tool for running local Kubernetes clusters using Docker container "nodes".
- ๐kops ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ -
kops
helps you create,like kind,upgrade and maintain production-grade - ๐kube-aws ๐ฅ๐ฅ๐ฅ๐ฅ -
kube-aws
is a command-line tool to create/update/destroy Kubernetes clusters on AWS. - ๐kubespray ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Deploy a production ready Kubernetes cluster
- ๐microK8s ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - The smallest, fastest Kubernetes
- ๐Minikube ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - minikube implements a local Kubernetes cluster on macOS,Linux,all in a binary less than 100 MB.
- ๐Talos Linux ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Talos Linux is a minimal, immutable, secure OS that installs vanilla Kubernetes - for production datacenters, K8s@home, and Edge.
- Kubeadm - kubeadm performs the actions necessary to get a minimum viable cluster up and running.
- ๐Argo CD ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.
- ๐Argo Events ๐ฅ๐ฅ๐ฅ๐ฅ - Argo Events is an event-driven workflow automation framework for Kubernetes which helps you trigger K8s objects, Argo Workflows, Serverless workloads, etc.
- ๐Argo Rollouts ๐ฅ๐ฅ๐ฅ๐ฅ - Argo Rollouts controller, uses the Rollout custom resource to provide additional deployment strategies such as Blue Green and Canary to Kubernetes.
- ๐Argo Workflows ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes.
- ๐Flagger ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Flagger is a progressive delivery tool that automates the release process for applications running on Kubernetes.
- ๐Flux2 ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Flux version 2 is built from the ground up to use Kubernetes' API extension system, and to integrate with Prometheus and other core components of the Kubernetes ecosystem.
- ๐k8s-image-swapper ๐ฅ๐ฅ -
k8s-image-swapper
is a mutating webhook for Kubernetes, downloading images into your own registry and pointing the images to that new location. - ๐KubeSphere ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - KubeSphere is a distributed operating system providing cloud native stack with Kubernetes as its kernel, and aims to be plug-and-play architecture for third-party applications seamless integration to boost its ecosystem.
- ๐Reloader ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Reloader can watch changes in
ConfigMap
andSecret
and do rolling upgrades on Pods with their associatedDeploymentConfigs
,Deployments
,Daemonsets
andStatefulsets
. - ๐terranetes-controller ๐ฅ - Terranetes controller enables the platform team to deliver self-service capabilities around cloud resources.
- ๐Skaffold ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Skaffold is a command line tool that facilitates continuous development for Kubernetes applications.
- ๐Spinnaker ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Spinnaker is an open-source continuous delivery platform for releasing software changes with high velocity and confidence.
- ๐TF-controller ๐ฅ - TF-controller is an experimental controller for Flux to reconcile Terraform resources in the GitOps way.
- ๐werf ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - werf is a CLI tool glueing Git, Docker, Helm & Kubernetes with any CI system to implement CI/CD and GitOps.
- ๐Weave GitOps ๐ฅ๐ฅ - Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise.
- ๐Clusterpedia ๐ฅ - Clusterpedia is used for complex resource searches across multiple clusters, support simultaneous search of a single kind of resource or multiple kinds of resources existing in multiple clusters.
- ๐Grafana Tanka ๐ฅ๐ฅ๐ฅ๐ฅ - The clean, concise and super flexible alternative to YAML for your Kubernetes cluster.
- ๐KEDA ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - KEDA allows for fine grained autoscaling (including to/from zero) for event driven Kubernetes workloads.
- ๐Kruise ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Kruise consists of several controllers which extend and complement the Kubernetes core controllers for workload management.
- ๐KubeDirector ๐ฅ๐ฅ - KubeDirector uses standard Kubernetes (K8s) facilities of custom resources and API extensions to implement stateful scaleout application clusters.
- ๐Kubenav ๐ฅ๐ฅ๐ฅ๐ฅ - kubenav is the navigator for your Kubernetes clusters right in your pocket.
- ๐Liqo ๐ฅ๐ฅ - Liqo implements Dynamic resource sharing across different Kubernetes clusters (e.g.; offloading pods and services), supporting decentralized governance.
- ๐Pluto ๐ฅ๐ฅ๐ฅ๐ฅ - Pluto is a utility to help users find deprecated Kubernetes apiVersions in their code repositories and their helm releases.
- ๐Polaris ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Polaris is an open source policy engine for Kubernetes that validates and remediates resource configuration.
- ๐The Hierarchical Namespace Controller ๐ฅ๐ฅ๐ฅ - Hierarchical namespaces make it easier to share your cluster by making namespaces more powerful.
- ๐Kubernetes External Secrets ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Kubernetes External Secrets allows you to use external secret management systems, like AWS Secrets Manager or HashiCorp Vault, to securely add secrets in Kubernetes.
- ๐Sealed Secrets ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Encrypt your Secret into a SealedSecret, which is safe to store - even to a public repository.
- ๐akv2k8s ๐ฅ๐ฅ - Azure Key Vault to Kubernetes (akv2k8s) will make Azure Key Vault objects available to Kubernetes in two ways: as native Kubernetes Secrets; as environment variables directly injected into your Container application
- ๐Calico Networking ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Calico is an open source networking and network security solution for containers, virtual machines, and bare-metal workloads
- ๐cert-manager ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources.
- ๐cilium ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Cilium is a networking, observability, and security solution with an eBPF-based dataplane.
- ๐CoreDNS ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - CoreDNS is a fast and flexible DNS server that works on Kubernetes.
- ๐ingress-nginx ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ -
ingress-nginx
is an Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer. - ๐Kong for Kubernetes ๐ฅ๐ฅ๐ฅ๐ฅ - Configure plugins, health checking, load balancing and more in Kong for Kubernetes Services.
- ๐ksniff ๐ฅ๐ฅ๐ฅ๐ฅ - A kubectl plugin that utilize tcpdump and Wireshark to start a remote capture on any pod in your Kubernetes cluster.
- ๐kubectl trace ๐ฅ๐ฅ๐ฅ๐ฅ -
kubectl trace
is a kubectl plugin that allows you to schedule the execution of bpftrace programs in your Kubernetes cluster. - ๐Kube Karp ๐ฅ - Add a floating virtual IP to Kubernetes cluster nodes for load balancing easily based on the CARP protocol
- ๐kubernetes-ingress ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - An implementation of an Ingress controller for NGINX and NGINX Plus (commercial).
- ๐kube-ovn ๐ฅ๐ฅ๐ฅ๐ฅ - A Kubernetes Network Fabric for Enterprises that is Rich in Functions and Easy in Operations.
- ๐Longhorn ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Longhorn is a distributed block storage system for Kubernetes.
- ๐OpenEBS ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - OpenEBS is the most widely deployed and easy to use open-source storage solution for Kubernetes.
- ๐Rook ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Rook is an open source cloud-native storage orchestrator for Kubernetes.
- ๐Chaos Mesh ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Chaos Meshยฎ is a cloud-native Chaos Engineering platform that orchestrates chaos on Kubernetes environments.
- ๐chaoskube ๐ฅ๐ฅ๐ฅ๐ฅ -
chaoskube
periodically kills random pods in your Kubernetes cluster. - ๐Conftest ๐ฅ๐ฅ๐ฅ๐ฅ - Conftest helps you write tests against structured configuration data.
- ๐DETIK ๐ฅ - A library that simplifies end-to-end testing of K8s applications by using BATS assertions and natural language queries.
- ๐k6 ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - k6 is a modern load testing tool, building on Load Impact's years of experience in the load and performance testing industry.
- ๐ksniff ๐ฅ๐ฅ๐ฅ๐ฅ - A kubectl plugin that utilize tcpdump and Wireshark to start a remote capture on any pod in your Kubernetes cluster.
- ๐Kube DOOM ๐ฅ๐ฅ๐ฅ๐ฅ - The next level of chaos engineering is here! Kill pods inside your Kubernetes cluster by shooting them in Doom!
- ๐kube-monkey ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - It randomly deletes Kubernetes (k8s) pods in the cluster encouraging and validating the development of failure-resilient services.
- ๐kube-score ๐ฅ๐ฅ๐ฅ๐ฅ -
kube-score
is a tool that performs static code analysis of your Kubernetes object definitions. - ๐Kubectl-debug ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ -
kubectl-debug
is an out-of-tree solution for troubleshooting running pods, which allows you to run a new container in running pods for debugging purpose. - ๐KubeInvaders ๐ฅ๐ฅ๐ฅ - Through KubeInvaders you can stress Kubernetes cluster in a fun way and check how it is resilient.
- ๐Kubetest ๐ฅ - Kubetest is a pytest plugin that makes it easier to manage a Kubernetes cluster within your integration tests.
- ๐Litmus ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Litmus provides tools to orchestrate chaos on Kubernetes to help SREs find weaknesses in their deployments.
- ๐popeye ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Popeye is a utility that scans live Kubernetes cluster and reports potential issues with deployed resources and configurations.
- ๐PowerfulSeal ๐ฅ๐ฅ๐ฅ๐ฅ - PowerfulSeal injects failure into your Kubernetes clusters, so that you can detect problems as early as possible.
- ๐Testkube ๐ฅ๐ฅ๐ฅ - Testkube is a Kubernetes native Testing Framework for test orchestration and execution. It allows you to run any of your tests inside a Kubernetes cluster. Integrates with your CI/CD and allows you to follow a GitOps approach to Testing while having a centralized place for all of your Test Results accross all clusters.
- ๐BotKube ๐ฅ๐ฅ๐ฅ๐ฅ - BotKube integration with Slack or Mattermost helps you monitor your Kubernetes cluster, debug critical deployments and gives recommendations for standard practices by running checks on the Kubernetes resources.
- ๐Cortex ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Cortex provides horizontally scalable, highly available, multi-tenant, long term storage for Prometheus.
- ๐Goldilocks ๐ฅ๐ฅ๐ฅ - Goldilocks is a utility that can help you identify a starting point for resource requests and limits.
- ๐Grafana ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Grafana allows you to query, visualize, alert on and understand your metrics no matter where they are stored.
- ๐Helm Dashboard ๐ฅ๐ฅ๐ฅ๐ฅ - The missing UI for Helm. The Helm Dashboard plugin offers a UI-driven way to view installed Helm charts, see their revision history and corresponding k8s resources.
- ๐k8s-image-availability-exporter ๐ฅ - Prometheus exporter that warns you proactively about images that are defined in Kubernetes objects but are not available in the container registry.
- ๐Kiali ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Kiali works with Istio to visualise the service mesh topology.
- ๐kube-capacity ๐ฅ๐ฅ๐ฅ - This is a simple CLI that provides an overview of the resource requests, limits, and utilization in a Kubernetes cluster.
- ๐kube-state-metrics ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - kube-state-metrics is a simple service that listens to the Kubernetes API server and generates metrics about the state of the objects.
- ๐Kubernetes Dashboard ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Kubernetes Dashboard is a general purpose, web-based UI for Kubernetes clusters.
- ๐Kubernetes Metrics Server ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Metrics Server is a scalable, efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines.
- ๐Kubernetes Operational View ๐ฅ๐ฅ๐ฅ๐ฅ - A tool that aims to provide a common operational picture for multiple Kubernetes clusters.
- ๐kubewatch ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ -
kubewatch
is a Kubernetes watcher that currently publishes notification to available collaboration hubs/notification channels. - ๐Lens ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Lens it's an useful, attractive, open source user interface (UI) for working with Kubernetes clusters.
- ๐Mizu ๐ฅ๐ฅ๐ฅ - API traffic viewer for Kubernetes enabling you to view all API communication between microservices. Think TCPDump and Wireshark re-invented for Kubernetes
- ๐Network mapper ๐ฅ๐ฅ - Map Kubernetes in-cluster traffic and export as text, intents, or an image.
- ๐Popeye ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Popeye is a utility that scans live Kubernetes cluster and reports potential issues with deployed resources and configurations.
- ๐Prometheus ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Prometheus, a Cloud Native Computing Foundation project, is a systems and service monitoring system.
- ๐Searchlight ๐ฅ๐ฅ - Searchlight/Icinga periodically runs various checks on a Kubernetes cluster and sends notifications if detects an issue.
- ๐Sloop ๐ฅ๐ฅ๐ฅ - Sloop monitors Kubernetes, recording histories of events and resource state changes and providing visualizations to aid in debugging past events.
- ๐Thanos ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Thanos is a set of components that can be composed into a highly available metric system with unlimited storage capacity.
- ๐Kubedev ๐ฅ - Kubedev is a powerful and beautiful user interface for managing Kubernetes clusters.
- ๐KubeHelper ๐ฅ - KubeHelper - simplifies many daily Kubernetes cluster tasks through a web interface.
- ๐katafygio ๐ฅ - katafygio discovers Kubernetes objects (deployments, services, ...), and continuously save them as yaml files in a git repository.
- ๐Velero ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Velero (formerly Heptio Ark) gives you tools to back up and restore your Kubernetes cluster resources and persistent volumes.
- ๐Datree ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Datree is a CLI tool that supports Kubernetes admins in their roles by preventing developers from making errors in Kubernetes configurations that can cause clusters to fail in production.
- ๐Deepfence ThreatMapper ๐ฅ๐ฅ๐ฅ - Apache v2, powerful runtime vulnerability scanner for kubernetes, virtual machines and serverless.
- ๐Falco ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Falco is a behavioral activity monitor designed to detect anomalous activity in your applications. You can use Falco to monitor run-time security of your Kubernetes applications and internal components.
- ๐Gatekeeper ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Policy controller for Kubernetes
- ๐Intents operator ๐ฅ๐ฅ - Manage network policies, Istio Authorization Policies, and Kafka ACLs in a Kubernetes cluster with ease.
- ๐k-rail ๐ฅ๐ฅ - k-rail is a workload policy enforcement tool for Kubernetes. It can help you secure a multi tenant cluster with minimal disruption and maximum velocity.
- ๐Konstraint ๐ฅ๐ฅ - Konstraint is a CLI tool to assist with the creation and management of constraints when using Gatekeeper.
- ๐kube-bench ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark.
- ๐kube-hunter ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - kube-hunter hunts for security weaknesses in Kubernetes clusters.
- ๐KubeLinter ๐ฅ๐ฅ๐ฅ๐ฅ - KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.
- ๐Kubesploit ๐ฅ๐ฅ๐ฅ - Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl (@Ne0nd0g).
- ๐KubiScan ๐ฅ๐ฅ๐ฅ - A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control (RBAC) authorization model.
- ๐Kyverno ๐ฅ๐ฅ๐ฅ๐ฅ - Kyverno is a policy engine designed for Kubernetes. It can validate, mutate, and generate configurations using admission controls and background scans.
- ๐Netchecks ๐ฅ - Set of tools for testing network conditions and asserting that they are as expected.
- ๐Permission manager ๐ฅ๐ฅ๐ฅ - Permission Manager is an application developed by SIGHUP that enables a super-easy and user-friendly RBAC management for Kubernetes.
- ๐rakkess ๐ฅ๐ฅ๐ฅ - kubectl plugin to show an access matrix for server resources
- ๐Rรถnd ๐ฅ - Rรถnd is an open-source lightweight Kubernetes sidecar container that helps you protect your APIs with simple security policies. It also natively allows you to build your RBAC/ABAC solution.
- ๐Teleport ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Teleport Unified Access Plane enables engineers to quickly access any computing resource anywhere.
- ๐Istio ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - An open platform to connect, manage, and secure microservices.
- ๐Linkerd ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Linkerd is a transparent service mesh, designed to make modern applications safe and sane.
- ๐Open Service Mesh ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Open Service Mesh (OSM) is a lightweight, extensible, Cloud Native service mesh that allows users to uniformly manage, secure, and get out-of-the-box observability features for highly dynamic microservice environments.
- ๐Eclipse JKube ๐ฅ๐ฅ - Tools and plugins for Java developers that help you create container images along with the required manifests to deploy your applications to Kubernetes.
- ๐garden ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Garden provides production-like Kubernetes testing environments for integration tests, QA, and development.
- ๐gefyra ๐ฅ๐ฅ๐ฅ -Gefyra blazingly-fast, rock-solid, local application development โก๏ธ with Kubernetes.
- ๐ko ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ -
ko
is a tool for building and deploying Golang applications to Kubernetes. - ๐Konfig ๐ฅ - Konfig is a Kubernetes friendly Rails gem. It can load configuration and secrets from both YAML or folders with individual files and present them to your application the same way.
- ๐kubevious ๐ฅ๐ฅ๐ฅ๐ฅ - Kubevious renders all configurations relevant to the application in one place. That saves a lot of time from operators, eliminating the need for looking up settings and digging within selectors and labels.
- ๐kubectl-warp ๐ฅ๐ฅ - Kubernetes CLI plugin for syncing and executing local files in Pod on Kubernetes
- ๐kubernix ๐ฅ๐ฅ๐ฅ - This project aims to provide single dependency Kubernetes clusters for local testing, experimenting and development purposes.
- ๐Makisu ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Makisu is a fast and flexible Docker image build tool designed for unprivileged containerized environments such as Mesos or Kubernetes.
- ๐mirrord ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - mirrord connects your local process and your cloud environment, and runs local code in cloud conditions.
- ๐Monokle ๐ฅ๐ฅ๐ฅ - Monokle helps you create, edit and validate yaml manifests, visualize and validate resource links and dependencies, connect and compare resources to your clusters, debug the output of kustomize or helm, and more!
- ๐Okteto ๐ฅ๐ฅ๐ฅ๐ฅ -
okteto
accelerates the development workflow of Kubernetes applications. - ๐Telepresence ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Telepresence provides fast, realistic local development for Kubernetes microservices.
- ๐Tilt ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Tilt powers multi-service development and makes sure they behave.
- ๐Tye ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Tye is a developer tool that makes developing, testing, and deploying microservices and distributed applications easier.
- Aptakube - A modern, lightweight and multi-cluster desktop client for Kubernetes. Connect to multiple clusters simultaneously to view, edit and manage all your resources.
- ๐Kubeflow ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Kubeflow is a Cloud Native platform for machine learning based on Googleโs internal machine learning pipelines.
- ๐nos ๐ฅ๐ฅ -
nos
is an open-source platform to efficiently run AI workloads on Kubernetes, increasing GPU utilization and reducing infrastructure and operational costs. - ๐Strimzi ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations.
- ๐Volcano ๐ฅ๐ฅ๐ฅ๐ฅ - Volcano is a batch system built on Kubernetes.
- ๐yunikorn ๐ฅ๐ฅ - a light-weight, universal resource scheduler for container orchestrator systems.
- ๐Kubegres ๐ฅ๐ฅ๐ฅ - Kubegres is a Kubernetes operator allowing to deploy one or many clusters of PostgreSql pods with data replication and failover enabled out-of-the box.
- ๐Postgres Operator ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - PGO, the Postgres Operator from Crunchy Data, gives you a declarative Postgres solution that automatically manages your PostgreSQL clusters.
- ๐MongoDB Community Kubernetes Operator ๐ฅ๐ฅ - This is a Kubernetes Operator which deploys MongoDB Community into Kubernetes clusters.
- ๐MySQL Operator for Kubernetes ๐ฅ - The MYSQL Operator for Kubernetes is an Operator for Kubernetes managing MySQL InnoDB Cluster setups inside a Kubernetes Cluster.
- ๐Redis Operator ๐ฅ๐ฅ๐ฅ - Redis Operator creates/configures/manages redis-failovers atop Kubernetes.
- ๐Agones ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Agones is a library for hosting, running and scaling dedicated game servers on Kubernetes.
- ๐AWS Controllers for Kubernetes ๐ฅ๐ฅ๐ฅ๐ฅ - AWS Controllers for Kubernetes (ACK) lets you define and use AWS service resources directly from Kubernetes.
- ๐AWS Node Termination Handler ๐ฅ๐ฅ๐ฅ - A Kubernetes Daemonset to gracefully handle EC2 instance shutdown
- ๐Brigade ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Brigade is the tool for creating pipelines for Kubernetes.
- ๐Crossplane ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Crossplane is an open source Kubernetes add-on that extends any cluster with the ability to provision and manage cloud infrastructure, services, and applications.
- ๐Descheduler for Kubernetes ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Descheduling pods from nodes based on policies
- ๐Devtron ๐ฅ๐ฅ๐ฅ๐ฅ - It is designed as a self-serve platform for operationalizing and maintaining applications (AppOps) on kubernetes in a developer friendly way.
- ๐OpenCost ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - OpenCost models give teams visibility into current and historical Kubernetes spend and resource allocation.
- ๐K8sPurger ๐ฅ -
K8sPurger
Hunt Unused Resources In Kubernetes. - ๐KubeEdge ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge.
- ๐KubePug ๐ฅ๐ฅ - A tool to check deprecations before upgrading Kubernetes version
- ๐Shell-operator ๐ฅ๐ฅ๐ฅ๐ฅ - Shell-operator is a tool for running event-driven scripts in a Kubernetes cluster.
- A Beginnerโs Guide to Kubernetes - A comprehensive introduction to Kubernetes architecture
- A Deep Dive Into Kubernetes Schema Validation - A guide about the Kubernetes schema and how to validate it using OSS and native tools
- A Guide to the Kubernetes Networking Model - A in-depth run-through of Kubernetes networking
- Amazon EKS Best Practices Guide for Security - This guide provides advice about protecting information, systems, and assets that are reliant on EKS while delivering business value through risk assessments and mitigation strategies.
- Amazon EKS Node Drainer ๐ฅ - A guide and an example to cordon and evict all evictable pods from an EC2 node being terminated.
- Comparison of Kubernetes Ingress controllers - This research compares the capabilities of 14 different Kubernetes Ingress controllers.
- Configuring HA Kubernetes cluster on bare metal servers with kubeadm - A guide to standing up a HA Kubernetes cluster on bare metal servers with kubeadm.
- Introduction to Using Google Kubernetes Engine; Explain Like Iโm Five! - Creating your first managed Kubernetes cluster on Google Kubernetes Engine using Terraform.
- Kubernetes Network Policy Recipes ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - This repository contains various use cases of Kubernetes Network Policies and sample YAML files to leverage in your setup.
- Kubernetes The Hard Way ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - Kubernetes The Hard Way guides you through bootstrapping a highly available Kubernetes cluster with end-to-end encryption between components and RBAC authentication.
- Kubernetes Working Group for Multi-Tenancy ๐ฅ๐ฅ๐ฅ - This is a working place for multi-tenancy related proposals and prototypes.
- Production grade Kubernetes Monitoring using Prometheus - A in-depth guide to deploy Prometheus monitoring solution.
- The Illustrated Childrenโs Guide to Kubernetes - Graphical explanations of Kubernetes
- Troubleshooting Kubernetes deployments - A flow chart to troubleshoot a kubernetes deployment in case of issues
- Vertical Pod Autoscaling: The Definitive Guide - An in-depth explanation on Kubernetes VPA: what it is, how it works, how to use it and which limitations it has.
- Writing Your First Kubernetes Operator - In this article, weโll see how to build and deploy your first Kubernetes Operator using the Operator SDK.
- 10 most common mistakes using kubernetes - Common pitfalls and how to avoid them.
- How the Department of Defense Moved to Kubernetes and Istio - Focus on the sidecar security stack leveraging Envoy and sidecar containers to ensure zero trust security and baked-in multi-layer security.
- Kubernetes at Reddit: Tales from Production - Hear of successes, share in the heartbreak of production explosions, and gain insight into what has and hasn't worked well for one of the world's busiest web properties.
- Kubernetes Failure Stories ๐ฅ๐ฅ๐ฅ๐ฅ๐ฅ - A compiled list of links to public failure stories related to Kubernetes.
- Life of a Packet - Tracing the path of network traffic in the Kubernetes system.
- OPA Deep Dive - Deep dive on some exciting new features in the OPA project presented by the co-creators.
- Scaling Kubernetes to 2,500 Nodes + Scaling Kubernetes to 7,500 Nodes - Issues you will encounter when running high-scale Kubernetes workloads.
- Service Mesh Comparison - An easy compensation to help choose one of the service Mesh implementations.
- ArgoCD Best Practices
- A Beginnerโs Guide to Kubernetes - A comprehensive introduction to Kubernetes architecture
- ConfigMaps in Kubernetes: how they work and what you should remember - Understanding the evolution to ConfigMaps, how they work and what happens when they change.
- Configuring Redis using a ConfigMap - A walkthrough that provides a real world example of how to configure Redis using a ConfigMap
- Example: Deploying Cassandra with a StatefulSet - This tutorial shows you how to run Apache Cassandra on Kubernetes. Cassandra, a database, needs persistent storage to provide data durability.
- Example: Deploying PHP Guestbook application with Redis - This tutorial shows you how to build and deploy a simple, multi-tier web application using Kubernetes and Docker.
- Example: Deploying WordPress and MySQL with Persistent Volumes - This tutorial shows you how to deploy a WordPress site and a MySQL database using Minikube.
- Exposing an External IP Address to Access an Application in a Cluster - This guide shows how to create a Kubernetes Service object that exposes an external IP address.
- Katacoda - This is a Kubernetes playground, a safe place designed for experimenting, exploring and learning Kubernetes.
- kubectl Cheat Sheet - An official list of commonly used kubectl commands and flags.
- Kubectl Kubernetes CheatSheet ๐ฅ๐ฅ๐ฅ๐ฅ - A cheatsheet containing many helpful kubectl commands
- Kubernetes API Reference Docs - A high-level overview of the basic types of resources provided by the Kubernetes API and their primary functions.
- Learn Kubernetes Basics - This tutorial provides a walkthrough of the basics of the Kubernetes cluster orchestration system.
- Play with Kubernetes - Play with Kubernetes is a playground which allows users to run K8s clusters in a matter of seconds.
- Ready-to-use commands and tips for kubectl - Various kubectl tips and tricks by Flantโs engineers.
- Running ZooKeeper, A Distributed System Coordinator - This tutorial demonstrates running Apache Zookeeper on Kubernetes using StatefulSets, PodDisruptionBudgets, and PodAntiAffinity.
- Set Up a CI/CD Pipeline with Kubernetes - A end-to-end guide to set up a CI/CD Pipeline with Kubernetes.
- StatefulSet Basics - This tutorial provides an introduction to managing applications with StatefulSets.
- Webinar: K8s with OPA Gatekeeper - How to use OPA to control what end-users can do on the cluster and ways to ensure that clusters are in compliance with company policies.
- Certified Kubernetes Security Specialist - CKSS ๐ฅ๐ฅ - This repository is a collection of resources to prepare for the Certified Kubernetes Security Specialist (CKSS) exam.
- CKS "Certified Kubernetes security specialist certification ๐ฅ๐ฅ๐ฅ๐ฅ - Kubernetes security resources primarly from material allowed during the exam, and extra optional items to help you advance your container and kubernetes security journey.
- How to pass the Certified Kubernetes Administrator (CKA) exam on the first attempt - A guide to pass CKA exam
- The ultimate CKA "Certfified Kuberenetes Administator" resource since exam inception - An updated repo of offical resources to help you master the CKA exam as well some extra resources to consolidate your kubernetes administration knowledge.
- Kubernetes Exam Simulator - CKS/CKA/CKAD exams scenarios and environment.
Contributions welcome! Read the contribution guidelines first.
To the extent possible under law, Tom Huang has waived all copyright and related or neighboring rights to this work.