Kubernetes

Notes

• Kubernetes runs pods that contain 1 to n docker containers. So if you have your apps in the form of docker images you are ready to go.

• The OpenShift guys like to make the analogy that Kubernetes is like Linux and that there are different distributions of it, OpenShift being one (like Red Hat).

• Interacting with kubernetes feels very different and in a lot of ways it's almost an operating system for a super computer. You sort of forget how many computers and vms or whatever are out there and kubernetes handles a lot of the implementation details for you. Installing a lot of apps to the cloud is as simple as typing 'helm install jenkins' and waiting 5 minutes.

  • It's just a radically new way of dealing with 'the cloud'. And the thing that makes it especially threatening to aws is that it doesn't matter where it runs. Developing an app for kubernetes on aws or google cloud or azure or anything else is almost an identical experience. People are going to become very price sensitive because that's the only thing that distinguishes one kubernetes host from another (aside from the ease of installing a kubernetes cluster -- something which aws is fairly far behind on)

• In general, the right question to ask yourself when designing Pods is, “Will these containers work correctly if they land on different machines?” If the answer is “no,” a Pod is the correct grouping for the containers. If the answer is “yes,” multiple Pods is probably the correct solution.

• Ingress controller watches for Ingress resources in your cluster.

• Kubernetes (or whatever other container scheduler) might feel like overkill, but if all they do is force you to adopt a container-centric / 12-factor way of building your applications it was worth trying them. And once you've adopted that workflow it's a no-brainer to go from a single node to a cluster which will dynamically allocate the workloads it runs.

  • Running a small container cluster at work has even changed how I setup single-host projects in my spare time: I will build everything into a container, bind-mount whatever it might need, create a simple systemd unit that just runs / rms the docker container on start and stop. Bliss.

• After a couple years on kubernetes, there is a simple joy to a deployment process that looks like "scp binary server: && ssh server systemctl restart service", and takes 5s to complete.

Links

• What happens when I type kubectl run

• Helm - Kubernetes package manager.

• Kubernetes Security - Best Practice Guide

• kaniko - Build Container Images In Kubernetes.

• Draft - Streamlined Kubernetes Development.

• Nix Kubernetes - Kubernetes deployment manager written in Nix.

• Knative Serving - Kubernetes-based, scale-to-zero, request-driven compute.

• Rancher

• OpenShift

• Portainer - Lighter than Rancher (for Docker).

• Kubernetes 101 (2018)

• node-problem-detector - Aims to make various node problems visible to the upstream layers in cluster management stack.

• go-kubectx - 5x-10x faster alternative to kubectx. Uses client-go.

• Kubernetes for Sysadmins – Kelsey Hightower (2016)

• Kubernetes API conventions

• Kubeval - Validate your Kubernetes configuration files, supports multiple Kubernetes versions.

• Let's encrypt with GKE instructions

• Kubernetes for personal projects? No thanks! (2018)

• Kubespy - Tools for observing Kubernetes resources in real time, powered by Pulumi.

• Terraform Kubernetes provider

• KubeContext - Menu Bar App for Managing Kubernetes Contexts on Mac.

• Kubeapps - Web-based UI for deploying and managing applications in Kubernetes clusters.

• kubefwd - Bulk port forwarding Kubernetes services for local development.

• You might not need Kubernetes (2018) - HN

• Kubespray - Deploy a Production Ready Kubernetes Cluster.

• Argo - Container-native workflows for Kubernetes.

• Kazan - Kubernetes API client for Elixir.

• Tilt - Local Kubernetes development with no stress.

• Maestro - Provides a declarative approach to building production-grade Kubernetes Operators covering the entire application lifecycle.

• kail - Kubernetes log viewer.

• Kubernetes clusters for the hobbyist

• Virtual Kubelet - Open source Kubernetes kubelet implementation.

• Compose on Kubernetes - Deploy applications described in Compose onto Kubernetes clusters.

• kind - Kubernetes IN Docker - local clusters for testing Kubernetes.

• Kubernetes Failure Stories - Compilation of public failure/horror stories related to Kubernetes.

• Garden - Development engine for Kubernetes, containers and serverless functions.

• Kubinception: using Kubernetes to run Kubernetes (2019)

• Kubernetes Authentication Example - Code is provided verbatim as an example of how to connect to an OIDC provider and authenticate users before configuring their kubeconfig.

• PowerfulSeal - Adds chaos to your Kubernetes clusters, so that you can detect problems in your systems as early as possible.

• Goldpinger - Debugging tool for Kubernetes which tests and displays connectivity between nodes in the cluster.

• k3s - Lightweight Kubernetes. Easy to install, half the memory, all in a binary less than 40mb.

• Kubebuilder - SDK for building Kubernetes APIs using CRDs.

• k9s - Provides a curses based terminal UI to interact with your Kubernetes clusters.

• Knative build - Kubernetes-native Build resource.

• Kubernetes as an API standard (2019)

• Awesome Kubernetes

• Cerebral - Kubernetes cluster autoscaler with pluggable metrics backends and scaling engines.

• Skaffold - Easy and Repeatable Kubernetes Development.

• Talos - Modern Linux distribution for Kubernetes.

• Kubernetes cleanup operator - Kubernetes Operator to automatically delete completed Jobs and their Pods.

• Click - Command Line Interactive Controller for Kubernetes. Its purpose is to manage a large number of Kubernetes clusters/objects quickly and efficiently.

• Kubectl Dashboard - Sub-command for kubectl that will instantly make a Kubernetes dashboard available for you, without having to run anything in your cluster.

• krew - Package manager for "kubectl plugins".

• kustomize - Customization of kubernetes YAML configurations.

• Kubewebhook - Small Go framework to create external admission webhooks for Kubernetes.

• Submariner - Connect all your Kubernetes clusters, no matter where they are in the world.

• Tekton Pipelines - Provides k8s-style resources for declaring CI/CD-style pipelines.

• ko - Tool for building and deploying Golang applications to Kubernetes.

• Maybe You Don't Need Kubernetes (2019) (HN)

• CLI for Amazon EKS - Simple CLI tool for creating clusters on EKS - Amazon's new managed Kubernetes service for EC2.

• Kubernetes controller-runtime - Set of go libraries for building Controllers.

• k3d - Lightweight alternative to KinD for local development.

• Popeye - Kubernetes cluster resource sanitizer.

• Kubernetes Test Infrastructure - Test infrastructure for the Kubernetes project.

• Katib - Hyperparameter Tuning on Kubernetes.

• Kapitan - Generic templated configuration management for Kubernetes, Terraform and other things.

• How Airbnb Simplified the Kubernetes Workflow for 1000+ Engineers (2019)

• Boosting your kubectl productivity (2019)

• Polaris - Validation of best practices in your Kubernetes clusters.

• qlkube - GraphQL api for Kubernetes.

• Typhoon - Minimal and free Kubernetes distribution.

• k-vswitch - Easy-to-operate, high performance and secure Kubernetes networking plugin based on Open vSwitch.

• Kontemplate - Extremely simple Kubernetes resource templates.

• OpenKruise/Kruise - Automate application workloads management on Kubernetes.

• Monday - Dev tool for microservice developers that run local applications and/or forward some others from Kubernetes or over SSH.

• Ballista - PoC of distributed compute platform using Rust, Apache Arrow, and Kubernetes. Article

• Octant - Web-based, highly extensible platform for developers to better understand the complexity of Kubernetes clusters.

• Pulumi - Modern Infrastructure as Code - Create, deploy, and manage infrastructure on any cloud using your favorite language.

• shipcat - Standardisation tool and security layer on top of kubernetes to config manage microservices.

• Okteto - Rapidly iterate and test your applications by developing directly in your Kubernetes cluster.

• Fabrikate - Making GitOps with Kubernetes easier one component at a time.

• Seldon Core - Machine Learning Deployment for Kubernetes.

• Kubeval - Validate your Kubernetes configuration files, supports multiple Kubernetes versions.

• Conftest - Write tests against structured configuration data using the Open Policy Agent Rego query language.

• Kuma - Universal Control Plane for your Service Mesh.

• Knative Eventing - Contains a work-in-progress eventing system that is designed to address a common need for cloud native development.

• Navigator - Kubernetes extension for managing common stateful services on Kubernetes.

• kube-aggregator - Aggregator for Kubernetes-style API servers: dynamic registration, discovery summarization, secure proxy.

• Kubernetes Networking: Behind the scenes (2019)

• Kubernetes Networking recommended reading list

• service-catalog - Consume services in Kubernetes using the Open Service Broker API.

• kuberNix - Kubernetes development cluster bootstrapping with Nix packages.

• Autoscaler - Autoscaling components for Kubernetes.

• Appsody - Provides everything you need to iteratively develop applications, ready for deployment to Kubernetes environments.

• Gitkube - Build and deploy docker images to Kubernetes using git push.

• Announcing Kubernetes Off-The-Shelf (KOTS) Software (2019)

• chaoskube - Periodically kills random pods in your Kubernetes cluster.

• kube-state-metrics - Simple service that listens to the Kubernetes API server and generates metrics about the state of the objects.

• Cloudflow - Enables you to quickly develop, orchestrate, and operate distributed streaming applications on Kubernetes.

• Clusterlint - Best practices checker for Kubernetes clusters.

• An illustrated guide to Kubernetes Networking (2017)

• Bank Vaults - Umbrella project which provides various tools for Vault to make using and operating Hashicorp Vault easier.

• kubectl trace - Kubectl plugin that allows you to schedule the execution of bpftrace programs in your Kubernetes cluster.

• RBAC Manager - Kubernetes operator that simplifies the management of Role Bindings and Service Accounts.

• inlets-operator - Your private Kubernetes Service, with a public endpoint.

• kubectl tree - Kubectl plugin to browse Kubernetes object hierarchies as a tree.

• Chaos Mesh - Cloud-native Chaos Engineering platform that orchestrates chaos on Kubernetes environments.

• Grafana Tanka - Flexible, reusable and concise configuration for Kubernetes.

• Kubernetes Best Practices: Blueprints for Building Successfull Applications on Kubernetes (2019)

• PoC to write integration tests in Go with Kubernetes by Gianluca Arbezzano (2019)

• kubethanos - Kills half of your randomly selected kubernetes pods.

• k3c - Local container engine designed to fill the same gap Docker does in the Kubernetes ecosystem.

• KubeNix - Kubernetes resource builder using nix.

• Postgres Operator - Creates and manages PostgreSQL clusters running in Kubernetes.

• Cortex - Horizontally scalable, highly available, multi-tenant, long term storage for Prometheus.

• Contour - Kubernetes ingress controller using Lyft's Envoy proxy.

• Roperator - Lets you easily write Kubernetes Operators in Rust.

• Krustlet - Kubernetes Kubelet in Rust for running WASM.

• WaeaveWorks - Operate and manage production ready Kubernetes with Weave Kubernetes Platform.

• Gravity - Opinionated image-based Kubernetes packaging and management tools.

• kubenav - Navigator for your Kubernetes clusters right in your pocket.

• Kyverno - Kubernetes Native Policy Management.

• Nirmata - Unified management plane for all your Kubernetes clusters and workloads.

• Deep Dive into Kubernetes Internals for Builders and Operators (2020)

• Rode - Cloud native software supply chain.

• kube-monkey - Implementation of Netflix's Chaos Monkey for Kubernetes clusters.

• Crash Course in Kubernetes: blog series (2020)

• Fabio - Fast, modern, zero-conf load balancing HTTP(S) and TCP router for deploying applications managed by consul.

• Rook - Storage Orchestration for Kubernetes.

• Solo - Next generation API gateway to connect, secure and control traffic to any application on any infrastructure.

• Gloo - Envoy-Powered API Gateway.

• Keel - Kubernetes Operator to automate Helm, DaemonSet, StatefulSet & Deployment updates.

• GLBC - Ingress controller for Google Cloud.

• Kube Profefe - Continuous profiling made easy in Kubernetes with profefe.

• Octant - Web-based, highly extensible platform for developers to better understand the complexity of Kubernetes clusters.

• Kubernetes Dashboard - General-purpose web UI for Kubernetes clusters.

• Multi-tenancy - Working place for multi-tenancy related proposals and prototypes.

• Kubevious - Application centric Kubernetes UI.

• client-go - Go client for Kubernetes.

• Hubble - Network, Service & Security Observability for Kubernetes.

• NATS Streaming Operator - Operator for managing NATS Streaming clusters running on Kubernetes.

• What is your favorite Kubernetes feature that nobody seems to know about? (2020)

• krew - Package manager for kubectl plugins.

• Advanced Persistence Threats: The Future of Kubernetes Attacks (2020)

• Kubernetes Engine Samples

• How to use Open Virtual Networking with Kubernetes

• RBACSYNC - Automatically sync groups into Kubernetes RBAC.

• Hub - Web-based application that enables finding, installing, and publishing packages and configurations for CNCF projects.

• apiserver - Library for writing a Kubernetes-style API server.

• Active-Monitor - Kubernetes custom resource controller which enables deep cluster monitoring using Argo workflows.