Purpose
This session is created for purpose store and relate to helpful articles, make a some reference link when you can check and understand more about K8s (Kubernetes) and awesome things with this orchestration
Awesome Repository
Repository
- awesome-kubernetes : A curated list for awesome kubernetes sources π’π
- awesome-docker : π³ A curated list of Docker resources and projects
- awesome-krew-plugin: A list of Plugin which used by kubectl
- awesome-compose : Awesome Docker Compose samples
- Compose-Examples : Various Docker Compose examples of selfhosted FOSS and proprietary projects.
- boilerplates : Cool Repo from Christian - Youtuber
- k8s-deployment-strategies : Kubernetes deployment strategies explained
- Bitnami containers : Bitnami container images
- awesome-k8s-resources : A curated list of awesome Kubernetes tools and resources.
- awesome-stacks: Deploy 120+ open-source web apps with one Docker command.
Organization
- Bitnami: Organization belong of VMWare to contributing docker image. Website
- Docker: Docker helps developers bring their ideas to life by conquering the complexity of app development.
- kubernetes-sigs : Org for Kubernetes SIG-related work
- Kubernetes: Production-Grade Container Scheduling and Management
- Containers : Open Repository for Container Tools
- LinuxServer.io: Building and maintaining community images
- Kubeflow: An open, community driven project to make it easy to deploy and manage an ML stack on Kubernetes
- AliyunContainerService: Aliyun (Alibaba Cloud) Container Service
Topics
- Kubernetes Cluster API : About cluster API
- kubebuilder : Kubebuilder - SDK for building Kubernetes APIs using CRDs
- Kubernetes/enhancements : Enhancements tracking repo for Kubernetes
- Kubernetes/community : Kubernetes community content
- Kubernetes Blog : Collection of blog from community for upgrade and feature in each version of kubernetes and stories around.
- Kubernetes CSI Drivers : The following are a set of CSI driver which can be used with Kubernetes
- Rootless Containers: Rootless containers refers to the ability for an unprivileged user to create, run and otherwise manage containers.
Awesome Docker Registry and Image
Registry
- DockerHub
- Amazon ECR Public Gallery
- Microsoft Artifact Registry
- Quay Registry
- LinuxServer : Tutorial Manual
- Google Artifact Registry Distroless
Image
- docker: Docker in Docker!
- amazon/aws-cli: Universal Command Line Interface for Amazon Web Services
- docker-android: Android in docker solution with noVNC supported and video recording
Docker & Containerization
General & Documentation
Articles
- Medium - Powerful Docker Alternatives in 2024
- Medium - 24 Kubernetes Mastersβ Configurations
- Medium - 13 Docker Cost Optimizations You Should Know
- Medium - 11 Ways to Troubleshoot Docker Faster
- Medium - Docker Commands You Never Heard Of!
- AquaSec - Container Engines: How They Work and Top 7 Options
- KodeKloud - 3 Best Ways to Run Docker in Docker Container
- Blackvoid - Synology, Docker and open source tech blog
- Medium - Accessing the hostβs localhost from inside a Docker container
- Medium - Deep Dive into Docker Containers | Architecture and Features
- Medium - Docker Beginner to Expert Tutorial
- Ivan Velichko - Implementing Container Runtime Shim: runc
- Docker - Alternative container runtimes
- Cloudraft - Most Popular Container Runtimes
- Medium - 11 Open-Source SaaS Killer β Selfhost With Docker
- Medium - 11 Open-Source SaaS Killer β Selfhost With Docker -2
- Medium - 11 Open-Source SaaS Killer β Selfhost With Docker -3
Kubernetes
General & Documentation
- Kubernetes Documentation
- ArmoSecr - etcd in Kubernetes
- KodeKloud - Kube-Proxy: What Is It and How It Works
- Alibaba - Kubernetes CNIs and CNI Plug-ins
- Kubernetes - Kubernetes CSI Documentation
- Kubernetes - Container Runtime Interface (CRI)
- Kubernetes - The Kubernetes API
- Kubernetes - Controllers
- Kubernetes - Extending Kubernetes
- Kubernetes - Ingress Controllers
- Densify - Kubernetes Service Discovery
- Azure - Core Kubernetes concepts for Azure Kubernetes Service
- Azure - Supported Kubernetes versions in Azure Kubernetes Service (AKS)
- AWS - Kubernetes concepts for EKS
- AWS - the Kubernetes version lifecycle on EKS
- Kubewekend Session 3: Basically about Kubernetes architecture
- Redhat - Top 10 must-know Kubernetes design patterns
- Medium - Top 10 Kubernetes Pod Concepts That Confuse Beginners
Articles
- Medium - 7 Underrated Kubernetes Projects: Elevate Your Lab Playground!
- Medium - Why does my 2vCPU application run faster in a VM than in a container?
- Medium - 11 Kubernetes Deployment Configs You Should Know in 2024
- Medium - Deciphering the Kubernetes Networking Maze: Navigating Load-Balance, BGP, IPVS and Beyond
- Medium - Kubernetes Scheduling: Understanding the Math Behind the Magic
- Medium - Kubernetes Networking: Load Balancing Techniques and Algorithms
- Medium - Exploring local Kubernetes development tools and solutions
- Medium - HomeLab Kubernetes Cluster Setup
- Medium - Kubernetes, but locally.
- Medium - 15 Best Kubernetes Cost Optimization Tools for 2024
- Azure - Scaling options for applications in Azure Kubernetes Service (AKS)
- Medium - Database in Kubernetes: Is that a good idea?
- Medium - Creating a Custom Scheduler in Kubernetes: A Practical Guide
- Medium - The guide to kubectl I never had
- Medium - 10 Ways for Kubernetes Declarative Configuration Management
- Medium - 10 Essential Kubernetes Tools You Didnβt Know You Needed
- Medium - Implementing ROOK Ceph Storage solution on Virtual kubernetes clusters
- Medium - Kubernetes β EKS β Upgrade process best practices (on AWS)
- Ranchers - Container Network Interface (CNI) Providers
- Medium - VictoriaLogs: an overview, run in Kubernetes, LogsQL, and Grafana
- Medium - 7 Best Open Source Storage Solutions for Kubernetes
- Dev.io - Basic Guide to Kubernetes Service Discovery
Tips for configuration
- Azure - Best practices for basic scheduler features in Azure Kubernetes Service (AKS)
- Medium - My Top 50 Kubernetes Notes for DevOps Engineers β Detailed Q&A
- Spot - 8 Kubernetes Deployment Strategies: Roll Out Like the Pros
Troubleshoot
- StackOverFlow - How can I keep a container running on Kubernetes?
- Kubernetes - Debugging Kubernetes nodes with crictl
- Medium - Do Kubernetes Pods Really Get Evicted Due to CPU Pressure?
- StackOverFlow - Why AKS nodes shows less amount of memory as allocatable where its actual memory is still available
- StackOverFlow - Constantly getting Crashloopbackoff error in Kubernetes PODS generally in MongoDB pods
- Suneeta Mall - WTH! Who killed my pod - Whodunit?
- Medium - Understanding Common exit codes and error messages in Containers & Kubernetes π
- Kubernetes - Validate node setup
- Komodor - Resolving OOMkilled on Kubernetes
Certificate & Practice
- kube4sure - The Kubernetes Exam Simulator
- killer.sh - Linux Foundation Exam Simulators
- learnk8s - Kubernetes training for engineer
- certified-kubernetes-administrator-course : Kodecloud Certified Kubernetes Administrator - CKA Course
- certified-kubernetes-security-specialist-cks-course : Kodecloud Notes from the Certified Kubernetes Security Specialist Course on KodeKloud
Docker & Kubernetes Tools
Docker Items
- docker-rollout: Zero Downtime Deployment for Docker Compose
- watchtower: A process for automating Docker container base image updates.
- nginx-proxy: Automated nginx proxy for Docker containers using docker-gen
- dive : A tool for exploring each layer in a docker image
- crane: A tool for interacting with remote images and registries
- trivy: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
CRI (Container Runtime Interface)
Runtime
- containerd : An open and reliable container runtime. Getting started
- cri-dockerd: dockerd as a compliant Container Runtime Interface for Kubernetes (Mirantis OpenSource)
- docker : Docker is one of CRI mostly to used
- Mirantis: Mirantis Container Runtime (MCR) enables you to power your business-critical applications with the industry-leading enterprise container engine
- kata-containers : an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs.
- sysbox: An open-source, next-generation βruncβ that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.
Client
- cri-tools : CLI and validation tools for Kubelet Container Runtime Interface (CRI). User guide
- kubeletctl: A client for kubelet
CNI (Container Network Interface)
- CNI : Container Network Interface - networking for Linux containers. Website
- Cilium : Cilium is an open source, cloud native solution for providing, securing, and observing network connectivity between workloads, fueled by the revolutionary Kernel technology eBPF
- Calico: Calico is a networking and security solution that enables
Kubernetes
workloads and non-Kubernetes/legacy workloads to communicate seamlessly and securely. - flannel : A network fabric for containers, designed for
Kubernetes
- weave : Simple, resilient multi-host containers networking and more.
OCI (Open Container Initiative)
Info
The OCI currently contains three specifications: the Runtime Specification (runtime-spec), the Image Specification (image-spec) and the Distribution Specification (distribution-spec). The Runtime Specification outlines how to run a βfilesystem bundleβ that is unpacked on disk. At a high-level an OCI implementation would download an OCI Image then unpack that image into an OCI Runtime filesystem bundle. At this point the OCI Runtime Bundle would be run by an OCI Runtime.
Official Website: Link
- runc : CLI tool for spawning and running containers according to the OCI specification
- podman : A tool for managing OCI containers and pods.
- buildah : A tool that facilitates building OCI images.
Kubernetes Items
- OperatorHub: Home for the Kubernetes community to share Operators
- Artifacthub : Find, install and publish Cloud Native packages for Kubernetes
- Instance calculator : Estimate and find the number of max workload can apply for instance
- Debugging Helm Templates : Way to debugging the
helm
template with command - Kubernetes IDE - K8Studio : Visualizer component and workload inside kubernetes in UI, easily to deploy and manage kubernetes cluster
- Elasticsearch (ECK) Operator, you can figure out configuration via Customize Pods
- MongoDB Community Kubernetes Operator, you can take the look some
crd
, and configuration withgithub
link like CRD and Samples - RabbitMQ-cluster-operator, read more about that via source code
- GlassKube : An open-source Kubernetes package manager that simplifies package management for Kubernetes
- kops: Kubernetes Operations (kOps) - Production Grade k8s Installation, Upgrades and Management
- botkube: An app that helps you monitor your Kubernetes cluster, debug critical deployments & gives recommendations for standard practices
- kubebuilder: SDK for building Kubernetes APIs using CRDs
- kubectl-tree: kubectl plugin to browse Kubernetes object hierarchies as a tree π
- Crossplane: An open source Kubernetes extension that transforms your Kubernetes cluster into aΒ universal control plane.
- kcert: KCert: A Simple Letβs Encrypt Manager for Kubernetes
- lens: Lens - The way the world runs Kubernetes
- eksctl: The official CLI for Amazon EKS. Website
- kaniko: Build Container Images In Kubernetes
Local Kubernetes Self-hosted
- Kind : kindΒ is a tool for running local Kubernetes clusters using Docker container βnodesβ.
- MicroK8s: MicroK8s is a low-ops, minimal production Kubernetes.
- K3s: Lightweight Kubernetes. Easy to install, half the memory, all in a binary of less than 100 MB.
- Kubernetes Official solution : Installing Kubernetes with deployment tools. Such as: kubespray, kubeadm
- minikube : minikube quickly sets up a local Kubernetes cluster on macOS, Linux, and Windows
- Talos Linux : The Kubernetes Operating System
- K0s: k0s is an open source, all-inclusive Kubernetes distribution, which is configured with all of the features needed to build a Kubernetes cluster.
- Kubernetes Goat: An interactive Kubernetes security learning playground
- cluster-template: A template for deploying a Talos Kubernetes cluster including Flux for GitOps
Kubernetes cluster management
- Meshery: As a self-service engineering platform, Meshery enables collaborative design and operation of cloud and cloud native infrastructure.
- kubeshark: The API traffic analyzer for Kubernetes providing real-time K8s
- karpor: Intelligence for Kubernetes. Worldβs most promising Kubernetes Visualization Tool for Developer and Platform Engineering teams.
Kubernetes Policy Controller
- OPA Gatekeeper : A customizable cloud native policy controller that helps enforce policies and strengthen governance
- Kyverno : Kubernetes Native Policy Management
- Datree : Datree secures your Kubernetes by blocking the deployment of misconfigured resources.
Kubernetes Threat Intelligence
- Falco: Detect security threats in real time
- Tetragon : Cilium Tetragon component enables powerful realtime, eBPF-based Security Observability and Runtime Enforcement.
- openappsec: A machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs.
- teleport: The easiest, and most secure way to access and protect all of your infrastructure.
- kubescape: Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters
Kubernetes API Gateway
- gateway-api: Gateway API is an official Kubernetes project focused on L4 and L7 routing in Kubernetes
- Emissary-Ingress: An Envoy-powered Open Source API Gateway
- Traefik API Gateway : Traefik Hub API Gateway is a drop-in replacement for Traefik Proxy, it can do everything Traefik Proxy does, with additional capabilities and support out of the box.
Kubernetes Storage Platforms
- Rook: An open source cloud-native storage orchestrator, providing the platform, framework, and support for Ceph storage to natively integrate with cloud-native environments.
- MinIO: MinIO Object Storage for Kubernetes
Kubernetes Service Mesh
- Istio: Service Mesh. Simplified. Easily build cloud native workloads securely and reliably with
Istio
, with or without sidecars. - linkerd: AΒ service meshΒ for Kubernetes. It makes running services easier and safer by giving you runtime debugging, observability, reliability, and securityβall without requiring any changes to your code.
- consul: Β A multi-networking tool that offers a fully-featured service mesh solution
Kubernetes Service Proxy
- envoy : Envoy is an L7 proxy and communication bus designed for large modern service oriented architectures
- kube-proxy: The Kubernetes network proxy runs on each node
- SPK: a cloud-native application traffic management solution, designed for communication service provider (CoSP) 5G networks
Kubernetes Service Discovery
- coredns: CoreDNS is a DNS server that chains plugin
- consul: Β A multi-networking tool that offers a fully-featured service mesh solution
Kubernetes Ingress Controller
- Ingress-Nginx Controller : Documentation about Nginx ingress which use for delivery IN/OUT traffic for Kubernetes Cluster
- Traefik - Ingress Controller: A Kubernetes Ingress controller; that is to say, it manages access to cluster services by supporting theΒ IngressΒ specification.
- Kong Ingress Controller: Allows you to run Kong Gateway as a Kubernetes Ingress to handle inbound requests for a Kubernetes cluster.
- HAProxy Kubernetes Ingress Controller: An ingress controller implements traffic routing in your Kubernetes cluster by interpreting Ingress rules.
- AWS Load Balancer Controller: AWS Load Balancer Controller is a controller to help manage Elastic Load Balancers for a Kubernetes cluster.
- AGIC - Application Gateway Ingress Controller: Possible for Azure Kubernetes Service (AKS) customers to leverage Azureβs native Application Gateway L7 load-balancer to expose cloud software to the Internet. Azure Article
- Istio - Kubernetes Ingress: configure Istio to expose a service outside of the service mesh cluster, using the KubernetesΒ Ingress Resource.
- Apache APISIX: A Kubernetes ingress controller using Apache APISIX as the high performance reverse proxy.
Kubernetes GitOps & Automation Deployment Platforms
- argo-cd : Β A declarative, GitOps continuous delivery tool for Kubernetes.
- fluxcd : Tool for keeping Kubernetes clusters in sync with sources of configuration (like Git repositories), and automating updates to configuration when there is new code to deploy.
- werf: A solution for implementing efficient and consistent software delivery to Kubernetes facilitating best practices, with nelm - a Helm 3 alternative and werf deployment engine
- helm: The package manager for Kubernetes
- harness: Harness Open Source is an end-to-end developer platform with Source Control Management, CI/CD Pipelines, Hosted Developer Environments, and Artifact Registries.