Purpose

This session is created for purpose store and relate to helpful articles, make a some reference link when you can check and understand more about K8s (Kubernetes) and awesome things with this orchestration

Awesome Repository

Repository

Organization

  • Bitnami: Organization belong of VMWare to contributing docker image. Website
  • Docker: Docker helps developers bring their ideas to life by conquering the complexity of app development.
  • kubernetes-sigs : Org for Kubernetes SIG-related work
  • Kubernetes: Production-Grade Container Scheduling and Management
  • Containers : Open Repository for Container Tools
  • LinuxServer.io: Building and maintaining community images
  • Kubeflow: An open, community driven project to make it easy to deploy and manage an ML stack on Kubernetes
  • AliyunContainerService: Aliyun (Alibaba Cloud) Container Service

Topics

Awesome Docker Registry and Image

Registry

Image

  • docker: Docker in Docker!
  • amazon/aws-cli: Universal Command Line Interface for Amazon Web Services
  • docker-android: Android in docker solution with noVNC supported and video recording

Docker & Containerization

General & Documentation

Articles

Kubernetes

General & Documentation

Articles

Tips for configuration

Troubleshoot

Certificate & Practice

Docker & Kubernetes Tools

Docker Items

  • docker-rollout: Zero Downtime Deployment for Docker Compose
  • watchtower: A process for automating Docker container base image updates.
  • nginx-proxy: Automated nginx proxy for Docker containers using docker-gen
  • dive : A tool for exploring each layer in a docker image
  • crane: A tool for interacting with remote images and registries
  • trivy: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

CRI (Container Runtime Interface)

Runtime

  • containerd : An open and reliable container runtime. Getting started
  • cri-dockerd: dockerd as a compliant Container Runtime Interface for Kubernetes (Mirantis OpenSource)
  • docker : Docker is one of CRI mostly to used
  • Mirantis: Mirantis Container Runtime (MCR) enables you to power your business-critical applications with the industry-leading enterprise container engine
  • kata-containers : an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs.
  • sysbox: An open-source, next-generation β€œrunc” that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.

Client

CNI (Container Network Interface)

  • CNI : Container Network Interface - networking for Linux containers. Website
  • Cilium : Cilium is an open source, cloud native solution for providing, securing, and observing network connectivity between workloads, fueled by the revolutionary Kernel technology eBPF
  • Calico: Calico is a networking and security solution that enables Kubernetes workloads and non-Kubernetes/legacy workloads to communicate seamlessly and securely.
  • flannel : A network fabric for containers, designed for Kubernetes
  • weave : Simple, resilient multi-host containers networking and more.

OCI (Open Container Initiative)

Info

The OCI currently contains three specifications: the Runtime Specification (runtime-spec), the Image Specification (image-spec) and the Distribution Specification (distribution-spec). The Runtime Specification outlines how to run a β€œfilesystem bundle” that is unpacked on disk. At a high-level an OCI implementation would download an OCI Image then unpack that image into an OCI Runtime filesystem bundle. At this point the OCI Runtime Bundle would be run by an OCI Runtime.

Official Website: Link

  • runc : CLI tool for spawning and running containers according to the OCI specification
  • podman : A tool for managing OCI containers and pods.
  • buildah : A tool that facilitates building OCI images.

Kubernetes Items

  • OperatorHub: Home for the Kubernetes community to share Operators
  • Artifacthub : Find, install and publish Cloud Native packages for Kubernetes
  • Instance calculator : Estimate and find the number of max workload can apply for instance
  • Debugging Helm Templates : Way to debugging the helm template with command
  • Kubernetes IDE - K8Studio : Visualizer component and workload inside kubernetes in UI, easily to deploy and manage kubernetes cluster
  • Elasticsearch (ECK) Operator, you can figure out configuration via Customize Pods
  • MongoDB Community Kubernetes Operator, you can take the look some crd, and configuration with github link like CRD and Samples
  • RabbitMQ-cluster-operator, read more about that via source code
  • GlassKube : An open-source Kubernetes package manager that simplifies package management for Kubernetes
  • kops: Kubernetes Operations (kOps) - Production Grade k8s Installation, Upgrades and Management
  • botkube: An app that helps you monitor your Kubernetes cluster, debug critical deployments & gives recommendations for standard practices
  • kubebuilder: SDK for building Kubernetes APIs using CRDs
  • kubectl-tree: kubectl plugin to browse Kubernetes object hierarchies as a tree πŸŽ„
  • Crossplane: An open source Kubernetes extension that transforms your Kubernetes cluster into aΒ universal control plane.
  • kcert: KCert: A Simple Let’s Encrypt Manager for Kubernetes
  • lens: Lens - The way the world runs Kubernetes
  • eksctl: The official CLI for Amazon EKS. Website
  • kaniko: Build Container Images In Kubernetes

Local Kubernetes Self-hosted

  • Kind : kindΒ is a tool for running local Kubernetes clusters using Docker container β€œnodes”.
  • MicroK8s: MicroK8s is a low-ops, minimal production Kubernetes.
  • K3s: Lightweight Kubernetes. Easy to install, half the memory, all in a binary of less than 100 MB.
  • Kubernetes Official solution : Installing Kubernetes with deployment tools. Such as: kubespray, kubeadm
  • minikube : minikube quickly sets up a local Kubernetes cluster on macOS, Linux, and Windows
  • Talos Linux : The Kubernetes Operating System
  • K0s: k0s is an open source, all-inclusive Kubernetes distribution, which is configured with all of the features needed to build a Kubernetes cluster.
  • Kubernetes Goat: An interactive Kubernetes security learning playground
  • cluster-template: A template for deploying a Talos Kubernetes cluster including Flux for GitOps

Kubernetes cluster management

  • Meshery: As a self-service engineering platform, Meshery enables collaborative design and operation of cloud and cloud native infrastructure.
  • kubeshark: The API traffic analyzer for Kubernetes providing real-time K8s
  • karpor: Intelligence for Kubernetes. World’s most promising Kubernetes Visualization Tool for Developer and Platform Engineering teams.

Kubernetes Policy Controller

  • OPA Gatekeeper : A customizable cloud native policy controller that helps enforce policies and strengthen governance
  • Kyverno : Kubernetes Native Policy Management
  • Datree : Datree secures your Kubernetes by blocking the deployment of misconfigured resources.

Kubernetes Threat Intelligence

  • Falco: Detect security threats in real time
  • Tetragon : Cilium Tetragon component enables powerful realtime, eBPF-based Security Observability and Runtime Enforcement.
  • openappsec: A machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs.
  • teleport: The easiest, and most secure way to access and protect all of your infrastructure.
  • kubescape: Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters

Kubernetes API Gateway

  • gateway-api: Gateway API is an official Kubernetes project focused on L4 and L7 routing in Kubernetes
  • Emissary-Ingress: An Envoy-powered Open Source API Gateway
  • Traefik API Gateway : Traefik Hub API Gateway is a drop-in replacement for Traefik Proxy, it can do everything Traefik Proxy does, with additional capabilities and support out of the box.

Kubernetes Storage Platforms

  • Rook: An open source cloud-native storage orchestrator, providing the platform, framework, and support for Ceph storage to natively integrate with cloud-native environments.
  • MinIO: MinIO Object Storage for Kubernetes

Kubernetes Service Mesh

  • Istio: Service Mesh. Simplified. Easily build cloud native workloads securely and reliably with Istio, with or without sidecars.
  • linkerd: AΒ service meshΒ for Kubernetes. It makes running services easier and safer by giving you runtime debugging, observability, reliability, and securityβ€”all without requiring any changes to your code.
  • consul: Β A multi-networking tool that offers a fully-featured service mesh solution

Kubernetes Service Proxy

  • envoy : Envoy is an L7 proxy and communication bus designed for large modern service oriented architectures
  • kube-proxy: The Kubernetes network proxy runs on each node
  • SPK: a cloud-native application traffic management solution, designed for communication service provider (CoSP) 5G networks

Kubernetes Service Discovery

  • coredns: CoreDNS is a DNS server that chains plugin
  • consul: Β A multi-networking tool that offers a fully-featured service mesh solution

Kubernetes Ingress Controller

Kubernetes GitOps & Automation Deployment Platforms

  • argo-cd : Β A declarative, GitOps continuous delivery tool for Kubernetes.
  • fluxcd : Tool for keeping Kubernetes clusters in sync with sources of configuration (like Git repositories), and automating updates to configuration when there is new code to deploy.
  • werf: A solution for implementing efficient and consistent software delivery to Kubernetes facilitating best practices, with nelm - a Helm 3 alternative and werf deployment engine
  • helm: The package manager for Kubernetes
  • harness: Harness Open Source is an end-to-end developer platform with Source Control Management, CI/CD Pipelines, Hosted Developer Environments, and Artifact Registries.