bank-vaults
DISCONTINUED
postgres-operator
Our great sponsors
bank-vaults | postgres-operator | |
---|---|---|
10 | 36 | |
0 | 3,912 | |
- | 2.8% | |
0.0 | 8.6 | |
7 months ago | 11 days ago | |
Go | Go | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
bank-vaults
-
Self-hosted Secrets Manager (or something alike)
there's https://github.com/banzaicloud/bank-vaults wich is a wrapper for hashivault, so not exactly what you're looking for but worth looking into.
-
Secrets Management on Kubernetes: How do you handle it?
https://github.com/banzaicloud/bank-vaults. Mind you after Cisco bought Banzai work on this project seems to have stopped. It works very well for us though.
-
Run a pod in a namespace without having access to it's secrets?
Use vault-env (we use https://github.com/banzaicloud/bank-vaults) to inject the secret as an ENV var to the pod at runtime, based on Vault's Kubernetes auth
-
Secrets storage best practices
We use bank vault to inject secrets as environment variables. This does not require changes to the app. A sidecar is automatically added to the pod to retrieve the secrets and inject them in the app runtime. Here’s the link https://github.com/banzaicloud/bank-vaults
- How to manage passwords in Helm
- Homelab: Cluster Architecture
-
Secrets Managers for Kubernetes (Vault (Hashi), Conjur (CyberArk), Platform Specific, etc)
Encrypted secrets can't be more than a temporary solution. That's why I'm not a fan of SOPS/Sealed Secrets/etc. I think the future for both security and usability is dynamic injection. Vault is the dopeness but I'm not a fan of the upstream Vault Injector -- shared volumes are a step backwards. It's all about the BanzaiCloud Vault Webhook -- secrets **only ever available to the running process**, rotation means: update the value in vault and bounce the pod, done. This is the way.
postgres-operator
-
Run PostgreSQL. The Kubernetes Way
yes, precisely. It's UI part that's broken, which cannot list snapshots. Issue is here, no fix since 2020, sadly: https://github.com/zalando/postgres-operator/issues/937
- Deploying Postgres on Kubernetes in production
-
Why PostgreSQL High Availability Matters and How to Achieve It
one of the solutions which made it pretty simple for us to run postgresql in a ha environment (mostly in k8s, but works standalone as well) is zalandos patroni: https://github.com/zalando/patroni it's really solid and worked for us for a few years already.
or for k8s their operator: https://github.com/zalando/postgres-operator (docker image: https://github.com/zalando/spilo) we've also tried other operators which were easier to get started, but they failed miserably (crunchyrolls operator is basically based on the zalando one)
-
[Kubernetes] Comment déployez-vous un cluster Postgres sur Kubernetes en 2022?
Zalando / Postgres-Operator
-
What are you using to run Postgres?
Somewhere between here and here i found out about that.
-
Databases on Kubernetes is fundamentally same as a database on a VM
And that repo you linked to has 1846 issues, 161 open. Which doesn't seem extraordinary based on my limited exposure to k8s.
Another example: https://github.com/zalando/postgres-operator/issues with 445 open issues. Why?
Maybe I'm wrong and this is all a good sign of progress, but my impression is that the entire k8s ecosystem is held together with reused duct tape.
-
Features I'd Like in PostgreSQL
In Kubernetes a service call end an operator watches for CRD specifying databases to be created and manages upgrade and backs for those databases.
-
Any self hostable postgres clustering, replication and fail over system?
You could fire-up `k3s` or `microk8s` or something of that ilk and run https://github.com/zalando/postgres-operator
-
Just Use Postgres for Everything
My favorite route right now is running a postgres operator on Kubernetes & letting it do all the work for me.
Zalando's operator use Patroni under the hood, to create a cluster over streaming replication. It also has Spilo, which orchestrates pg_basebackup or WAL-E for point-in-time backup. https://github.com/zalando/postgres-operator#postgresql-feat...
CrunchyData operator seems to have built their own streaming replication system coordinated by Raft. https://access.crunchydata.com/documentation/postgres-operat...
-
Best way for high-available database at home?
I don't have much experience with HA databases, so I can't really decide which way I should go. I found a postgres-operator to be run on a kubernetes cluster: https://github.com/zalando/postgres-operator. And a guide to setup postgres HA with patroni: https://arctype.com/blog/postgres-patroni/
What are some alternatives?
kubegres - Kubegres is a Kubernetes operator allowing to deploy one or many clusters of PostgreSql instances and manage databases replication, failover and backup.
postgres-operator - Production PostgreSQL for Kubernetes, from high availability Postgres clusters to full-scale database-as-a-service.
kubernetes-external-secrets - Integrate external secret management systems with Kubernetes
cloudnative-pg - CloudNativePG is a Kubernetes operator that covers the full lifecycle of a PostgreSQL database cluster with a primary/standby architecture, using native streaming replication
helm-charts - A curated set of Helm charts brought to you by codecentric
vault-csi-provider - HashiCorp Vault Provider for Secret Store CSI Driver
postgres-operator - Postgres operator creates and manages PostgreSQL clusters running in Kubernetes
longhorn - Cloud-Native distributed storage built on and for Kubernetes
postgres - Unmodified Postgres with some useful plugins
percona-postgresql-operator - Percona Operator for PostgreSQL
chaos-mesh - A Chaos Engineering Platform for Kubernetes.
operator-sdk - SDK for building Kubernetes applications. Provides high level APIs, useful abstractions, and project scaffolding.