policy
kiosk
policy | kiosk | |
---|---|---|
1 | 8 | |
58 | 1,067 | |
- | - | |
0.0 | 0.0 | |
about 1 year ago | 28 days ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
policy
-
Multi-tenancy in Kubernetes
You could limit requests with an extra plugin https://github.com/coredns/policy.
kiosk
-
Multi-tenancy in Kubernetes
Kiosk
-
Dedicated backend resources per client
Have a look at https://github.com/loft-sh/kiosk and maybe the paid version https://loft.sh/
-
From Kubernetes to Plattform
As for the open source projects, maybe you would find Kiosk for allowing self-service namespace creation, namespace templates and cross-namespace resource limits and quotas.
-
Space boxing user accounts with Kiosk
# Install kiosk with helm v3 ❯ kubectl create namespace kiosk helm install kiosk --repo https://charts.devspace.sh/ kiosk --namespace kiosk --atomic namespace/kiosk created NAME: kiosk ... Learn more about using kiosk here: https://github.com/loft-sh/kiosk#getting-started #verify ❯ kubectl get pod -n kiosk NAME READY STATUS RESTARTS AGE kiosk-66dbfcf6db-5rfx2 1/1 Running 0 2m18s
-
Checklist for Platform Engineers
Kubernetes was designed as a single-tenant platform. Sharing clusters, though, offers greater flexibility, simplifies infrastructure, and improves cost-efficiency. Therefore, it makes sense to use a multi-tenant system. To keep tenants separate and prevent compromised tenants from affecting others, you can use role-based access control (RBAC) or namespaces. Tools that assist with multi-tenancy in Kubernetes include kiosk and loft.
-
User management qustion
For simple environments I'm using klum, for bigger environments I'm using OIDC with Keycloak. Beside that kiosk also looks interesting.
-
RBAC for developer self-service?
https://github.com/loft-sh/kiosk (from makers of loft)
- Meet Rich Burroughs - Loft Blog
What are some alternatives?
hypershift - Hyperscale OpenShift - clusters with hosted control planes
capsule - Multi-tenancy and policy-based framework for Kubernetes.
kubernetes-network-policy-recipes - Example recipes for Kubernetes Network Policies that you can just copy paste
vcluster - vCluster - Create fully functional virtual Kubernetes clusters - Each vcluster runs inside a namespace of the underlying k8s cluster. It's cheaper than creating separate full-blown clusters and it offers better multi-tenancy and isolation than regular namespaces.
gvisor - Application Kernel for Containers
loft - Namespace & Virtual Cluster Manager for Kubernetes - Lightweight Virtual Clusters, Self-Service Provisioning for Engineers and 70% Cost Savings with Sleep Mode
kamaji - Kamaji is the Hosted Control Plane Manager for Kubernetes.
Openshift Origin - Conformance test suite for OpenShift
virtlet - Kubernetes CRI implementation for running VM workloads
klum - Kubernetes Lazy User Manager
sandbox-operator - A Kubernetes operator for creating isolated environments
devspace - DevSpace - The Fastest Developer Tool for Kubernetes ⚡ Automate your deployment workflow with DevSpace and develop software directly inside Kubernetes.