krane
inspektor-gadget
Our great sponsors
krane | inspektor-gadget | |
---|---|---|
2 | 8 | |
1,366 | 1,916 | |
0.4% | 3.9% | |
7.4 | 9.9 | |
14 days ago | 5 days ago | |
Ruby | C | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
krane
-
Automating deployment to kubernetes
If you are deploying simple manifests (not helm-stuff), try shopify's [krane](https://github.com/Shopify/krane). I build a [deploy-container](https://github.com/strowi/deploy/) for use with gitlabs ci-stages a while back.
inspektor-gadget
-
Running tcpdump on eks worker nodes
You can try using https://www.inspektor-gadget.io/ You can try either, top tcp, trace network-graph or trace tcp gadget. It's a CNCF sandbox project and it's kubernetes native so I think this should work.
-
Getting started with kubectl plugins
Link to GitHub Repository
-
Isolating Kubernetes pods for debugging
Inspector gadget is a tool designed to introspect and debug Kubernetes applications using eBPF.
-
What are some useful Kubernetes tools you can share?
I found this tool: https://github.com/kinvolk/inspektor-gadget great if you want to have a detailed debugging for running pods e.g all exec system calls or trace tcp connections etc.
-
Kubernetes Security Checklist 2021
All namespaces should have NetworkPolicy. Interactions between namespaces should be limited to NetworkPolicy following least privileges principles (Inspektor Gadget)
What are some alternatives?
syft - CLI tool and library for generating a Software Bill of Materials from container images and filesystems
lens-resource-map-extension - Lens - The Kubernetes IDE extension that displays Kubernetes resources and their relations as a force graph.
falco - Cloud Native Runtime Security
Flatcar - Flatcar project repository for issue tracking, project documentation, etc.
security-profiles-operator - The Kubernetes Security Profiles Operator
kubesess - Kubectl plugin managing sessions
go2seccomp - Generate seccomp profiles from go binaries
gluster-kubernetes - GlusterFS Native Storage Service for Kubernetes
kubescape - Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
rbac-tool - Rapid7 | insightCloudSec | Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & Query
slsa - Supply-chain Levels for Software Artifacts
documentation - Kata Containers version 1.x documentation (for version 2.x see https://github.com/kata-containers/kata-containers).