kube-linter
crossplane
Our great sponsors
kube-linter | crossplane | |
---|---|---|
7 | 60 | |
2,748 | 8,728 | |
2.9% | 4.0% | |
9.0 | 9.9 | |
10 days ago | 6 days ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
kube-linter
-
10 Ways for Kubernetes Declarative Configuration Management
Kustomize: It provides a solution to customize the Kubernetes resource base configuration and differential configuration without template and DSL. It does not solve the constraint problem itself, but needs to cooperate with a large number of additional tools to check constraints, such as Kube-linter, Checkov and kubescape.
-
Dealing with Yaml files
Kube linter would be a first citizen for your need https://github.com/stackrox/kube-linter. If you use Helm would be Helm linter as well. Kube score is another interesting tool offering you best practices patterns. I usually develop with vscode and have a Yaml + Kubernetes extension. These could be enough to help you get through. Nevertheless, consider adopting a skaffold with a k3s for a faster feedback on the local dev lifecycle.
-
Kubernetes YAML Linter for vscode?
Another great tool is KubeLinter which checks for a lot of helpful stuff, including dangling references. This is nice, but it is a command-line tool, so I don't get live feedback in my editor.
- Looking for Tips on Open Sourcing a kubernetes security tool
-
Implement DevSecOps to Secure your CI/CD pipeline
It is always a good practice to scan your Kubernetes deployment or Helm chart before deploying. We can use Checkov to scans Kubernetes manifests and identifies security and configuration issues. It also supports Helm chart scanning. We can also use terrascan and kubeLinter to scan the Kubernetes manifest.
-
Using GitOps for Infrastructure and Applications With Crossplane and Argo CD
Verify it with manifest verification tools (kubeval or kube-linter).
-
How to validate Kubernetes YAML files
Its worth mentioning about Kube-linter (https://github.com/stackrox/kube-linter) its FOSS and has a very minimal and effective set of commands
crossplane
-
Rethinking Infrastructure as Code from Scratch
did anyone adopt in production https://crossplane.io ?
-
Understanding Crossplane is being hard
- https://github.com/crossplane/crossplane/blob/master/design/one-pager-composition-environment.md
-
Automated provisioning for data resources
In the overall scheme of things , look at services like backstage.io , crossplane.io and opslevel.com to get ideas. This is not necessarily an endorsement of the services. If all you want is to handle cloud resources and that's it, Terraform can be enough with what ever flavor of web technologies you and your team are comfortable with and can support it along the way. Doesn't take much to create a js based website to collect data from a form, or use other means to collecting data as long as its recorded and transparent for accountability.
- What are some Terraform automation tools you want to exist?
-
Crossplane: Unifying platform engineering based on Kubernetes API
XRs are written in a fully declarative manner. And when I am building my XR from underlying managed resources provided by some crossplane provider I need to parametrize resources, use conditionals and create arrays of resuorces The issues of declarativeness in the world of automation are well known- we typically resort to some form of templating and we invent some imperative expressions into that templating language/format. This is currently not very well supported with Crossplane however Crossplane team realizes this issue and they are conteptualizing solution here
- Anyway to automate the AKS cluster creation using Yaml?
-
What options are available for using internal code from a fully open source project?
I have an idea for a project that would interface with Crossplane. The project has some code that would save tons of time if I could use it directly in my project, but it is located in the internal directory. I can't import the modules directly, but the project is open sourced under an Apache 2.0 license, so the code itself is available for use under that license.
-
Azure vs AWS
There are always new projects like crossplane that sit on top on architecture systems like terraform, vagrant. The pressure to abstract away any sort of resources is mounting, companies can save a lot by for example by alt hosting S3 endpoints. The train is going the direction not to tie anything to a specific platform implementation if its not a must. Most of the companies I work with use AWS as a hosting provider, but Microsoft for github and related CI matters. As I learned, AWS quality is very dependent on location, eu-central-1 is dead stable for our use cases serving about millions requests a day.
- Crossplane on Amazon EKS with IRSA
-
One multi-container deployment vs. a separate deployment for each image?
Practically, you'll be replacing stock k8s resources (deployments) with custom ones like Argo Rollouts with Keda autoscaling, so you have to plan the respective Gitops CD pipeline (fluxcd/argocd with some crossplane), as well.
What are some alternatives?
helmsman - Helm Charts as Code
kubevela - The Modern Application Platform.
flux2 - Open and extensible continuous delivery solution for Kubernetes. Powered by GitOps Toolkit.
Pulumi - Pulumi - Infrastructure as Code in any programming language. Build infrastructure intuitively on any cloud using familiar languages 🚀
kubevious - Kubevious - Kubernetes without disasters
terraform - Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
homelab
terraform-cdk - Define infrastructure resources using programming constructs and provision them using HashiCorp Terraform
kube-bench - Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
helm - The Kubernetes Package Manager
kics - Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
external-dns - Configure external DNS servers (AWS Route53, Google CloudDNS and others) for Kubernetes Ingresses and Services