kubeaudit
stern
kubeaudit | stern | |
---|---|---|
7 | 16 | |
1,845 | 2,828 | |
0.7% | 4.0% | |
3.8 | 6.0 | |
13 days ago | 3 days ago | |
Go | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
kubeaudit
- Looking for Tips on Open Sourcing a kubernetes security tool
-
Interesting tools?
kubeaudit: audit kubernetes or specific manifests for issues https://github.com/shopify/kubeaudit
- kubeaudit
-
Top 6 Kubernetes Security Tools
Here's a link to KubeAudit on Github
-
Introduction to Kubernetes Pentesting
kubeaudit - Audit Kubernetes clusters against common security concerns
-
Kubernetes Security Checklist 2021
Workload configuration should be audited regularly (Kics, Kubeaudit, Kubescape, Conftest, Kubesec, Checkov)
-
2 Widespread Attacks on Your Containerized Environment and 7 Rules to Prevent it.
Kubeaudit
stern
-
☸️ Kubernetes: From your docker-compose file to a cluster with Kompose
deploy: stage: deploy image: alpine/k8s:1.29.1 variables: NAMESPACE: $CI_COMMIT_REF_SLUG before_script: # init namespace - kubectl config use-context $KUBE_CONTEXT - kubectl create namespace $NAMESPACE || true # download tools - curl --show-error --silent --location https://github.com/stern/stern/releases/download/v1.22.0/stern_1.22.0_linux_amd64.tar.gz | tar zx --directory /usr/bin/ stern && chmod 755 /usr/bin/stern && stern --version - curl --show-error --silent --location https://github.com/kubernetes/kompose/releases/download/v1.32.0/kompose-linux-amd64 -o /usr/local/bin/kompose && chmod a+x /usr/local/bin/kompose && kompose version # show logs asynchronously. Timeout to avoid hanging indefinitely when an error occurs in script section - timeout 1200 stern -n $NAMESPACE "app-" --tail=0 --color=always & # in background, tail new logs if any (current and incoming) pod with this regex as name - timeout 1200 kubectl -n $NAMESPACE get events --watch-only & # in background, tail new events in background script: # first delete CrashLoopBackOff pods, polluting logs - kubectl -n $NAMESPACE delete pod `kubectl -n $NAMESPACE get pods --selector app.kubernetes.io/component=$MODULE | awk '$3 == "CrashLoopBackOff" {print $1}'` || true # now deploying - kompose convert --out k8s/ - kubectl apply -n $NAMESPACE -f k8s/ - echo -e "\e[93;1mWaiting for the new app version to be fully operational...\e[0m" # waiting for successful deployment - kubectl -n $NAMESPACE rollout status deploy/app-db - kubectl -n $NAMESPACE rollout status deploy/app-back - kubectl -n $NAMESPACE rollout status deploy/app-front # on any error before this line, the script will still wait for these threads to complete, so the initial timeout is important. Adding these commands to after_script does not help - pkill stern || true - pkill kubectl || true after_script: # show namespace content - kubectl config use-context $KUBE_CONTEXT - kubectl -n $NAMESPACE get deploy,service,ingress,pod
-
stern VS stern - a user suggested alternative
2 projects | 11 Dec 2023
The old repo is dead
-
🦊 GitLab CI: 10+ Best Practices to Avoid Widespread Anti-patterns
node-and-git: image: node:18.10-alpine before_script: - apk --no-cache add git kubectl-and-stern: image: alpine/k8s:1.22.13 before_script: # install stern - curl --show-error --silent --location https://github.com/stern/stern/releases/download/v1.22.0/stern_1.22.0_linux_amd64.tar.gz | tar zx --directory /usr/bin/ stern && chmod 755 /usr/bin/stern playwright-and-kubectl: image: mcr.microsoft.com/playwright:v1.35.1-focal before_script: # install kubectl - curl --show-error --silent --location --remote-name https://storage.googleapis.com/kubernetes-release/release/v1.25.3/bin/linux/amd64/kubectl && chmod +x ./kubectl && mv ./kubectl /usr/local/bin/
-
K9s: A lazier way to manage Kubernetes Clusters
I'll add stern (https://github.com/stern/stern) to that - follow logs from multiple pods easily.
-
What k8s related tool you wish you knew earlier?
Multi pod and container log tailing for Kubernetes https://github.com/stern/stern
- What's your "IDE" of choice nowadays?
-
How to Deploy and Scale Strapi on a Kubernetes Cluster 1/2
stern v1.22.0
-
Getting started with kubectl plugins
Link to GitHub Repository
-
Julia Evans: Tips for Analyzing Logs
If you are using Kubernetes, I highly recommend using https://github.com/stern/stern
-
What daily terminal based tools are you using for cluster management?
Stern: https://github.com/stern/stern for log streaming
What are some alternatives?
kubescape - Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
kubetail - Bash script to tail Kubernetes logs from multiple pods at the same time
kube-bench - Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
awesome-k8s-resources - A curated list of awesome Kubernetes tools and resources.
kubesec - Security risk analysis for Kubernetes resources
kail - kubernetes log viewer
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
cw - The best way to tail AWS CloudWatch Logs from your terminal
kube-hunter - Hunt for security weaknesses in Kubernetes clusters
openlens-node-pod-menu - Node and pod menus for OpenLens
polaris - Shopify’s design system to help us work together to build a great experience for all of our merchants.
saw - Fast, multi-purpose tool for AWS CloudWatch Logs