kubernetes-reflector
kubernetes-replicator
| kubernetes-reflector | kubernetes-replicator | |
|---|---|---|
| 7 | 3 | |
| 906 | 815 | |
| 4.5% | 3.1% | |
| 5.6 | 6.2 | |
| 21 days ago | about 1 month ago | |
| C# | Go | |
| MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
kubernetes-reflector
-
KafkaUser in another namespace
In one of the comments it lead us to https://config-syncer.com/docs/v0.14.7/setup/install/ which had a comment about another tool emberstack/kubernetes-reflector.
-
Synchronisation app
You should have you app deployed from a git repo using something like ArgoCD, Flux, or fleet. You would then make your changes in git to have the synced to your target clusters. I've never used it, but you could also look at https://github.com/emberstack/kubernetes-reflector
- emberstack/kubernetes-reflector: Custom Kubernetes controller that can be used to replicate secrets, configmaps and certificates.
-
Is it possible to read secrets from a specfic namespace through RoleBinding?
You mean this? Isn't it kinda hacky? I mean, it feels like every solution for shared imagePullSecret is a total hack.
-
Emberstack/Kubernetes-Reflector Alternative
Is there any good alternative for https://github.com/emberstack/kubernetes-reflector ?
-
Cluster Secret
We are using reflector: https://github.com/emberstack/kubernetes-reflector
kubernetes-replicator
-
What if your Pods need to trust self-signed certificates?
I've built a small MutatingAdmissionWebhook controller [0] that handles this, via a pod annotation whose value is a secret with `ca.crt` inside, and it uses the (mostly) de facto standard openssl variables to configure the libraries, so that it works across pretty much everything I've tried it with off the shelf.
I build a bundle (though I may just move to trust-manager [1]) and replicate it into all namespaces with kubernetes-replicator [2], and then I can annotate any pod with
[0] https://github.com/microcumulus/ca-injector
[1] https://github.com/cert-manager/trust-manager
[2] https://github.com/mittwald/kubernetes-replicator
-
To anyone hosting in Kubernetes: Do you put all of your apps in one namespace (e.g., default), or one app per namespace?
Whichever way you go, I’ve successfully used this to replicate secrets: https://github.com/mittwald/kubernetes-replicator
- GitHub - mittwald/kubernetes-replicator: Kubernetes controller for synchronizing secrets & config maps across namespaces
What are some alternatives?
kubed - 🛡️ Kubernetes Config Syncer (previously kubed) [Moved to: https://github.com/kubeops/config-syncer]
KubernetesCRDOperator - A sample about Kubernetes controller which can work with CRD to implement Operator pattern.
config-syncer - 🛡️ Kubernetes Config Syncer (previously kubed)
aws-cloud-map-mcs-controller-for-k8s - K8s controller implementing Multi-Cluster Services API based on AWS Cloud Map.
Reloader - A Kubernetes controller to watch changes in ConfigMap and Secrets and do rolling upgrades on Pods with their associated Deployment, StatefulSet, DaemonSet and DeploymentConfig – [✩Star] if you're using it!
secrets-manager - A daemon to sync Vault secrets to Kubernetes secrets
2D-Character-Controller - Free 2D Character Controller for Unity.
secretgen-controller - secretgen-controller provides CRDs to specify what secrets need to be on Kubernetes cluster (to be generated or not)
geodesic - 🚀 Geodesic is a DevOps Linux Toolbox in Docker
sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets