kubernetes-replicator
ca-injector
| kubernetes-replicator | ca-injector | |
|---|---|---|
| 3 | 2 | |
| 805 | 24 | |
| 1.9% | - | |
| 6.2 | 4.3 | |
| 19 days ago | 2 months ago | |
| Go | Go | |
| Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
kubernetes-replicator
-
What if your Pods need to trust self-signed certificates?
I've built a small MutatingAdmissionWebhook controller [0] that handles this, via a pod annotation whose value is a secret with `ca.crt` inside, and it uses the (mostly) de facto standard openssl variables to configure the libraries, so that it works across pretty much everything I've tried it with off the shelf.
I build a bundle (though I may just move to trust-manager [1]) and replicate it into all namespaces with kubernetes-replicator [2], and then I can annotate any pod with
[0] https://github.com/microcumulus/ca-injector
[1] https://github.com/cert-manager/trust-manager
[2] https://github.com/mittwald/kubernetes-replicator
-
To anyone hosting in Kubernetes: Do you put all of your apps in one namespace (e.g., default), or one app per namespace?
Whichever way you go, I’ve successfully used this to replicate secrets: https://github.com/mittwald/kubernetes-replicator
- GitHub - mittwald/kubernetes-replicator: Kubernetes controller for synchronizing secrets & config maps across namespaces
ca-injector
-
What if your Pods need to trust self-signed certificates?
I've built a small MutatingAdmissionWebhook controller [0] that handles this, via a pod annotation whose value is a secret with `ca.crt` inside, and it uses the (mostly) de facto standard openssl variables to configure the libraries, so that it works across pretty much everything I've tried it with off the shelf.
I build a bundle (though I may just move to trust-manager [1]) and replicate it into all namespaces with kubernetes-replicator [2], and then I can annotate any pod with
[0] https://github.com/microcumulus/ca-injector
[1] https://github.com/cert-manager/trust-manager
[2] https://github.com/mittwald/kubernetes-replicator
-
Make Kubernetes trust SSL CA
for libraries that respect the SSL_CERT_FILE environment variable can use this tool: https://github.com/microcumulus/ca-injector
What are some alternatives?
KubernetesCRDOperator - A sample about Kubernetes controller which can work with CRD to implement Operator pattern.
trust-manager - trust-manager is an operator for distributing trust bundles across a Kubernetes cluster.
aws-cloud-map-mcs-controller-for-k8s - K8s controller implementing Multi-Cluster Services API based on AWS Cloud Map.
docker-compose-stack - Use docker-compose and watchtower to self-deploy and auto-update a stack
secrets-manager - A daemon to sync Vault secrets to Kubernetes secrets
kubed - 🛡️ Kubernetes Config Syncer (previously kubed) [Moved to: https://github.com/kubeops/config-syncer]
config-syncer - 🛡️ Kubernetes Config Syncer (previously kubed)
sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets
k8tz - Kubernetes admission controller and a CLI tool to inject timezones into Pods and CronJobs
kube-httpcache - Varnish Reverse Proxy on Kubernetes
bank-vaults - A Vault swiss-army knife: A CLI tool to init, unseal and configure Vault (auth methods, secret engines).