kubernetes-replicator
secrets-manager
kubernetes-replicator | secrets-manager | |
---|---|---|
3 | 1 | |
805 | 171 | |
1.9% | 0.0% | |
6.2 | 0.0 | |
18 days ago | about 1 year ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
kubernetes-replicator
-
What if your Pods need to trust self-signed certificates?
I've built a small MutatingAdmissionWebhook controller [0] that handles this, via a pod annotation whose value is a secret with `ca.crt` inside, and it uses the (mostly) de facto standard openssl variables to configure the libraries, so that it works across pretty much everything I've tried it with off the shelf.
I build a bundle (though I may just move to trust-manager [1]) and replicate it into all namespaces with kubernetes-replicator [2], and then I can annotate any pod with
[0] https://github.com/microcumulus/ca-injector
[1] https://github.com/cert-manager/trust-manager
[2] https://github.com/mittwald/kubernetes-replicator
-
To anyone hosting in Kubernetes: Do you put all of your apps in one namespace (e.g., default), or one app per namespace?
Whichever way you go, I’ve successfully used this to replicate secrets: https://github.com/mittwald/kubernetes-replicator
- GitHub - mittwald/kubernetes-replicator: Kubernetes controller for synchronizing secrets & config maps across namespaces
secrets-manager
-
Get config files inside pods
https://github.com/tuenti/secrets-manager https://www.vaultproject.io/
What are some alternatives?
KubernetesCRDOperator - A sample about Kubernetes controller which can work with CRD to implement Operator pattern.
sops - Simple and flexible tool for managing secrets
aws-cloud-map-mcs-controller-for-k8s - K8s controller implementing Multi-Cluster Services API based on AWS Cloud Map.
secrets-store-csi-driver - Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.
kubed - 🛡️ Kubernetes Config Syncer (previously kubed) [Moved to: https://github.com/kubeops/config-syncer]
Sup3rS3cretMes5age - Simple to use, simple to deploy, one time self destruct messaging service, with hashicorp vault as a backend
config-syncer - 🛡️ Kubernetes Config Syncer (previously kubed)
bank-vaults - A Vault swiss-army knife: A CLI tool to init, unseal and configure Vault (auth methods, secret engines).
sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets
rvault - Small tool to perform some recursive operations on Hashicorp's Vault KV
k8tz - Kubernetes admission controller and a CLI tool to inject timezones into Pods and CronJobs
vault-secrets-operator - The Vault Secrets Operator (VSO) allows Pods to consume Vault secrets natively from Kubernetes Secrets.