kubezoo
kiosk
Our great sponsors
kubezoo | kiosk | |
---|---|---|
3 | 8 | |
640 | 1,067 | |
0.0% | 1.0% | |
0.0 | 0.0 | |
about 1 year ago | 6 months ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
kubezoo
- KubeZoo - Gateway Service for Kubernetes Multi-tenancy
-
KubeZoo – Gateway Service for Kubernetes Multi-Tenancy
KubeZoo is a lightweight gateway service that leverages the existing namespace model and add multi-tenancy capability to existing Kubernetes. KubeZoo provides view-level isolation among tenants by capturing and transforming the requests and responses.
An interesting project by ByteDance(TikTok) - https://github.com/kubewharf/kubezoo
kiosk
-
Multi-tenancy in Kubernetes
Kiosk
-
Dedicated backend resources per client
Have a look at https://github.com/loft-sh/kiosk and maybe the paid version https://loft.sh/
-
From Kubernetes to Plattform
As for the open source projects, maybe you would find Kiosk for allowing self-service namespace creation, namespace templates and cross-namespace resource limits and quotas.
-
Space boxing user accounts with Kiosk
# Install kiosk with helm v3 ❯ kubectl create namespace kiosk helm install kiosk --repo https://charts.devspace.sh/ kiosk --namespace kiosk --atomic namespace/kiosk created NAME: kiosk ... Learn more about using kiosk here: https://github.com/loft-sh/kiosk#getting-started #verify ❯ kubectl get pod -n kiosk NAME READY STATUS RESTARTS AGE kiosk-66dbfcf6db-5rfx2 1/1 Running 0 2m18s
-
Checklist for Platform Engineers
Kubernetes was designed as a single-tenant platform. Sharing clusters, though, offers greater flexibility, simplifies infrastructure, and improves cost-efficiency. Therefore, it makes sense to use a multi-tenant system. To keep tenants separate and prevent compromised tenants from affecting others, you can use role-based access control (RBAC) or namespaces. Tools that assist with multi-tenancy in Kubernetes include kiosk and loft.
-
User management qustion
For simple environments I'm using klum, for bigger environments I'm using OIDC with Keycloak. Beside that kiosk also looks interesting.
-
RBAC for developer self-service?
https://github.com/loft-sh/kiosk (from makers of loft)
- Meet Rich Burroughs - Loft Blog
What are some alternatives?
capsule - Multi-tenancy and policy-based framework for Kubernetes.
vcluster - vCluster - Create fully functional virtual Kubernetes clusters - Each vcluster runs inside a namespace of the underlying k8s cluster. It's cheaper than creating separate full-blown clusters and it offers better multi-tenancy and isolation than regular namespaces.
loft - Namespace & Virtual Cluster Manager for Kubernetes - Lightweight Virtual Clusters, Self-Service Provisioning for Engineers and 70% Cost Savings with Sleep Mode
Openshift Origin - Conformance test suite for OpenShift
klum - Kubernetes Lazy User Manager
sandbox-operator - A Kubernetes operator for creating isolated environments
devspace - DevSpace - The Fastest Developer Tool for Kubernetes ⚡ Automate your deployment workflow with DevSpace and develop software directly inside Kubernetes.
OPA (Open Policy Agent) - Open Policy Agent (OPA) is an open source, general-purpose policy engine.
jspolicy - jsPolicy - Easier & Faster Kubernetes Policies using JavaScript or TypeScript
Kyverno - Kubernetes Native Policy Management
devspace-plugin-loft - Loft Plugin for DevSpace - adds commands like `devspace create space` or `devspace create vcluster` to DevSpace
celery - Distributed Task Queue (development branch)