pixie
kubestriker
Our great sponsors
pixie | kubestriker | |
---|---|---|
19 | 8 | |
5,262 | 977 | |
1.6% | 0.5% | |
9.4 | 0.0 | |
5 days ago | 12 days ago | |
C++ | Python | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pixie
- Grafana Beyla: OSS eBPF auto-instrumentation for application observability
-
Show HN: Alaz: Open-Source, Self-Hosted, eBPF-Based K8s Monitoring
I am really curious, why build another project that has similar features as another open source software pixie - https://px.dev/.
-
Open source alternatives to Grafana
Kibana is a good alternative if you can allow storing all your data in Elasticsearch, or you can use all-in-one monitoring tools like pixie https://github.com/pixie-io/pixie
-
Too many cook in the kitchen? I find everyone just wanna create their own Kubernetes plugin solution.
Cilium multi-cluster mesh is a bit different, compared to service meshes, and it's L4, so should be fine with eBPF / XDP based routing. From observability standpoint I'd go for pixie - it should work just fine with both linkerd and istio, instead of Hubble, and Cilium's Tetragon was missing policies about 3-4 months ago (needs doublec-hecking if they had introduced any).
- Improving Observability of Go Services
-
Launch HN: Odigos (YC W23) – Instant distributed tracing for Kubernetes clusters
Congratulations on the launch, and thank you for choosing an awesome license!
For an unrelated reason, today I was reminded about Pixie (https://news.ycombinator.com/item?id=25375170 and https://news.ycombinator.com/item?id=31687978 and https://github.com/pixie-io/pixie#readme ), which says is also an ebpf kubernetes observability tool, also Apache licensed.
I suspect the difference may be your aspirations to move out of just kubernetes, but I wondered if that's the biggest difference between your project and theirs? Or maybe the C++ versus golang?
- Linux /proc/pid/stat parsing bugs
- Go based eBPF projects
- Show HN: Pixie, open source observability for Kubernetes using eBPF
-
Pixie: an X-ray Machine for Kubernetes Traffic
And good news is that we have Pixie, another great CNCF project, for this observability task today!
kubestriker
-
Top 200 Kubernetes Tools for DevOps Engineer Like You
TerraScan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. klum - Kubernetes Lazy User Manager Kyverno - Kubernetes Native Policy Management https://kyverno.io kiosk - kiosk office Multi-Tenancy Extension For Kubernetes - Secure Cluster Sharing & Self-Service Namespace Provisioning kube-bench - CIS Kubernetes Benchmark tool kube-hunter - Pentesting tool - Hunts for security weaknesses in Kubernetes clusters kube-who-can - Show who has RBAC permissions to perform actions on different resources in Kubernetes starboard - Kubernetes-native security toolkit Simulator - Kubernetes Security Training Platform - Focussing on security mitigation RBAC Lookup - Easily find roles and cluster roles attached to any user, service account, or group name in your Kubernetes cluster https://fairwinds.com Kubeaudit - kubeaudit helps you audit your Kubernetes clusters against common security controls Gangway - An application that can be used to easily enable authentication flows via OIDC for a kubernetes cluster Audit2rbac - Autogenerate RBAC policies based on Kubernetes audit logs Chartsec - Helm Chart security scanner kubestriker - Security Auditing tool Datree - CLI tool to prevent K8s misconfigurations by ensuring that manifests and Helm charts follow best practices as well as your organization’s policies Krane - Kubernetes RBAC static Analysis & visualisation tool Flaco - The Falco Project - Cloud-Native runtime security Clair - Vulnerability Static Analysis for Containers Anchore Cli - Coomand Line Interface built on top of anchore engine to manage and inspect images, policies, subscriptions and registries Project Quay - Container image registry designed to boost the security of your repositories via vulnerability scanning and tight access control Kubescape - Tool to test if Kubernetes is deployed securely according to multiple frameworks: regulatory, customized company policies and DevSecOps best practices, such as the NSA-CISA and the MITRE ATT&CK®
-
Container security best practices: Comprehensive guide
Other tools you can use are linux-bench, docker-bench, kube-bench, kube-hunter, kube-striker, Cloud Custodian, OVAL, and OS Query.
-
Kubestriker - A blazing fast Kubernetes security auditing tool for free
# Create python virtual environment $ python3 -m venv env # Activate python virtual environment $ source env/bin/activate # Clone this repository $ git clone https://github.com/vchinnipilli/kubestriker.git # Go into the repository $ cd kubestriker # Install dependencies $ pip install -r requirements.txt # Incase of prompt toolkit or selectmenu errors $ pip install prompt-toolkit==1.0.15 $ pip install -r requirements.txt # Gearing up Kubestriker $ python -m kubestriker # Result will be generated in the current working directory with the name of the target
What are some alternatives?
cilium - eBPF-based Networking, Security, and Observability
ScoutSuite - Multi-Cloud Security Auditing Tool
parca - Continuous profiling for analysis of CPU and memory usage, down to the line number and throughout time. Saving infrastructure cost, improving performance, and increasing reliability.
opencspm - Open Cloud Security Posture Management Engine
tracer - 🧶 Dead simple, lightweight tracing.
SonarQube - Continuous Inspection
statsviz - 🚀 Visualise your Go program runtime metrics in real time in the browser
devtron - Tool integration platform for Kubernetes
cloudsploit - Cloud Security Posture Management (CSPM)
sysbindings - sysctl/sysfs settings on a fly for Kubernetes Cluster. No restarts are required for clusters and nodes.
enhancements - Enhancements tracking repo for Kubernetes
cubefs - cloud-native file store