rbac-tool
Flux
rbac-tool | Flux | |
---|---|---|
9 | 12 | |
873 | 6,956 | |
2.6% | - | |
5.0 | 7.6 | |
15 days ago | over 1 year ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
rbac-tool
-
Getting started with kubectl plugins
Link to GitHub Repository
-
Data and System Visualization Tools That Will Boost Your Productivity
A simpler alternative to Krane is rbac-tool, which can be installed as kubectl plugin. It can also analyze, audit, interrogate RBAC rules, but most importantly, it can visualize them:
-
Interesting tools?
Tool to create and visualize RBAC in cluster: https://github.com/alcideio/rbac-tool
-
Kubernetes Multi-Cluster Part 3: Authentication and Access Control
Other tools that can also audit your existing RBAC permissions and Kubernetes setups are rbac-tool and rbac-audit.
-
What would make your life easier when using Kubernetes?
And of course a quick google search shows that someone has already created something like that for RBAC: https://github.com/alcideio/rbac-tool
- rbac-tool
-
Kubernetes Security Checklist 2021
Role-Based Access Control (RBAC) should be configured for the Kubernetes cluster. Rights need to be assigned within the project namespace based on least privilege and separation of duties (RBAC-tool)
-
Compiled list of ClusterRoles for better/safer RBAC
I've been tasked with defining and documenting some ClusterRoles with clear permissions that should (mostly) be enough for any kind of cluster. The idea is for admins (who don't necessarily do the devops behind) to be able to understand what each CR does, to assign these CRs to users on the fly, to update a user's access as their needs change, to view a list of policy rules, who can do what etc... For this maintenance and tracking part we use rbac-manager and rbac-tool, which are excellent tools imo.
-
Ask r/kubernetes: What are you working on this week?
I've just started using rbac-manager and rbac-tool to apply and track rbac on our clusters :)
Flux
-
Weaveworks Is Shuting Down
Right. Flux was a handy little tool[1] that sync'd yaml manifests in git repos to live clusters. The concept was fascinating, and the tool was well done--small and efficient. Easy to learn.
In 2019, they announced they'd be "merging" with argocd[2]. It seems the merge never really took place, and after that they deprecated flux and announced flux2[3].
The sudden changes of course were a little confusing and perhaps not too well communicated.
1: https://github.com/fluxcd/flux
-
FluxCD - question on configuration/setup in namespaces...
If you are looking at multiple instances of Flux on a cluster which is unmaintained, then most likely you are looking at Flux v1 which is the legacy version and users are all recommended to migrate to the new Flux v2 that has the feature of multiple git repositories and supporting to allow multiple syncs or even multiple tenants.
-
Interesting tools?
CI/CD: Tekton Flux
-
What You Should Know Before Setting Up Your First CI/CD Pipeline
Use ArgoCD or Flux for Kubernetes, and Serverless Stack for your serverless Lambda applications.
-
Top 200 Kubernetes Tools for DevOps Engineer Like You
HybridK8s Droid - Intelligence foor your favourite Delivery Platform Devtron - Software Delivery Workflow for Kubernetes Skaffold - Easy and Repeatable Kubernetes Development Apollo - Apollo - The logz.io continuous deployment solution over kubernetes Helm Cabin - Web UI that visualizes Helm releases in a Kubernetes cluster flagger - Progressive delivery Kubernetes operator (Canary, A/B Testing and Blue/Green deployments) Kubeform - Kubernetes CRDs for Terraform providers https://kubeform.com Spinnaker - Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence. http://www.spinnaker.io/ werf - GitOps tool to deliver apps to Kubernetes and integrate this process with GitLab and other CI tools Flux - GitOps Kubernetes operator Argo CD - Declarative continuous deployment for Kubernetes Tekton - A cloud native continuous integration and delivery (CI/CD) solution Jenkins X - Jenkins X provides automated CI+CD for Kubernetes with Preview Environments on Pull Requests using Tekton, Knative, Lighthouse, Skaffold and Helm KubeVela - KubeVela works as an application delivery control plane that is fully decoupled from runtime infrastructure ksonnet - A CLI-supported framework that streamlines writing and deployment of Kubernetes configurations to multiple clusters CircleCI - A cloud-based tool that helps build continuous integration and continuous delivery pipelines to Kubernetes.
-
Automatic subchart updating?
Does a tool like this exist? I am aware of the argoCD image updater which is similar but not quite what I’m looking for, and am aware that flux has an old feature request for this https://github.com/fluxcd/flux/issues/2711
-
Automation assistants: GitOps tools in comparison
The blog post by Weaveworks, which coined the term GitOps in 2017, also names the first GitOps operator: Flux. In the meantime, this has been completely rewritten as Flux v2. In addition to Flux and Flux v2, the associated project "Flux" develops other components. Weaveworks has now handed the project over to the Cloud Native Computing Foundation (CNCF). By now, the project is in the second maturity level: incubator phase.
-
Azure DevOps and GitOps
Here's our GitHub for Weave Flux and an overview of GitOps
-
Open source Heroku Like Platform on premises
Looks really neat. We have a not-super-trivial rails app that I want to move to docker one day, but kinda scared to make the jump. We're already using docker for development, plus even have a home-grown docker-compose setup for ephemeral labs, but it's clunky at best.
This seems like something that might provide a simple jumping board hopefully... Also bumped into fluxCD[0] recently which also looks interesting.
[0] https://github.com/fluxcd/flux
-
Kubernetes State Checker
> It doesn't make all the other yaml files happen. It doesn't make the yaml files you no longer want happening, stop happening. It doesn't even tell you "these things were created by 'old' yaml files" and should be garbage collected (since it doesn't seem to have a sense of old yaml files).
This is definitely one piece of Kubernetes that is getting a lot of attention recently. The three tools I've been paying attention to are Argo CD[0], Flux[1], and Config Sync[2].
All of these allow you to point your repository to a cluster and sync resources from the repo to the cluster, including deletes.
[0] https://argoproj.github.io/argo-cd/
[1] https://github.com/fluxcd/flux
[2] https://cloud.google.com/kubernetes-engine/docs/add-on/confi...
Disclaimer: I work at GCP, but not on the GKE team. Opinions are my own.
What are some alternatives?
Kyverno - Kubernetes Native Policy Management
fleet - Deploy workloads from Git to large fleets of Kubernetes clusters
teleport - A WebXR teleport for three.js
argo-cd - Declarative Continuous Deployment for Kubernetes
krane - Kubernetes RBAC static analysis & visualisation tool
keel - Kubernetes Operator to automate Helm, DaemonSet, StatefulSet & Deployment updates
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
vault-secrets-operator - Create Kubernetes secrets from Vault for a secure GitOps based workflow.
checkov - Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
kubernetes-external-secrets - Integrate external secret management systems with Kubernetes
Gravitational Teleport - The easiest, and most secure way to access and protect all of your infrastructure.
argo-rollouts - Progressive Delivery for Kubernetes