scope
inspektor-gadget
Our great sponsors
scope | inspektor-gadget | |
---|---|---|
4 | 8 | |
5,811 | 1,883 | |
0.1% | 8.3% | |
0.0 | 9.9 | |
9 months ago | 6 days ago | |
Go | C | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
scope
-
IA et Calcul scientifique dans Kubernetes avec le langage Julia, K8sClusterManagers.jl
Weave Scope
-
Interactive Architecture Diagrams
There are products that will introspect a k8s cluster and give a diagram like: https://www.weave.works/oss/scope/
-
Kubernetes Security Checklist 2021
Build observability and visibility processes in order to understand what is happening in infrastructure and services (Luntry, WaveScope)
inspektor-gadget
-
Running tcpdump on eks worker nodes
You can try using https://www.inspektor-gadget.io/ You can try either, top tcp, trace network-graph or trace tcp gadget. It's a CNCF sandbox project and it's kubernetes native so I think this should work.
-
Getting started with kubectl plugins
Link to GitHub Repository
-
Isolating Kubernetes pods for debugging
Inspector gadget is a tool designed to introspect and debug Kubernetes applications using eBPF.
-
What are some useful Kubernetes tools you can share?
I found this tool: https://github.com/kinvolk/inspektor-gadget great if you want to have a detailed debugging for running pods e.g all exec system calls or trace tcp connections etc.
-
Kubernetes Security Checklist 2021
All namespaces should have NetworkPolicy. Interactions between namespaces should be limited to NetworkPolicy following least privileges principles (Inspektor Gadget)
What are some alternatives?
syft - CLI tool and library for generating a Software Bill of Materials from container images and filesystems
lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Flatcar - Flatcar project repository for issue tracking, project documentation, etc.
falco - Cloud Native Runtime Security
kubesess - Kubectl plugin managing sessions
security-profiles-operator - The Kubernetes Security Profiles Operator
go2seccomp - Generate seccomp profiles from go binaries
branca - :key: Secure alternative to JWT. Authenticated Encrypted API Tokens for Go.
Singularity - Scheduler (HTTP API and webapp) for running Mesos tasks—long running processes, one-off tasks, and scheduled jobs. #hubspot-open-source
Kyverno - Kubernetes Native Policy Management
k8s-device-plugin - Kubernetes (k8s) device plugin to enable registration of AMD GPU to a container cluster