terraform-k8s
kubernetes-external-secrets
terraform-k8s | kubernetes-external-secrets | |
---|---|---|
5 | 26 | |
450 | 2,584 | |
0.2% | - | |
4.9 | 7.7 | |
5 months ago | almost 2 years ago | |
Go | JavaScript | |
Mozilla Public License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
terraform-k8s
-
Terraform Cloud Operator in Production - Secrets
Is anyone here using the Terraform Cloud Operator in production? If so, how are you managing workspace secrets?
-
Terraform Cloud Operator giving not found error
So I’m using the terraform cloud operator for kubernetes (https://github.com/hashicorp/terraform-k8s) to create workspaces from an EKS cluster. I’ve had to use a forked helm chart. However, the issue I have right now is that when I create a workspace via the CRD, it creates on Terraform cloud and then is just stuck. Doesn’t try to apply the module, plan, apply etc. The logs of the operator pod talks about not being able to find the workspace.
-
GitOps using the Terraform Cloud Operator for Kubernetes
Did anyone try https://github.com/hashicorp/terraform-k8s for applying GitOps principles to IaC?
-
Automation assistants: GitOps tools in comparison
In addition to creating Kubernetes clusters, there is also an increasing number of opportunities to use various Infrastructure-as-Code (IaC) tools, such as Terraform, with GitOps. As was already mentioned, PipeCD offers support for Terraform. Terraform's vendor, HashiCorp, now also offers an official Terraform Kubernetes operator. However, it needs access to HashiCorp's Terraform Cloud. Alternatively, there are also third-party operators that can function without Terraform Cloud, such as the one developed by Rancher. However, it is still in alpha stage.
-
Etok: execute terraform on kubernetes
Pretty neat. I really want to test it out, and see how it compares to https://github.com/hashicorp/terraform-k8s and https://github.com/rancher/terraform-controller
kubernetes-external-secrets
- aws secrets with eks ,Teffarorm & helm
-
Securing Kubernetes Secrets with HashiCorp Vault
$ helm repo add external-secrets https://external-secrets.github.io/kubernetes-external-secrets/ "external-secrets" has been added to your repositories $ helm install k8s-external-secrets external-secrets/kubernetes-external-secrets -f values.yaml NAME: k8s-external-secrets LAST DEPLOYED: Wed Mar 23 22:50:35 2022 NAMESPACE: default STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: The kubernetes external secrets has been installed. Check its status by running: $ kubectl --namespace default get pods -l "app.kubernetes.io/name=kubernetes-external-secrets,app.kubernetes.io/instance=k8s-external-secrets" Visit https://github.com/external-secrets/kubernetes-external-secrets for instructions on how to use kubernetes external secrets
-
SimpleSecrets: A self-hosted K8S Secrets Manager Operator
I’m reading above that you weren’t aware of sealed-secrets. So I guess that you are not familiar with ExternalSecrets secrets neither. Very solid project
- Managing json config files for apps deployed to k8s at scale
-
1Password Has Raised $620M
They probably should merge with https://github.com/external-secrets/kubernetes-external-secr...
- Recommended way of securing AWS secret key and id in K8s secrets for pulling images from AWS ECR
-
Do you have a TODO checklist when creating clusters from scratch?
I do not recommend vault if you are not experienced. It is a heavy infra to manage. I suggest looking into https://github.com/external-secrets/kubernetes-external-secrets and selecting the tool offered by your cloud providers.
-
Secrets usage
This is where things like the vault agent sidecar or projects like external secrets come in and allow you to inject / sync your secrets backend and your Kubernetes workloads :)
-
Cloud password managements
Depending on what platform you are on, you could use the AWS SDK or a tool like external-secrets (for Kubernetes).
-
Kuberentes CI/CD
We don't keep anything sensitive inside of Helm charts. We use AWS Secrets Manager and external-secrets
What are some alternatives?
argocd-operator - A Kubernetes operator for managing Argo CD clusters.
argocd-vault-plugin - An Argo CD plugin to retrieve secrets from Secret Management tools and inject them into Kubernetes secrets
cluster-api - Home for Cluster API, a subproject of sig-cluster-lifecycle
sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets
argo-rollouts - Progressive Delivery for Kubernetes
vault-secrets-operator - Create Kubernetes secrets from Vault for a secure GitOps based workflow.
Flux - Successor: https://github.com/fluxcd/flux2
Bitwarden - The core infrastructure backend (API, database, Docker, etc).
sops-secrets-operator - Kubernetes SOPS secrets operator
secrets-store-csi-driver - Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.
flagger - Progressive delivery Kubernetes operator (Canary, A/B Testing and Blue/Green deployments)
Reloader - A Kubernetes controller to watch changes in ConfigMap and Secrets and do rolling upgrades on Pods with their associated Deployment, StatefulSet, DaemonSet and DeploymentConfig – [✩Star] if you're using it!