postgres-operator
bank-vaults
postgres-operator | bank-vaults | |
---|---|---|
36 | 10 | |
3,989 | 0 | |
1.5% | - | |
8.6 | 0.0 | |
9 days ago | 8 months ago | |
Go | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
postgres-operator
-
Run PostgreSQL. The Kubernetes Way
yes, precisely. It's UI part that's broken, which cannot list snapshots. Issue is here, no fix since 2020, sadly: https://github.com/zalando/postgres-operator/issues/937
-
Modern SQL Databases Are Changing Web Development: Part 1
I personally like the Zalando operator better, you can add databases and users by updating the CRD, feature parity between the two on HA is pretty good
https://github.com/zalando/postgres-operator
- Deploying Postgres on Kubernetes in production
-
Why PostgreSQL High Availability Matters and How to Achieve It
one of the solutions which made it pretty simple for us to run postgresql in a ha environment (mostly in k8s, but works standalone as well) is zalandos patroni: https://github.com/zalando/patroni it's really solid and worked for us for a few years already.
or for k8s their operator: https://github.com/zalando/postgres-operator (docker image: https://github.com/zalando/spilo) we've also tried other operators which were easier to get started, but they failed miserably (crunchyrolls operator is basically based on the zalando one)
-
How to Deploy a PostgreSQL cluster on Kubernetes
git clone https://github.com/zalando/postgres-operator.git cd postgres-operator
-
[Kubernetes] Comment déployez-vous un cluster Postgres sur Kubernetes en 2022?
Zalando / Postgres-Operator
-
What are you using to run Postgres?
Somewhere between here and here i found out about that.
-
How to deploy a high availability (HA) Postgres cluster in Kubernetes?
Here's an example of using the PostgreSQL Operator to deploy a high availability PostgreSQL cluster in Kubernetes. In this example, I'll be using the PostgreSQL Operator from Zalando [https://github.com/zalando/postgres-operator] to deploy a PostgreSQL cluster with two nodes.
-
Implementing postgres on a kubernetes cluster for production. Any guides, articles, checklist, etc?
Here's the operator for a postgres cluster: https://github.com/zalando/postgres-operator
-
Databases on Kubernetes is fundamentally same as a database on a VM
And that repo you linked to has 1846 issues, 161 open. Which doesn't seem extraordinary based on my limited exposure to k8s.
Another example: https://github.com/zalando/postgres-operator/issues with 445 open issues. Why?
Maybe I'm wrong and this is all a good sign of progress, but my impression is that the entire k8s ecosystem is held together with reused duct tape.
bank-vaults
-
Self-hosted Secrets Manager (or something alike)
there's https://github.com/banzaicloud/bank-vaults wich is a wrapper for hashivault, so not exactly what you're looking for but worth looking into.
-
Secrets Management on Kubernetes: How do you handle it?
https://github.com/banzaicloud/bank-vaults. Mind you after Cisco bought Banzai work on this project seems to have stopped. It works very well for us though.
-
Secrets Management with Hashicorp Vault - which integration point to use? Sidecar Injector? ESO?
We are using Banzai Bank Vaults Webhook and we’re very happy with it.
-
Project: Running a local cluster with TLS, ArgoCD GitOps, Vault and a PostgreSQL operator
If you ever want to see vault at that kind of level check out bank-vaults. Overkill for many, but it sounds like a decent fit for what you've already got in place and might reduce the boilerplate.
-
Run a pod in a namespace without having access to it's secrets?
Use vault-env (we use https://github.com/banzaicloud/bank-vaults) to inject the secret as an ENV var to the pod at runtime, based on Vault's Kubernetes auth
-
Secrets storage best practices
We use bank vault to inject secrets as environment variables. This does not require changes to the app. A sidecar is automatically added to the pod to retrieve the secrets and inject them in the app runtime. Here’s the link https://github.com/banzaicloud/bank-vaults
- How to manage passwords in Helm
- Homelab: Cluster Architecture
-
Kubernetes authentication from multiple, external clusters
I can follow up with examples if you'd like. You might like BanzaiCloud's Bank Vaults. We personally only use the Configurer component which just provides useful mechanisms to dynamically, or once off, configure Vault via data structures we supplied via ConfigMap.
-
Secrets Managers for Kubernetes (Vault (Hashi), Conjur (CyberArk), Platform Specific, etc)
Encrypted secrets can't be more than a temporary solution. That's why I'm not a fan of SOPS/Sealed Secrets/etc. I think the future for both security and usability is dynamic injection. Vault is the dopeness but I'm not a fan of the upstream Vault Injector -- shared volumes are a step backwards. It's all about the BanzaiCloud Vault Webhook -- secrets **only ever available to the running process**, rotation means: update the value in vault and bounce the pod, done. This is the way.
What are some alternatives?
kubegres - Kubegres is a Kubernetes operator allowing to deploy one or many clusters of PostgreSql instances and manage databases replication, failover and backup.
kubernetes-external-secrets - Integrate external secret management systems with Kubernetes
postgres-operator - Production PostgreSQL for Kubernetes, from high availability Postgres clusters to full-scale database-as-a-service.
vault-csi-provider - HashiCorp Vault Provider for Secret Store CSI Driver
cloudnative-pg - CloudNativePG is a comprehensive platform designed to seamlessly manage PostgreSQL databases within Kubernetes environments, covering the entire operational lifecycle from initial deployment to ongoing maintenance
secrets-store-csi-driver-provider-azure - Azure Key Vault provider for Secret Store CSI driver allows you to get secret contents stored in Azure Key Vault instance and use the Secret Store CSI driver interface to mount them into Kubernetes pods.
helm-charts - A curated set of Helm charts brought to you by codecentric
postgres-operator - Postgres operator creates and manages PostgreSQL clusters running in Kubernetes
longhorn - Cloud-Native distributed storage built on and for Kubernetes
k3s-home-cluster - Sets up a Kubernetes cluster using Ansible