zarf
imageswap-webhook
zarf | imageswap-webhook | |
---|---|---|
6 | 1 | |
1,194 | 146 | |
17.5% | - | |
9.5 | 5.9 | |
4 days ago | 5 months ago | |
Go | Python | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
zarf
- Zarf: K8s in Airgapped Environments
-
Air gapped on prem install - what would you do?
There is a tool written for this exact scenario! (disclaimer: I am a maintainer) https://github.com/defenseunicorns/zarf . Zarf can create packages out of all of your images, Helm charts, manifests... and deploy that package w/ zero dependencies on the other side (you can even use k3s built into the default init package if you don't have a cluster). The docs do it more justice https://docs.zarf.dev/docs/zarf-overview .
- Zarf – DevSecOps for Air Gap and Limited-Connection Systems
- GitHub - defenseunicorns/zarf: K8s Airgap Buddy
- zarf: K8s Airgap Buddy - Zarf massively simplifies the setup & administration of kubernetes clusters "across the air gap". It provides a static go binary CLI that can pull, package, and install all the things your clusters need to run. It caches downloads (for speed), hashes packages (for security)
-
What is the Hardest Environment to Deploy to?
We're working on https://github.com/defenseunicorns/zarf which can deploy to bare metal and an airgap environment
imageswap-webhook
-
Air gapped on prem install - what would you do?
We have on premise clusters built that only have access to internal sites, no access to the internet. We've done this with 2 versions of K8s. The first we used a tool that was created in house. The guy who built it put it up on GitHub. It is the imageswap web hook. I haven't kept up with it since we've stopped using it, but it used to take everything other than the image name and tag and swap it with whatever we set. So, something like "webdevops/toolbox:latest" would be changed to "registry.internal.org/images/toolbox:latest" if we set our registry and path to "registry.internal.org/images". Then we'd just stage all of the necessary images in that image registry. You could choose which namespaces to label to use the image swap and which to leave alone.
What are some alternatives?
helmify - Creates Helm chart from Kubernetes yaml
prom2teams - prom2teams is an HTTP server built with Python that receives alert notifications from a previously configured Prometheus Alertmanager instance and forwards it to Microsoft Teams using defined connectors
vcluster - vCluster - Create fully functional virtual Kubernetes clusters - Each vcluster runs inside a namespace of the underlying k8s cluster. It's cheaper than creating separate full-blown clusters and it offers better multi-tenancy and isolation than regular namespaces.
connaisseur - An admission controller that integrates Container Image Signature Verification into a Kubernetes cluster
Flux - Successor: https://github.com/fluxcd/flux2
talos - Talos Linux is a modern Linux distribution built for Kubernetes.
flux2 - Open and extensible continuous delivery solution for Kubernetes. Powered by GitOps Toolkit.
helmfile - Declaratively deploy your Kubernetes manifests, Kustomize configs, and Charts as Helm releases. Generate all-in-one manifests for use with ArgoCD.
sbom-operator - Catalogue all images of a Kubernetes cluster to multiple targets with Syft
hauler - Airgap Swiss Army Knife
tekton-tasks-kustomize - Customizing Tekton tasks with kustomize
k3sup - bootstrap K3s over SSH in < 60s 🚀