Making Kubernetes Operations Easy with kubectl Plugins

• rbac-lookup

  1 542 6.2 Go

  Discontinued Easily find roles and cluster roles attached to any user, service account, or group name in your Kubernetes cluster [Moved to: https://github.com/FairwindsOps/rbac-lookup] (by reactiveops)

  

~ $ kubectl krew search NAME DESCRIPTION INSTALLED access-matrix Show an RBAC access matrix for server resources no advise-psp Suggests PodSecurityPolicies for cluster. no allctx Run commands on contexts in your kubeconfig no apparmor-manager Manage AppArmor profiles for cluster. no ... ~ $ kubectl krew search rbac-lookup NAME DESCRIPTION INSTALLED rbac-lookup Reverse lookup for RBAC no ~ $ kubectl krew info rbac-lookup NAME: rbac-lookup INDEX: default URI: https://github.com/reactiveops/rbac-lookup/releases/download/v0.6.4/rbac-lookup_0.6.4_Linux_x86_64.tar.gz SHA256: 9f6f63b2ee6f5420530b6aa589b4c8c4a4685bf87447286881d37afdd80a7fb2 VERSION: v0.6.4 HOMEPAGE: https://github.com/reactiveops/rbac-lookup DESCRIPTION: Easily find roles and cluster roles attached to any user, service account, or group name in your Kubernetes cluster.

• awesome-kubectl-plugins

  4 813 0.0

  Curated list of kubectl plugins

This is just a list of things that I find useful, so what works for me might not work for you and at the same time, there might a lot of plugins that I omitted, yet they can be super useful for you. So, go check out the krew index or awesome-kubectl-plugins repository for more. If you happen to find something cool, please share it, so others can benefit from it too.

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• kubectl-dig

  1 383 0.0 Go

  Deep kubernetes visibility from the kubectl

  

~ $ kubectl krew search dig # ... nothing relevant ~ $ git clone https://github.com/sysdiglabs/kubectl-dig.git && cd kubectl-dig ~ $ make build ~ $ cp _output/bin/kubectl-dig /home/martin/.krew/bin/kubectl-dig ~ $ kubectl dig Deep kubernetes visibility. Usage: dig dig [command] ...

• rakkess

  3 1,257 0.0 Go

  Review Access - kubectl plugin to show an access matrix for k8s server resources

rakkess - known as access-matrix in krew is plugin for showing and reviewing access to kubernetes resources. This can be very useful when designing RBAC roles - you can for example run kubectl access-matrix --as other-user --namespace some-ns to verify that user or service account has desired access rights in specified namespace.

• kubectl-kubesec

  2 500 5.9 Go

  Security risk analysis for Kubernetes resources

  

kubesec - known as kubesec-scan in krew is plugin for scanning resources with https://kubesec.io/ scanner. When you run this plugin against your manifests, it will tell you recommended changes to improve security of your workloads. To view all rules that the scanner uses visit the above website.

• rbac-lookup

  3 836 4.6 Go

  Easily find roles and cluster roles attached to any user, service account, or group name in your Kubernetes cluster

  

rbac-lookup - Similar to the first plugin we mentioned, this plugin also helps with RBAC in your cluster. This can be used to perform reverse lookup of roles, giving you a list of roles that user, service account or group has assigned. For example, to find roles bound to service account named my-sa you use the following - kubectl rbac-lookup my-sa --kind serviceaccount --output wide.

• ksniff

  9 3,036 0.0 Go

  Kubectl plugin to ease sniffing on kubernetes pods using tcpdump and wireshark

ksniff - known as sniff is a tool for debugging and capturing networking data. It's able to attach to a pod and using tcpdump to forward networking data to your local Wireshark. This tool also works pretty well with tshark - the command-line version of Wireshark.

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• kubectl-neat

  10 1,567 1.8 Go

  Clean up Kubernetes yaml and json output to make it readable

neat - possibly my favourite of all the plugins is neat which removes all the generated, redundant fields from YAML output of Kubernetes resources. If you're tired of scrolling through all the managedFields and other garbage, then definitely give this one a try.

• kube-capacity

  1 1,953 7.1 Go

  A simple CLI that provides an overview of the resource requests, limits, and utilization in a Kubernetes cluster

kube-capacity - known as resource-capacity in krew tries to provide better insight into cluster resource usage and utilization. It's essentially a kubectl top on steroids. It can show you resource utilization and consumption per namespace or pods, allows for node or pod label filtering, as well as sorting of output.

• kubepug

  9 1,362 8.6 Go

  Kubernetes PreUpGrade (Checker)

  

kube-pug - is a plugin known as deprecations in krew. Every cluster needs to be upgraded sooner or later and at some point you will run into API deprecations and/or removals. Finding what's being deprecated can be long and error-prone process and this plugin tries to simplify that. All you need to do is run kubectl deprecations --k8s-version=v1.XX.X and you will get list of all the instances of API objects in cluster that will be deprecated or removed in the specified version.

• kubectl-tree

  4 2,819 4.5 Go

  kubectl plugin to browse Kubernetes object hierarchies as a tree 🎄 (star the repo if you are using)

tree - Creating a single object in Kubernetes can trigger creation of many more dependent resources, whether it's just Deployment creating ReplicaSets or instance of an operator creating 20 different objects. This hierarchy can be difficult to navigate and kubectl tree can help with that by creating filesystem-like tree visualization of dependant resources.

• kubelogin

  14 1,522 8.8 Go

  kubectl plugin for Kubernetes OpenID Connect authentication (kubectl oidc-login)

kubelogin - If you're using OIDC provider such as Google, Keycloak or Dex for authenticating to Kubernetes cluster, then this plugin also known as oidc-login in krew can help you avoid having to manually login into your cluster over and over again. When you setup this plugin, every time you attempt to run any kubectl command without having valid authentication token, oidc-login will automatically open your provider's login page and after successful authentication grabs the token and logs you into the cluster. To see video of workflow check out the repository here.

• kubectx

  40 16,894 3.3 Go

  Faster way to switch between clusters and namespaces in kubectl

kubectx - known as ctx in krew is probably the most popular of all the plugins. It allows you to easily switch between kubectl context and cluster namespaces with without having to deal with kubectl config.

• ketall

  7 649 0.0 Go

  Like `kubectl get all`, but get really all resources

ketall - We all know that kubectl get all doesn't really give you all the resources. To really list all resources you can use ketall also known as get-all in krew. This plugin can just dump all the resources into your terminal as well as filter based on time, exclusions, label selectors or scopes (cluster or namespace).

• k9s

  126 24,857 9.4 Go

  🐶 Kubernetes CLI To Manage Your Clusters In Style!

There are also other tools out there beyond kubectl plugins, which can improve your productivity and simplify Kubernetes operations. The most prominent one is k9s, so if plugins aren't enough and you want to grab a bigger hammer, then this might be a right tool for you.

• SaaSHub

  www.saashub.com sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

Suggest a related project