What is the biggest challenge you/your org faces while running k8s in production?

This page summarizes the projects mentioned and recommended in the original post on /r/kubernetes
Kubernetes kubernetes-ui Kubectl kubernetes-dashboard openid-connect

SurveyJS - Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App
With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
surveyjs.io
featured
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured

  • lens

    Lens - The way the world runs Kubernetes

    • https://k8slens.dev/ solves this exact issue via a feature called Spaces... Long story short, Cluster admin can give specific access to a Kubernetes cluster without sharing the KubeConfig file... You can create specific teams for your "Space" and give different access to each team via role bindings etc... It's pretty neat. Here's a blog that explains this in depth and how to do it... https://medium.com/k8slens/how-to-give-developers-secure-access-to-kubernetes-clusters-c6025f0dd288

  • kube-oidc-proxy

    Reverse proxy to authenticate to managed Kubernetes API servers via OIDC.

    • We use Keycloak for this purpose. We deploy an OIDC-proxy to the kube-api (https://github.com/jetstack/kube-oidc-proxy), then use the kubectl plugin 'kubelogin' (aka oidc-login if you use krew - https://github.com/int128/kubelogin). This gives us the ability to have no user secrets in our KUBECONFIG, and to use Keycloak's Active Directory/LDAP user & group federation to control access to clusters. With this, downloading the KUBECONFIG is self-service, and adding users to new clusters is as easy as adding them to a group in AD.

  • SurveyJS

    Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.

    SurveyJS logo

  • kubelogin

    kubectl plugin for Kubernetes OpenID Connect authentication (kubectl oidc-login)

    • We use Keycloak for this purpose. We deploy an OIDC-proxy to the kube-api (https://github.com/jetstack/kube-oidc-proxy), then use the kubectl plugin 'kubelogin' (aka oidc-login if you use krew - https://github.com/int128/kubelogin). This gives us the ability to have no user secrets in our KUBECONFIG, and to use Keycloak's Active Directory/LDAP user & group federation to control access to clusters. With this, downloading the KUBECONFIG is self-service, and adding users to new clusters is as easy as adding them to a group in AD.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Mirantis K8s Lens closed its source

    4 projects | news.ycombinator.com | 24 Mar 2024

  • Overview of Kubernetes Lens

    2 projects | /r/kubernetes | 2 Dec 2021

  • Introduction to Helm: Comparison to its less-scary cousin APT

    2 projects | dev.to | 9 Feb 2024

  • Imagine the best Kubernetes Dashboard. What does it have?

    3 projects | /r/devops | 10 Dec 2023

  • observing logs from Kubernetes pods without headaches

    2 projects | /r/kubernetes | 26 Aug 2023