Our great sponsors
- InfluxDB - Collect and Analyze Billions of Data Points in Real Time
- Onboard AI - Learn any GitHub repo in 59 seconds
- SaaSHub - Software Alternatives and Reviews
-
adeploy
Universal deployment tool for Kubernetes that supports rendering and deployment of lightweight Jinja templated k8s manifests as well as complex Helm charts.
We wrote adeploy which brings Jinja templating for both vanilla manifests and Helm Charts which includes a bench of useful Jinja templating functions i.e. for labeling, secret management etc... The tool supports multiple deployments at different namespaces/releases with different Jinja variables and also includes support to deploy secrets directly from GoPass. It can also be used in CI/CD while secrets are not re-deployed when running via CI/CD. The tool still lacks of some detailed docs and a public pip repo, but this is wip.
-
kapp
kapp is a simple deployment tool focused on the concept of "Kubernetes application" — a set of resources with the same label
-
InfluxDB
Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
-
So, if you're fine with losing your app infra state and the respective locks - I'd go for both Flux and ArgoCD, and tf-controller, via Flux Subsystem for Argo. So, you'll get the niceties of both worlds, but Argo come on top in the end... both tf-controller and flux subsystem are a bit clunky, but still usable with some filing and minor contributions.
-
If you look into aws-ia stuff - they have a convention to create an IAM IRSA role for every deployed Helm chart, i.e. every deployed Kubernetes Helm Charts gets a permissions boundary. So, your crossplane, for instance, could manage all the respective resources without getting too much freedom.
-
... and if you're an opinionated person, like me, and you value consolidated infrastructure atomicity as a whole along side locks for everything. You'd port cherry-picked helm charts as terraform modules with k2tf, and build every docker container from scratch, with forced layer invalidation to perform security updates for every image, using the docker and kubernetes providers respectively.
-
... and if you're an opinionated person, like me, and you value consolidated infrastructure atomicity as a whole along side locks for everything. You'd port cherry-picked helm charts as terraform modules with k2tf, and build every docker container from scratch, with forced layer invalidation to perform security updates for every image, using the docker and kubernetes providers respectively.
-
There's json generation libraries. Don't know why they didn't mention jsonnet, which is much more popular than either one and has fairly wide usage in the k8s community
-
Onboard AI
Learn any GitHub repo in 59 seconds. Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at www.getonboard.dev.
-
Related posts
- libvirt-k8s-provisioner - Ansible and terraform to build a cluster from scratch in less than 10 minutes ok KVM - Updated for 1.26
- Question for declarative GitOps managed shops
- Git going with GitOps on AKS: A Step-by-Step Guide using FluxCD AKS Extension
- OpenTF Announces Fork of Terraform
- Istio moved to CNCF Graduation stage