gatekeeper

Gatekeeper - Policy Controller for Kubernetes (by open-policy-agent)

Gatekeeper Alternatives

Similar projects and alternatives to gatekeeper

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better gatekeeper alternative or higher similarity.

Suggest an alternative to gatekeeper

Reviews and mentions

Posts with mentions or reviews of gatekeeper. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2021-11-24.
  • Top 6 Kubernetes Security Tools
    6 projects | reddit.com/r/TutorialBoy | 24 Nov 2021
    Here's a link to Gatekeeper on Github
  • Container security best practices: Comprehensive guide
    17 projects | dev.to | 16 Nov 2021
    Gatekeeper provides a powerful language that can be used to define flexible rules to accept or reject containers based on the pod specification (e.g., enforce annotations, detect privileged pods, or using host paths) and the status of the cluster (e.g.m, require all ingress hosts to be unique within the cluster).
  • Expose Open Policy Agent/Gatekeeper Constraint Violations for Kubernetes Applications with Prometheus and Grafana
    9 projects | dev.to | 18 Jun 2021
    by default and exposes metrics on path ```/metrics``` . It can run locally on your development box as long as you have a valid Kubernetes configuration in your home folder (i.e. if you can run kubectl and have the right permissions). When running on the cluster a ```incluster``` parameter is passed in so that it knows where to look up for the cluster credentials. Exporter program connects to Kubernetes API every 10 seconds to scrape data from Kubernetes API. We've used [this](https://medium.com/teamzerolabs/15-steps-to-write-an-application-prometheus-exporter-in-go-9746b4520e26) blog post as the base for the code. ## Demo Let's go ahead and prepare our components so that we have a Grafana dashboard to show us which constraints have been violated and how the number of violations evolve over time. ### 0) Required tools - [Git](https://git-scm.com/downloads): A git cli is required to checkout the repo and - [Kubectl](https://kubernetes.io/docs/tasks/tools/) and a working K8S cluster - [Ytt](https://carvel.dev/ytt/): This is a very powerful yaml templating tool, in our setup it's used for dynamically overlaying a key/value pair in all constraints. It's similar to Kustomize, it's more flexibel than Kustomize and heavily used in some [Tanzu](https://tanzu.vmware.com/tanzu) products. - [Kustomize](https://kustomize.io/): Gatekeeper-library relies on Kustomize, so we need it too. - [Helm](https://helm.sh/): We will install Prometheus and Grafana using helm - Optional: [Docker](https://www.docker.com/products/docker-desktop): Docker is only optional as we already publish the required image on dockerhub. ### 1) Git submodule update Run ```git submodule update --init``` to download gatekeeper-library dependency. This command will download the [gatekeeper-library](https://github.com/open-policy-agent/gatekeeper-library) dependency into folder ```gatekeeper-library/library``` . ### 2) Install OPA/Gatekeeper If your K8S cluster does not come with Gatekeeper preinstalled, you can use install it as explained [here](https://open-policy-agent.github.io/gatekeeper/website/docs/install/). If you are familiar with helm, the easiest way to install is as follows: ```bash helm repo add gatekeeper https://open-policy-agent.github.io/gatekeeper/charts helm install gatekeeper/gatekeeper --generate-name
  • Writing a Kubernetes Admission Controller
    4 projects | dev.to | 11 Apr 2021
    OPA/Gatekeeper
  • Checking Your --privileged Container
    8 projects | reddit.com/r/BSidesSF | 9 Mar 2021
    OPA Gatekeeper: https://github.com/open-policy-agent/gatekeeper
  • Threat Actors Now Target Docker via Container Escape Features
    5 projects | news.ycombinator.com | 13 Feb 2021
  • Want to contribute to OPA
    2 projects | reddit.com/r/kubernetes | 12 Feb 2021
  • Infrastructure Engineering - Diving Deep
    11 projects | dev.to | 14 Jan 2021
    If you would like to do cluster level authorization to assign roles, policies and access controls, you can make use of either OPA Gatekeeper or rely on RBAC to get the job done for you
  • A quick overview of OPA Gatekeeper
    2 projects | dev.to | 21 Dec 2020
    Think of OPA Gatekeeper as a wrapper that provides you a predefined _ pattern _ to help you setup OPA Policies. This basically means configuring OPA for Kubernetes is as simple as applying a single (large) YML file that has all the necessary components covered. Behind the scenes, it will create a Namespace, a Service which will serve the webhooks, an Ingress, and two special Custom Resource Definitions. The two special CRDs namely ConstraintTemplate and Constraint are what makes writing policies easy for you as a user.

Stats

Basic gatekeeper repo stats
9
2,151
9.3
6 days ago

open-policy-agent/gatekeeper is an open source project licensed under Apache License 2.0 which is an OSI approved license.

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
Find remote Go jobs at our new job board 99remotejobs.com. There are 8 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.