A summary of the existing tools today for secret management on Kubernetes platform. The post focused on tools that integrate well with GitOps flow, and featuring a new tool that we built at Soluto
Vitess is a database solution for deploying, scaling and managing large clusters of MySQL instances. It's architected to run as effectively in a public or private cloud architecture as it does on dedicated hardware. It combines and extends many important MySQL features with the scalability of a NoSQL database. Vitess can help you with the following problems:
kubefwd is an open source utility that helps to enable a seamless and efficient way to develop applications and services on a local workstation. Locally develop applications that intend to interact with other services in a Kubernetes cluster.
Kube-hunter is a tool that you can use to scan and secure your Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments. Tesla was one of the companies that have left hundreds of Kubernetes administration consoles accessible over the internet without security measures or password protection. scanning and monitoring changes on containers may help to avoid similar situations.
Sekret is a tool to edit encrypted Kubernetes Secrets YAML as plain text.
TK8 is a command line tool written in Go. It fully automatates the installation of Kubernetes on any environment. With TK8, you are able to centrally manage different Kubernetes clusters with different configurations. In addition, TK8 with its simple add-on integration offers the possibility to quickly, cleanly and easily distribute extensions to the different Kubernetes clusters.
Multicluster-controller is a Go library for building Kubernetes controllers that need to watch resources in multiple clusters. It uses the best parts of controller-runtime (the library powering kubebuilder and now operator-sdk) and replaces its API (the manager, controller, reconcile, and handler packages) to support multicluster operations.
An interactive kubernetes client featuring auto-complete using go-prompt.
Just like Kubernetes, Spinnaker is a technology that is battle tested, with Netflix using Spinnaker internally for continuous delivery. Like Kubernetes, Spinnaker is backed by some of the biggest names in the industry, which helps breed confidence among users.
Harbor is an open source cloud native registry that stores, signs, and scans container images for vulnerabilities. Harbor solves common challenges by delivering trust, compliance, performance, and interoperability. It fills a gap for organizations and applications that cannot use a public or cloud-based registry, or want a consistent experience across clouds.
One of my bug bears about Kubernetes (K8s) and even with the managed versions such as GKE is that you still need to twist way too many knobs and are into the weeds way too quickly , so much so I am pretty sure my team mates are tired of me saying “ The old me would love K8s (managed version or not ) “ as coming from an operational background it was designed to keep the old me happy !