Few computing platforms—even those of great power and scale—satisfy every need out of the box. While Kubernetes is useful out of the box, it’s far from complete. You can always find a use case or a need where the default Kubernetes feature set falls short, such as database support, or simply ignores, such as continuous delivery.
That’s where the broader Kubernetes community comes in, with add-ons, extensions, and bonus goodies for the container orchestration framework. Here are 11 of the top Kubernetes companions we’ve found. Some will complement any Kubernetes cluster, while others address specific needs that stock Kubernetes doesn’t address.
Clusterpedia: Manage resources for multiple Kubernetes clusters
Finding and managing resources in a single Kubernetes cluster is (mostly) a solved problem. But what about dealing with resources across multiple clusters? Clusterpedia allows you to search for resources in a group of Kubernetes clusters and synchronize different versions of resources across those clusters as needed. Synchronization can be paused or resumed either manually or automatically based on the cluster’s health. Clusterpedia doesn’t manage network connectivity between clusters, however; the documentation recommends using a tool like Submariner for that.
Gatekeeper: Kubernetes policy controls
The Open Policy Agent project (OPA) provides a way to create policies across cloud-native application stacks, from ingress to service-mesh components to Kubernetes. Gatekeeper provides a Kubernetes-native way to enforce OPA policies on a cluster automatically, and to audit for any events or resources violating policy. All this is handled by a relatively new mechanism in Kubernetes, admission controller Webhooks, that fire on changes to resources. With Gatekeeper, OPA policies can be maintained as just another part of your Kubernetes cluster’s defined state, without needing constant babysitting.
Helmify: Export Kubernetes YAML files to Helm charts
Helm charts make it easy to take someone else’s definition for a Kubernetes resource or application deployment and use it to deploy that resource or application yourself. But what if you want to take your own Kubernetes YAML definitions and translate them into Helm charts for someone else to use?
Helmify generates Helm charts from common Kubernetes definition objects—a YAML file, a directory of YAML files, or output from Kustomize. Helmify can also be integrated into Kubebuilder to make charts for operators generated by that tool. Examples, including input and output, are included with the project’s repo.
Kaniko: Build containers in a Kubernetes cluster
Most container images are built on a system outside of a container stack. Sometimes, though, you want to perform the build process inside a container stack—e.g., within a running container or somewhere on a Kubernetes cluster.
Kaniko performs container builds inside a container environment, but without relying on a container daemon like Docker to do the work. Instead, Kaniko extracts the file system from the base image, then executes all of the build commands in user space atop the extracted file system, taking a snapshot of the file system after each command.
Note that Kaniko currently cannot build Windows containers.
Kubecost: Cost metrics for running Kubernetes
Most Kubernetes administration tools focus on ease of use, monitoring, insight into pod behaviors, and the like. But what about monitoring the costs—as in the dollars and cents—associated with running Kubernetes?
Kubecost uses real-time Kubernetes metrics, and real-world cost information derived from running clusters on the major cloud providers, to provide a dashboard view of the monthly cost of each cluster deployment. Costs for memory, CPU, GPU, and storage are all broken out by Kubernetes component (container, pod, service, deployment, etc.).
Kubecost can also track the costs of “out of cluster” resources, such as Amazon S3 buckets, although this is currently limited to AWS. Cost data can even be shared back to Prometheus, so you can use the data to programmatically alter cluster behavior.
Kubecost is free to use if you only need to keep 15 days of logs. For more advanced features, pricing starts at $199 per month for monitoring 50 nodes.
KubeDB: Run production databases in Kubernetes
Databases have always been difficult to run elegantly in Kubernetes. You’ll find Kubernetes operators for the likes of MySQL, PostgreSQL, MongoDB, and Redis, but there are plenty of gaps. And the native Kubernetes feature set doesn’t directly address many of the specific problems with databases.
KubeDB allows you to create your own Kubernetes operators for managing databases. Running backups, cloning, monitoring, snapshotting, and declaratively creating databases are all part of the mix. Note that supported features vary among databases. For instance, clustering is available for PostgreSQL but not MySQL.
Kube-monkey: Chaos monkey for Kubernetes
One surefire way to stress test a system is to break stuff at random. That’s the theory behind Netflix’s Chaos Monkey, a chaos engineering tool that randomly terminates virtual machines and containers running in production to “encourage” developers to build more resilient systems. Kube-monkey is an implementation of the same basic idea for stress-testing Kubernetes clusters. It works by randomly killing pods in a cluster that you specifically designate, and can be fine-tuned to operate within specific time windows.
Kubernetes Ingress Controller for AWS
Kubernetes provides external load balancing and network services to a cluster through a service called Ingress. Amazon Web Services provides load balancing functionality, but doesn’t automatically couple these services to Kubernetes’ facilities for same. The Kubernetes Ingress Controller for AWS closes that gap.
The Kubernetes Ingress Controller for AWS manages AWS resources for each ingress object in a cluster automatically, creating load balancers for new ingress resources and deleting load balancers for removed ones. It uses AWS CloudFormation to ensure that cluster state remains consistent. It also supports CloudWatch Alarm configurations and auto-manages other elements used in the cluster like SSL certificates and EC2 Auto Scaling Groups.
Kubespray: Automated deployment for Kubernetes
Kubespray automates the deployment of a production-ready Kubernetes cluster in most any environment, from bare metal to the major public clouds. It uses Ansible (optionally Vagrant) to perform the deployment, and creates a highly available cluster with your choice of network plug-in (e.g. Flannel, Calico, Weave, etc.) and your choice among many popular Linux distributions for bare-metal installs.
Kwatch: State change reporting for Kubernetes
When a Kubernetes cluster turns south, you want to know asap. Kwatch detects all changes in cluster state (including application crashes) and publishes the results to popular communication services in real time: Slack, Discord, Microsoft Teams, PagerDuty, Telegram, Mattermost, Opsgenie. Most any communications service that has an API or webhook can be added, too.
Skaffold: Iterative development for Kubernetes
Skaffold is one of Google’s own tools for Kubernetes, a way to perform continuous deployment for Kubernetes apps. When you make changes to your source code, Skaffold automatically detects them, triggers the build and deploy process, and warns you if any errors surface. Skaffold runs entirely on the client side, so there is little setup or maintenance burden. It can be used in an existing CI/CD pipeline, and integrates with a few external build tools, chiefly Google’s own Bazel.
Teresa: A simple PaaS on Kubernetes
Teresa is an application deployment system that runs as a simple PaaS on Kubernetes. Users, organized into teams, can deploy and manage applications that belong to them. This makes it a little easier for people who are trusted with a given application to work with it, without having to deal with Kubernetes and all of its complexities.
Tilt: Stream container updates to Kubernetes clusters
Developed by Windmill Engineering, Tilt monitors changes to Dockerfiles, then deploys those changes incrementally to the appropriate containers in a Kubernetes cluster. In essence, Tilt allows developers to update a live cluster in real time merely by updating a Dockerfile. Tilt performs the build inside the cluster; the only changes pushed are source code. You can even snapshot cluster state and error conditions from a Tilt state to share with team members for debugging.