This repository serves as an entry-point for multiple community-maintained components in the Kubermatic ecosystem. Feedback is highly encouraged đź‘Ť
Dedicated components for customer purposes.
Name | Description |
---|---|
Overview Manage Cluster via API/Cluster CRD with GitOps Tooling | |
api/cluster-management-by-api | Bash based management scripts to specify your KKP cluster by API for CI/CD or GitOPs purposes, see Cluster Provisioning by API via Bash/Curl. |
api/terraform-kkp-cluster-provider | Terraform based management of KKP user cluster for GitOps, see KKP Terraform REST Provider. |
api/cluster-management-by-crds | Management of KKP user cluster via Cluster or ClusterTemplate objects as .yaml files for GitOps, see Cluster management for KKP with Cluster CRDs |
certificates/self-signed-ca | How to create and managed self-signed CA at KKP |
controllers/aws-private-ip-enforce-controller | Enforces the assignPublicIP: false flag on all user cluster machine deployments |
controllers/component-override-controller | This bash-controller watches over Cluster objects and controls part of the spec.componentOverride. |
controllers/external-dns-route53 | external-dns is a controller that automatically creates dns records for your ingresses and loadbalancer services. This is a chart that deploys an opinionated configuration for working with AWS Route 53 |
controllers/pod-cidr-controller | This bash-controller watches over Cluster objects and patches spec.clusterNetwork.pods.cidrBlocks |
cron-jobs/scale-down | running a cron job that scales down worker nodes during non work hours and weekends. |
id-management/active-directory | Example how to configure KKP with Active Directory |
id-management/openldap | Helm based OpenLDAP setup to deploy a indipendent LDAP server into Kubernetes for testing purposes |
id-management/keycloak | Example on how to configure and integrate KeyCloak setup as custom OIDC provider into Kubermatic KKP |
loadbalancers/metallb | Example config for MetalLB what aims to redress this imbalance by offering a Network LB implementation that integrates with standard network equipment |
logging/audit/static-audit-log | Description how static audit logging could get configured |
vm-images/packer-ubuntu1804-vsphere-template | A packer template to customize an ubuntu 18.04 cloud-image on vSphere |
s3/s3-syncer-aws-cli | s3-syncer based CronJob on the aws s3 cli to sync two different S3 locations as well Azure (by Minio Azure Gateway) |
s3/s3-dbdump-syncer | s3-syncer based CronJob creates a DB dump of a postgres SQL database and sync it via the aws s3 cli to a target S3 location. |
vmware-exporter | Helm chart for VMware Exporter and Dashboard for Prometheus and Grafana for monitoring of vSphere environments in the KKP MLA stack. |
nutanix-exporter | Helm chart for nutanix-exporter - exporter for Prometheus that can be used for monitoring of Nutanix-based environments. |
user-cluster-alertmanager-alerts | Set of user-cluster alert rules for usage with User-Cluster MLA. See cluster-mamangement-by-api to deploy Alertrules programatically. |
user-cluster-grafana-dashboards | Set of user-cluster grafana dashboards for usage with User-Cluster MLA. |
Name | Description |
---|---|
vSphere kubeOne / Kubermatic demo | an example for running kubermatic on vSphere with kubeOne to install the |
AWS EKS -D kubeOne demo | an example for creating a Cluster running Amazon EKS-D |
Bare Metal - KubeOne Static Hosts | Example how to managed static bare metal workers. The "bare metal" workers are simulated with vSphere by terraform automation |
Bare Metal - KKP and kubeadm join implementation examples | Example how to use kubeadm to join the KKP managed controlplan: 1 Manual Example, 2 SSH Multi Client join script |
Baremetal node provisioning with OSM | This method allows you to provision a baremetal machine as a Kubernetes node, using the provisioning logic of OSM as provided by the specific OSP. |
Configuration and tooling for common used KKP - Guides - Addon for user cluster customization.
Name | Description |
---|---|
Makefile | Wrapper for building KKP addons for a dedicated version |
addon-manifests | Holding the AddonConfig custom resource specifications for a set of addons to configure KKP UI |
custom-addon/dns-resolve-overwrite | A DaemonSet with privileged permissions to overwrite the host DNS at the kubernetes nodes |
custom-addon/echoserver | Simple echo server application as an example workload deployment with ingress config |
custom-addon/ingress-nginx | Deploys the Ingress Nginx Controller to the user cluster |
custom-addon/trident-installer | Addon for NetApp Trident storage support into a user cluster |
custom-addon/openebs | OpenEBS addon for on-premise users without distributed storage |
custom-addon/amd-gpu | AMD-GPU device plugin addon |
custom-addon/kubeflow | Kubeflow Machine Learning Toolkit |
custom-addon/ntp-sync | DaemonSet to execute ntpdate primary secondary scheduled on every node of a cluster |
custom-addon/docker-pull | DaemonSet to pull e.g. docker.io based images on every node with a docker-secret, to prevent rate-limited infrastructure pods. |
custom-addon/flux2 | Deploys Flux for keeping your Kubernetes clusters in sync with sources of configuration (like Git repositories). |
custom-addon/argocd | Deploys ArgoCD - a declarative, GitOps continuous delivery tool for Kubernetes (as high availability installation). |
------- ARCHIVED --- | |
custom-addon/helm-operator | Deploys the FluxCD - Helm Operator for managing additional deployment trough Helm by CRD |
custom-addon/loki-stack | (Requires Helm Operator) Add Grafana Loki stack based on Grafana Loki Charts |
custom-addon/theia-ide | Customized KKP addon for quickly using Eclipse Theia IDE at your Kubernetes cluster. |
custom-addon/metallb | MetalLB cluster addon for on-premise user cluster without native LB support |
custom-addon/metallb-v2 | MetalLB cluster addon for on-premise user cluster without native LB support - with advanced config options, see MetalLB - Configuration. Used if IP range config is not enough. |
custom-addon/archive/kube-proxy-ipvs-patch | Custom overwrite Addon to patch IPVS mode to strictARP: true . |
Configuration and tooling for common used KKP - Guides - Application for user cluster customization.
Name | Description |
---|---|
README.md - Values | Sample values yaml for the Applications |
argocd-app | Argo CD - Declarative Continuous Delivery for Kubernetes. |
echoserver-app | Echo Server Example App |
eclipse-che-app | Preconfigured Eclipse Che IDE App |
external-dns-app | Using externalDNS to manage DNS Entries in an automated way in scope of an KKP user cluster |
flux2-app | Flux GitOps sync tool for application deployment |
harbor-app | Harbor App for user Clusters |
sysdig-secure-app | Sysdig Secure Integration for KKP User Clusters |
hivemq-app | HiveMQ Operator App to manage HiveMQ clusters in KKP user clusters |
Some useful containers to work with KubeOne and KKP
Name | Description |
---|---|
kubeone-tool-container | A docker container with various tools to work with KubeOne and Kubernetes |
kubermatic-dev-ui | Complete DEV UI Container including KubeOne and various tools to work with KubeOne, KKP and Kubernetes via a Frontend UI |
List of helper scripts and tools
Name | Description |
---|---|
git-crypt | git-crypt is a tooling to encrypt git repositories based GPG keys |
kubeone-makefile | Contains a template Makefile to manage KubeOne deployments |
kubermatic-installer-script | Contains a standalone usage of kubermatic - deploy.sh repo installation script for own installations. |
kubermatic-makefile | Contains a template Makefile to manage kubermatic deployments |
ssh-debug | SSH Debug Client for quickly ssh to nodes in an internal network |
vault/vault-k8s-mapper | Maps Vault secret as native Kubernetes secret into a defined namespace/secret. |
vault/vault-kv-management.sh | Management script to up/download secrets to a vault secret kv store. |
delete-evicted-pods-all-ns.sh | Deletes pods in state evicted |
headless.vnc.test.container.yaml | docker-headless-vnc-container container containing Linux UI exposed via webvnc for testing e.g. dashboards from internal cluster view |
kill-kube-ns.sh | kills a pending kubernetes namespace |
kube-node-cleanup.sh | cleanup a kubernetes node with some potential leftovers |
kubeconfig-kubermatic-serviceaccount.sh | creates an kubermatic service account at an seed cluster |
machinedeployment-patch.gce.sh | Scripts patches some specification of an Cluster API MachineDeployment object. |
set-build-tags-to-image.sh | Set dedicated build tags to the Kubermatic Charts |
untaint_master.sh | untaints all master nodes, to be able to schedule workload |
bash-port-scanner.sh | A Bash bases Port-Scanner which is able to scan ports without any dependencies or tools like nmap |
pvc.test.yaml | small pod + pvc to test if storage provisioning works |
refresh-all-service-accounts-in-cluster.sh | script to refresh all service accounts token (stored as secrets) and restart dependent pods semi-automatic |
local-connect-k8s-services.sh | A small helper script to kubectl port-forward a handful of service, in the example the typical MLA services prometheus , grafana , alertmanager |
ssh-jumphosts-template.sh | Template to create a jumphost script with predefined enviroments. |
Infrastructure benchmarking | Documentation on how to benchmark various infrastrucutre elements used for hosting a kubernetes cluster. |
KKP Project Viewer Service Account | Adding a service account with view-only rights to your KKP Master Cluster |
KubeVirt Debug VM (Ubuntu) | KubeVirt Ubuntu VM with SSH add cloud-init to test or debug kubevirt environments |
Helpful how-tos and detailed documentation:
Name | Description |
---|---|
setup-checklist/kkp | Detailed requirement documentation to setup Kubermatic KKP at different environments |
setup-checklist/kubeone | Detailed requirement documentation to setup KubeOne at different environments |
how-to-convert-to-docx | Commands to convert markdown to docx |
migrate-helm2-to-helm3 | This document shows you how to migrate Heml releases from using Helm version 2.x with Tiller to being managed by Helm version 3.x in place. |
node-health-check | This doc describes how Kubermatic node health checks works |
nvidia-gpu-operator | How to enable GPU support for KKP clusters by NVIDIA - GPU Operator |
offline-setup | How to run kubermatic in offline environments |
upload-ova-with-govc | How to upload ova by using govc |
how-to-collect-cluster-cpu-memory.md | How to collect the provisioned CPU/Memory of Kubernetes Clusters |
Guides how to operate KubeOne / KKP.
Name | Description |
---|---|
metallb-service-connection-drops-ipvs-strict-arp | Connection Drops of Service Type LoadBalancer provided by MetalLB. |
user-cluster-prometheus.md | Crash Looping Prometheus at KKP user cluster namespace |
manual-backup | How to create manual backup for your KKP/KubeOne setup. |
k8s-kubeconfig-expiring-failure.md | Expiring kubeconfig client certificate (at KubeOne Cluster example) |
If you encounter issues file an issue or talk to us on the #kubermatic channel on the Kubermatic Slack.
Thanks for taking the time to join our community and start contributing!
Feedback and discussion are available on #kubermatic channel.
- Please familiarize yourself with the Code of Conduct before contributing.
- See CONTRIBUTING.md for instructions on the developer certificate of origin that we require.
- We welcome pull requests. Feel free to dig through the issues and jump in.
See the list of releases to find out about feature changes.