Skip to content

kubermatic/community-components

Repository files navigation

Overview

This repository serves as an entry-point for multiple community-maintained components in the Kubermatic ecosystem. Feedback is highly encouraged đź‘Ť

Components

Dedicated components for customer purposes.

Name Description
Overview Manage Cluster via API/Cluster CRD with GitOps Tooling
api/cluster-management-by-api Bash based management scripts to specify your KKP cluster by API for CI/CD or GitOPs purposes, see Cluster Provisioning by API via Bash/Curl.
api/terraform-kkp-cluster-provider Terraform based management of KKP user cluster for GitOps, see KKP Terraform REST Provider.
api/cluster-management-by-crds Management of KKP user cluster via Cluster or ClusterTemplate objects as .yaml files for GitOps, see Cluster management for KKP with Cluster CRDs
certificates/self-signed-ca How to create and managed self-signed CA at KKP
controllers/aws-private-ip-enforce-controller Enforces the assignPublicIP: false flag on all user cluster machine deployments
controllers/component-override-controller This bash-controller watches over Cluster objects and controls part of the spec.componentOverride.
controllers/external-dns-route53 external-dns is a controller that automatically creates dns records for your ingresses and loadbalancer services. This is a chart that deploys an opinionated configuration for working with AWS Route 53
controllers/pod-cidr-controller This bash-controller watches over Cluster objects and patches spec.clusterNetwork.pods.cidrBlocks
cron-jobs/scale-down running a cron job that scales down worker nodes during non work hours and weekends.
id-management/active-directory Example how to configure KKP with Active Directory
id-management/openldap Helm based OpenLDAP setup to deploy a indipendent LDAP server into Kubernetes for testing purposes
id-management/keycloak Example on how to configure and integrate KeyCloak setup as custom OIDC provider into Kubermatic KKP
loadbalancers/metallb Example config for MetalLB what aims to redress this imbalance by offering a Network LB implementation that integrates with standard network equipment
logging/audit/static-audit-log Description how static audit logging could get configured
vm-images/packer-ubuntu1804-vsphere-template A packer template to customize an ubuntu 18.04 cloud-image on vSphere
s3/s3-syncer-aws-cli s3-syncer based CronJob on the aws s3 cli to sync two different S3 locations as well Azure (by Minio Azure Gateway)
s3/s3-dbdump-syncer s3-syncer based CronJob creates a DB dump of a postgres SQL database and sync it via the aws s3 cli to a target S3 location.
vmware-exporter Helm chart for VMware Exporter and Dashboard for Prometheus and Grafana for monitoring of vSphere environments in the KKP MLA stack.
nutanix-exporter Helm chart for nutanix-exporter - exporter for Prometheus that can be used for monitoring of Nutanix-based environments.
user-cluster-alertmanager-alerts Set of user-cluster alert rules for usage with User-Cluster MLA. See cluster-mamangement-by-api to deploy Alertrules programatically.
user-cluster-grafana-dashboards Set of user-cluster grafana dashboards for usage with User-Cluster MLA.

Kubermatic Example Setups

Name Description
vSphere kubeOne / Kubermatic demo an example for running kubermatic on vSphere with kubeOne to install the
AWS EKS -D kubeOne demo an example for creating a Cluster running Amazon EKS-D
Bare Metal - KubeOne Static Hosts Example how to managed static bare metal workers. The "bare metal" workers are simulated with vSphere by terraform automation
Bare Metal - KKP and kubeadm join implementation examples Example how to use kubeadm to join the KKP managed controlplan: 1 Manual Example, 2 SSH Multi Client join script
Baremetal node provisioning with OSM This method allows you to provision a baremetal machine as a Kubernetes node, using the provisioning logic of OSM as provided by the specific OSP.

Kubermatic Addons

Configuration and tooling for common used KKP - Guides - Addon for user cluster customization.

Name Description
Makefile Wrapper for building KKP addons for a dedicated version
addon-manifests Holding the AddonConfig custom resource specifications for a set of addons to configure KKP UI
custom-addon/dns-resolve-overwrite A DaemonSet with privileged permissions to overwrite the host DNS at the kubernetes nodes
custom-addon/echoserver Simple echo server application as an example workload deployment with ingress config
custom-addon/ingress-nginx Deploys the Ingress Nginx Controller to the user cluster
custom-addon/trident-installer Addon for NetApp Trident storage support into a user cluster
custom-addon/openebs OpenEBS addon for on-premise users without distributed storage
custom-addon/amd-gpu AMD-GPU device plugin addon
custom-addon/kubeflow Kubeflow Machine Learning Toolkit
custom-addon/ntp-sync DaemonSet to execute ntpdate primary secondary scheduled on every node of a cluster
custom-addon/docker-pull DaemonSet to pull e.g. docker.io based images on every node with a docker-secret, to prevent rate-limited infrastructure pods.
custom-addon/flux2 Deploys Flux for keeping your Kubernetes clusters in sync with sources of configuration (like Git repositories).
custom-addon/argocd Deploys ArgoCD - a declarative, GitOps continuous delivery tool for Kubernetes (as high availability installation).
------- ARCHIVED ---
custom-addon/helm-operator Deploys the FluxCD - Helm Operator for managing additional deployment trough Helm by CRD
custom-addon/loki-stack (Requires Helm Operator) Add Grafana Loki stack based on Grafana Loki Charts
custom-addon/theia-ide Customized KKP addon for quickly using Eclipse Theia IDE at your Kubernetes cluster.
custom-addon/metallb MetalLB cluster addon for on-premise user cluster without native LB support
custom-addon/metallb-v2 MetalLB cluster addon for on-premise user cluster without native LB support - with advanced config options, see MetalLB - Configuration. Used if IP range config is not enough.
custom-addon/archive/kube-proxy-ipvs-patch Custom overwrite Addon to patch IPVS mode to strictARP: true.

Kubermatic Applications

Configuration and tooling for common used KKP - Guides - Application for user cluster customization.

Name Description
README.md - Values Sample values yaml for the Applications
argocd-app Argo CD - Declarative Continuous Delivery for Kubernetes.
echoserver-app Echo Server Example App
eclipse-che-app Preconfigured Eclipse Che IDE App
external-dns-app Using externalDNS to manage DNS Entries in an automated way in scope of an KKP user cluster
flux2-app Flux GitOps sync tool for application deployment
harbor-app Harbor App for user Clusters
sysdig-secure-app Sysdig Secure Integration for KKP User Clusters
hivemq-app HiveMQ Operator App to manage HiveMQ clusters in KKP user clusters

Containers

Some useful containers to work with KubeOne and KKP

Name Description
kubeone-tool-container A docker container with various tools to work with KubeOne and Kubernetes
kubermatic-dev-ui Complete DEV UI Container including KubeOne and various tools to work with KubeOne, KKP and Kubernetes via a Frontend UI

Helper

List of helper scripts and tools

Name Description
git-crypt git-crypt is a tooling to encrypt git repositories based GPG keys
kubeone-makefile Contains a template Makefile to manage KubeOne deployments
kubermatic-installer-script Contains a standalone usage of kubermatic - deploy.sh repo installation script for own installations.
kubermatic-makefile Contains a template Makefile to manage kubermatic deployments
ssh-debug SSH Debug Client for quickly ssh to nodes in an internal network
vault/vault-k8s-mapper Maps Vault secret as native Kubernetes secret into a defined namespace/secret.
vault/vault-kv-management.sh Management script to up/download secrets to a vault secret kv store.
delete-evicted-pods-all-ns.sh Deletes pods in state evicted
headless.vnc.test.container.yaml docker-headless-vnc-container container containing Linux UI exposed via webvnc for testing e.g. dashboards from internal cluster view
kill-kube-ns.sh kills a pending kubernetes namespace
kube-node-cleanup.sh cleanup a kubernetes node with some potential leftovers
kubeconfig-kubermatic-serviceaccount.sh creates an kubermatic service account at an seed cluster
machinedeployment-patch.gce.sh Scripts patches some specification of an Cluster API MachineDeployment object.
set-build-tags-to-image.sh Set dedicated build tags to the Kubermatic Charts
untaint_master.sh untaints all master nodes, to be able to schedule workload
bash-port-scanner.sh A Bash bases Port-Scanner which is able to scan ports without any dependencies or tools like nmap
pvc.test.yaml small pod + pvc to test if storage provisioning works
refresh-all-service-accounts-in-cluster.sh script to refresh all service accounts token (stored as secrets) and restart dependent pods semi-automatic
local-connect-k8s-services.sh A small helper script to kubectl port-forward a handful of service, in the example the typical MLA services prometheus, grafana, alertmanager
ssh-jumphosts-template.sh Template to create a jumphost script with predefined enviroments.
Infrastructure benchmarking Documentation on how to benchmark various infrastrucutre elements used for hosting a kubernetes cluster.
KKP Project Viewer Service Account Adding a service account with view-only rights to your KKP Master Cluster
KubeVirt Debug VM (Ubuntu) KubeVirt Ubuntu VM with SSH add cloud-init to test or debug kubevirt environments

Knowledge Base

Helpful how-tos and detailed documentation:

Name Description
setup-checklist/kkp Detailed requirement documentation to setup Kubermatic KKP at different environments
setup-checklist/kubeone Detailed requirement documentation to setup KubeOne at different environments
how-to-convert-to-docx Commands to convert markdown to docx
migrate-helm2-to-helm3 This document shows you how to migrate Heml releases from using Helm version 2.x with Tiller to being managed by Helm version 3.x in place.
node-health-check This doc describes how Kubermatic node health checks works
nvidia-gpu-operator How to enable GPU support for KKP clusters by NVIDIA - GPU Operator
offline-setup How to run kubermatic in offline environments
upload-ova-with-govc How to upload ova by using govc
how-to-collect-cluster-cpu-memory.md How to collect the provisioned CPU/Memory of Kubernetes Clusters

Runbook

Guides how to operate KubeOne / KKP.

Name Description
metallb-service-connection-drops-ipvs-strict-arp Connection Drops of Service Type LoadBalancer provided by MetalLB.
user-cluster-prometheus.md Crash Looping Prometheus at KKP user cluster namespace
manual-backup How to create manual backup for your KKP/KubeOne setup.
k8s-kubeconfig-expiring-failure.md Expiring kubeconfig client certificate (at KubeOne Cluster example)

Troubleshooting

If you encounter issues file an issue or talk to us on the #kubermatic channel on the Kubermatic Slack.

Contributing

Thanks for taking the time to join our community and start contributing!

Feedback and discussion are available on #kubermatic channel.

Before you start

  • Please familiarize yourself with the Code of Conduct before contributing.
  • See CONTRIBUTING.md for instructions on the developer certificate of origin that we require.

Pull requests

  • We welcome pull requests. Feel free to dig through the issues and jump in.

Changelog

See the list of releases to find out about feature changes.