◻️ 🧑🏻‍🤝‍🧑🏻 ⭕️ 90+ useful tools for Kubernetes: deployment, management, monitoring, security and more 🧑🏿 🦇 👩🏼‍🎨

In the fall of 2018, we published a list of 25 useful Kubernetes tools . Since then, the platform has grown in popularity . The ecosystem of container orchestration is booming, you can find auxiliary tools for almost any task.

Therefore, the Kubernetes aaS team from Mail.ru updated and supplemented the selection. We bring to your attention a list with almost a hundred useful tools that simplify the lives of those who work with Kubernetes.

Cluster Deployment Tools

1. Keel

Kubernetes statement that automates updates to DaemonSet, StatefulSet, Helm, and Deployment. One command, no dependencies, configuration files and locks.

2. Kube-prod-runtime

A set of Kubernetes services that simplifies production work under heavy load. Provides cluster performance monitoring, logging, certification management and automatic discovery of resources in K8s through public DNS servers. This is a useful set of services for other infrastructure needs.

3. K3sup

After installing k3sup (pronounced ketchup), you can generate kubeconfig in any local or remote virtual machine in a matter of seconds.

4. Mail.Ru Cloud Solutions: Cloud Containers

You can deploy Kubernetes clusters on the platform in the form of a cloud service: in a few minutes you will get a cluster ready for work without the need for configuration and upgrade it to the correct version. Clusters are also easy to scale - they work on the Mail.Ru infrastructure, designed for highly loaded services.

5. Kubeadm

Kubernetes Cluster Initialization Tool in the optimal configuration for your infrastructure. The main advantage is the ability to run minimally viable Kubernetes clusters in any environment. Add-ons and network settings are not included in the configuration out of the box, everything will have to be configured manually.

6. Kubespray

Ansible Role Set for Kubernetes Deployment and Configuration. It works on different cloud platforms: AWS, GCE, Azure, Mail.Ru Cloud Solutions, OpenStack and bare metal IaaS. This is an open source project built on kubeadm. Suitable for those who are familiar with Ansible - with this tool you do not need to know anything else to deploy all the necessary resources.

7. Conjure-up

Allows you to deploy Kubernetes with just a few commands, supports localhost, bare metal deployments in cloud environments, including OpenStack.

8. Minikube

A good start for those who are just getting to know Kubernetes. The tool allows users to easily run a single-node cluster locally inside a virtual machine on a user's laptop. Supported on Mac OS X, Windows, and Linux.

9. MicroK8s

A tool for Kubernetes users to deploy a stand-alone cluster on a Linux server is well suited for Edge and IoT.

10. Bootkube

Launches stand-alone clusters and helps set up the temporary Kubernetes management plane. Bootkube can also be used to create the necessary resources that will be used when the new cluster is booted.

11. RKE by Rancher

Kubernetes certified CNCF distribution inside containers. Allows you to simplify and automate the installation of Kubernetes, not depend on the operating system and platform on which you work.

Monitoring tools

12. Kube-state-metrics

A simple utility for listening to the Kubernetes API server, helps in generating metrics about the state of objects. Focuses on the health of various objects within the cluster, including nodes, hearths, and deployments.

13. Kubebox

A terminal console that allows you to manage the Kubernetes cluster and monitor its status in real time. The cluster monitor shows what happens with the hearth resources, container logs, and other parameters. Allows you to easily navigate to the desired namespace and execute the command in the desired container. This helps to quickly cope with problems and restore work.

14. Rakess

The Rakess plugin (Review Access) shows all access rights to the Kubernetes cluster. Of course, for individual resources, you can check with the kubectl auth can-i list deployments command, but it does not provide complete information about all resources on the server.

15. Kubetail

Bash script that allows you to aggregate the logs of many hearths into one stream. In the original version, it does not know how to filter or select, but on Github there is a separate fork that allows you to colorize the logs using MultiTail.

16. Stern

Another Kubernetes hearth tail tool. Features: the use of regular expressions for convenient filtering of hearths (you do not need to know specific IDs), similarly you can filter individual containers for requested hearths, there are standard and custom Go-templates for displayed logs, restriction of log output by time period or number of lines and much more .

17. Prometheus

We cannot but mention again this open source monitoring and notification tool, which has long become the standard for monitoring Kubernetes. It is integrated with all popular programming languages, helps to create your own metrics and contains many ready-made integrations with popular technologies, for example: PostgreSQL, MySQL, ETCD.

Using the Prometheus Operator, you can create Prometheus instances in Kubernetes clusters, including tight integration with Grafana and Alertmanager.

18. Jaeger

An open source trace tool. Able to monitor transactions and service dependencies in distributed systems, identify and troubleshoot. One way to get started with it in Kubernetes is to use the special Jaeger operator .

19. Searchlight

Kubernetes operator for Icinga . Able to run periodic checks on Kubernetes clusters, and then send notifications by e-mail, SMS or chat, if something goes wrong. The default tool includes a test suite specifically for Kubernetes. With its help, it is possible to expand the monitoring capabilities of Prometheus, it will also become a backup system if internal monitoring systems completely fail.

20. Kubernetes Operational View (Kube-ops-view)

Read-only system dashboard capable of working with many Kubernetes clusters. Allows you to conveniently move between clusters, track nodes and hearth status. Visualizes a number of processes, such as the creation and destruction of hearths.

21. Kubewatch

Runs in pods in the Kubernetes cluster, monitors system changes, after launch you will receive notifications via web hooks. You can customize your notifications simply by editing the configuration file.

22. Weave Scope

Track and troubleshoot Kubernetes and Docker clusters so you can easily identify and fix problems with containerized applications. You can use it to identify application performance bottlenecks.

23. Turbonomic / Kubeturbo

Provides visibility of your entire stack, allows you to monitor the effectiveness of the underlying infrastructure and the performance of running microservices in Kubernetes.

Testing

24. Kubeval

Tool for checking Kubernetes YAML or JSON configuration file. Validation is performed using schemas generated from Kubernetes OpenAPI. This allows schema validation for different versions of Kubernetes.

25. Helm-kubeval

Helm plugin used to validate diagrams against Kubernetes schemas. You can select specific versions of Kubernetes to check the diagrams.

26. BotKube

BotKube can monitor, debug, and run checks on Kubernetes clusters. The tool also integrates with various messaging platforms such as Slack and Mattermost. The benefits are open source and easy setup.

27. Sonobuoy

Sonobuoy is a diagnostic tool for checking compliance, debugging workloads, and conducting custom tests to help determine cluster status. Tests are performed in a non-destructive manner, while clear, informative reports are generated.

28. Snyk Container

Snyk helps you quickly find and fix vulnerabilities in Kubernetes containers and applications throughout the entire development life cycle.

29. Kube-monkey

Following the principles of chaos engineering, Kube-monkey will randomly remove Kubernetes modules in the cluster and check the development of fault tolerant services.

30. K8s-testsuite

Consists of two Helm diagrams for testing network bandwidth and load testing Kubernetes clusters. This will help ensure that their configuration is correct, as well as the health of the services and the correct load distribution.

31. PowerfulSeal

The tool is specific to Kubernetes and also follows the principles of chaos engineering, allowing you to check objects that work in containers. It can also be used to manually verify selected cluster components through interactive mode. After deployment, the tool works autonomously.

Safety

32. Harbor

Harbor registries protect images with containers by introducing role-based access control. The tool also checks images for vulnerabilities and signs them as reliable.

33. Kubesec

An open source Kubernetes resource security risk analysis tool. With it, you can control the system and get a complete list of recommendations to improve its overall security.

34. Permission-Manager

This SIGHUP development application makes it easy to manage access roles for Kubernetes through Role-Based Access Control. Create users, assign a namespace / permission, and distribute Kubeconfig YAML files.

35. Kube-scan

Octarine 's tool focuses on risk assessment in Kubernetes workloads. Kube-scan runs as under in clusters and evaluates 30 security parameters to derive the most acceptable level of risk. The tool then analyzes which parameters work in tandem to understand which combinations will reduce the level of threats.

36. K-rail

K-rail is designed for situations where you need a little more control in the implementation of your policies. There are many easy ways to elevate privileges, but in a multi-tenant cluster, they can be dangerous or cause instability.

37. KeyCloak

KeyCloak is an open source user and identity management tool. It adds an application authentication feature and helps with minimal effort to ensure the security of services. Eliminates the need to understand in detail the maintenance of a list of users and their authentication. All this now works right out of the box.

38. Aquasec

The tool is designed to protect Kubernetes installations throughout their entire life cycle. It deploys a dedicated agent on each container, acting as a firewall and eliminating possible vulnerabilities. You can manage security restrictions through the central console. In addition, the tool allows you to use flexible security settings in local and cloud environments.

Another open source tool is associated with it - Kube-Bench , which checks the Kubernetes environment using tests from the CIS Kubernetes Benchmark document.

39. Tigera

A tool from the creators of the Calico project , a set of Kubernetes network security solutions with support for multi-cloud and legacy environments through an automated universal security policy.

40. Klum

Klum, or Kubernetes Lazy User Manager, performs simple tasks such as creating / deleting / changing users. It issues kubeconfig files and manages user roles.

41. StrongDM

StrongDM is a management plane for checking security and access to your servers and / or databases. Consists of an authentication API, a proxy server that supports the protocol, and a log repository.

42. Falco

An open source cloud security tool that detects risks for Kubernetes. Notices unexpected behavior of the application and notifies about threats during its execution.

43. Sysdig Secure

A platform for monitoring the security of microservices and containers. Kubernetes and Docker are supported. It can be used in the cloud and locally.

Useful Utilities

44. Krew

Krew helps developers find useful kubectl plugins for programs and install and manage them later. This tool is similar to APT , DNF or Homebrew .

45. Ksniff

A plugin for kubectl that effectively uses Wireshark and tcpdump to remotely capture traffic from any pod in a Kubernetes cluster.

46. Kube-ps1

The Kube-ps1 script adds the current Kubernetes context and the configured namespace from kubectl to the Bash / Zsh console, no commands are required.

47. Kubefwd

If you are running Kubernetes services on a remote cluster, Kubefwd will help redirect them to your local workstation. No modifications are required: if you use kubectl, you already meet all the requirements.

48. Kubeterminal

It is more of a helper tool that complements kubectl and your console in Kubernetes.

49. Skaffold

Skaffold is a console utility that helps ensure the continuous development of Kubernetes applications. The tool is very lightweight and does not require components on the cluster side.

50. Kubectl-aliases

Simple and very powerful alias generator for kubectl. With it, you can very quickly write commands for the daily administration of Kubernetes, as it provides more than 800 short aliases for all occasions.

51. Kubectx / Kubens

The open source utility, which complements Kubectl, allows you to switch context and connect to multiple Kubernetes clusters at the same time, as well as move between namespaces. There is support for autofill in the bash / zsh / fish shells.

kubectxHelps switch between clusters back and forth:

kubens Helps seamlessly switch between Kubernetes namespaces:

52. Kube-shell

A tool that speeds up work with kubectl. Autocomplete commands, offers different options, searches for and corrects commands that are entered incorrectly, displays in-line help about the commands that are executed.

53. Tilt

If you rarely exit the console, Tilt synchronizes all changes with the cluster and updates the servers so that you can immediately see how the changes made affect the system. The tool shows the status of each resource, issues logs for each of them, or all together. All updates are performed inside the container, which makes them very fast.

54. Kail (Kubernetes Tail)

The tool allows you to track Docker logs for the desired hearths. It filters pods by service, deployment, label, and other parameters. In accordance with the filtering criteria, the hearths after launch will be automatically added to the journal or deleted from it.

Development tools

55. Helm

Package manager, helps manage Kubernetes applications with Helm Charts. This allows users to create reproducible assemblies that can be shared.

56. Helm-2to3

This plugin helps developers transfer configuration from Helm v2 to Helm v3 with the appropriate configuration cleanup .

57. Rook

Rook helps automate various data warehouse tasks, such as deployment, loading, scaling, updating, and so on. This ensures that the solution of any supplier (Ceph, EdgeFS, CockroachDB, Cassandra, NFS, Yugabyte DB) will work stably on Kubernetes.

58. Contour

Contour, an Kubernetes ingress controller, provides a control plane for Ingress and the service proxy.

59. Shell-operator

Shell Operator makes it easy to create Kubernetes operators. It provides integration between Kubernetes cluster events and shell scripts. Simplifies cluster management.

60. Helm-operator-get-started

Helps manage your Helm releases.

61. Helmfile

Helm chart release management tool. Allows you to describe a lot of helm releases in one place, set the order of their deployment and do other useful things.

62. Kudo

Kudo simplifies the creation of Kubernetes statements, mainly using YAML. It provides off-the-shelf operators that can be configured out of the box.

63. Helm-docs

This tool automatically generates documentation from Helm diagrams in the markdown file. This file contains metadata, including a table with all chart values and default values.

64. Telepresence

Allows local debugging of the Kubernetes service, simplifying the development process.

65. Kubectl-debug

Allows you to run an additional container in the pod you are interested in. The new container will use the namespace in conjunction with the target container / containers.

66. Ksync

Almost instantly synchronizes your local system files with the Kubernetes cluster. Suitable if you are using scripts where the main problem is delivering code to a running container.

67. Squash

Used to debug processes while they are running in a cluster. Easy to use, you can interactively select the desired debugger and namespace / under the process of interest.

CI / CD conveyor

68. Rafay

Rafay is a software tool that makes it easy for a company or individual developer to create their own platform, automation system and application lifecycle management. Rafay is also able to run Kubernetes clusters.

69. Rancher

Rancher is a complete software platform that easily deploys container environments that go beyond Kubernetes installers such as Kops and Kubespray. It provides many features, including infrastructure management, container planning and orchestration, monitoring, health checks, logging, and a powerful role-based access control system.

70. Draft

Utility from Helm developers. Its goal is to simplify applications that are developed to work in Kubernetes. With two simple commands, you can work with container applications without even having to install Docker or Kubernetes.

71. Jenkins

Perhaps the most popular open source CI / CD server in the world. There is a free plug-in for it , which helps to deploy applications in Kubernetes, update them with minimal downtime and provide Green / Blue deployment of updates.

72. TeamCity

Well-known CI / CD service from JetBrains. There is a plugin with which you can use the Kubernetes cluster infrastructure to run TeamCity build agents (in version 2017.1.x and newer).

73. Apollo

A Continuous Deployment (CD) solution that provides a self-service interface for teams. It can integrate with existing build processes. This allows you to manage Kubernetes clusters, giving each user specific permissions to ensure deployment security.

74. Werf

The open source CLI tool written in Go is designed to simplify and speed up application delivery. Werf creates Docker images using Dockerfiles or an alternative quick built-in linker based on native syntax. It also removes unused images from the Docker registry. Werf then deploys your application to Kubernetes using a chart in Helm-compatible format, with convenient settings and an improved mechanism for tracking deployment, error detection and log output.

The tool allows you to create pipelines that can be integrated into any existing CI / CD system.

75. Garden

Garden is a developer tool that automates your workflows and makes developing and testing Kubernetes applications faster and easier. Suitable for collaborative development in a remote cluster.

Service grids

76. Kiali

Kiali helps to create definitions, verify and monitor the operation of microservices and connections in the Istio service grid. The tool creates a visual graphical representation of the service grid topology and gives an idea of such functions as circuit breaker, routing of requests, delay and others.

77. Kuma

Universal control panel for service grids and microservices. It can natively work both in a virtual environment and in Kubernetes. Easily entered into the arsenal of tools of any team in the organization.

78. Tenkai

Tenkai is a microservice manager based on Helm diagrams. A tool with a graphical web interface allows you to call repositories from Helm diagrams, they are easy to configure and deploy.

Service discovery

79. Discovering Vert.X Services

A repository with many tools to discover the services that are visible from your microservice applications. Services can also be imported from Kubernetes (as well as from Docker and Consul).

Visualization and Management

80. Octant

An open source web tool that visualizes your Kubernetes workloads and provides real-time updates on them.

81. Kubernetic

Kubernetic helps you easily and quickly deploy public or private diagrams, see all the associated cluster objects and their dependencies on one screen. It features features such as real-time visualization, as well as support for multiple clusters.

82. Kubernetes Dashboard

Generic web interface for Kubernetes clusters. Using this native control panel makes it easier to troubleshoot and monitor clusters.

83. Kubeapps

Web interface for the application directory in Kubernetes clusters. Allows you to install, update and remove Helm charts with the click of a button, without using the command line.

84. Lens

Desktop application, works on Windows, Mac and Linux. It can connect to a local cluster K8s, suitable for a small number of clusters.

85. Kubevious

Open source software, user-friendly graphical interface. Displays all configurations related to the application in one place. This saves time by eliminating the need to search for settings and delve into selectors and tags. One of the drawbacks of the tool is that it works directly on the K8s cluster. So you have to deploy Kubevious on each cluster, and not just point to the existing one.

86. Kubelive

Terminal-based user interface using Node.js. Pretty easy to use, but currently limited to a few kubectl commands. Allows you to easily navigate the various K8s cluster namespaces and quickly display the status of a given set of hearths.

87. K9s

Another convenient user interface makes it easy to navigate, monitor and manage your applications.

Tools for Serverless Computing / Functions

88. Kubeless

Kubernetes is an open source serverless infrastructure that allows you to deploy small pieces of code. Supports most popular languages, allows you to edit and deploy functions in real time.

89. Fission

Another open source open source Kubernetes server framework. Supports all programming languages. Write short-lived functions in any language and compare them with HTTP requests (or other event triggers) - the tool allows you to deploy functions instantly with a single command. There are no containers to build and no Docker registries to manage.

90. Funktion

This is an open source lambda style programming model for Kubernetes. Allows developers to focus on writing features while Kubernetes takes care of the rest.

91. IronFunction

An open source server computing platform for any cloud - private, public or hybrid. Using this tool, developers can simply download their code while the platform works with the infrastructure.

92. OpenFaaS

Simplifies the deployment of both features and existing code in Kubernetes. Works in public and private clouds. Allows you to create microservices and functions in any language.

93. Nuclio

A server project that allows you to use it as a stand-alone Docker container or even on top of another Kubernetes cluster. Designed to work with high-performance events and large amounts of data. It also provides real-time data processing with minimal overhead.

94. Virtual-Kubelet

It is an open source implementation of Kubernetes Kubelet. It starts inside the container in your current cluster and masquerades as a node. From there, he controls the planned packages in the way a real Kubelet does.

That's all. Write in the comments if you know other useful tools.

Addition : We have collected tools that, in our opinion, are often used in practice. More useful tools can be found in CNCF Cloud Native Interactive Landscape .

What else to read on the topic :