Kubernetes Platform Toolkit
Minimal | Monitoring | Minimal Antrea | Platform | NoSQL | CI/CD | Security | Harbor | Postgres | Elastic | Managed | |
---|---|---|---|---|---|---|---|---|---|---|---|
v1.16 | |||||||||||
v1.17 | |||||||||||
v1.18 | |||||||||||
Upgrade | |||||||||||
Self-hosted |
karina is a toolkit for building and operating Kubernetes based, multi-cluster platforms. It includes the following high level functions
To see how it compares to other tools in the ecosystem see comparison
- Batteries Included - Most components require just a version to enable and are pre-configured with ingress, LDAP and TLS (managed by cert-manager) due to a shared infrastructure model that includes information such as top-level wild card domain, LDAP/S3 connection details, etc.
- Escape Hatches for when the defaults don't work for you, easily use kustomize patches to configure resource limits, labels, annotations and anything else on any object managed by karina.
- Integrated, but independent - karina works best when used to provision a Kubernetes cluster and then deploy and test a production runtime, but each function can also be used independently, i.e you can run karina e2e tests in an environment that wasn't provisioned or deployed by karina.
- Provision Kubernetes clusters on vSphere (with NSX-T or Calico), Kind and Cluster API (Coming Soon)
- Deploy a production runtime for monitoring, logging, security, multi-tenancy, backups, storage, container registry and DBaaS
- De-Centralized multi-cluster authentication using a root CA for administrator-level offline authentication, and Dex for online user authentication.
- CLI Addons/Wrappers to perform day 2 and incident mitigation tasks such as rolling updates, restarts, backup, restore, failover, replication, logging configuration, system dumps etc.
To get started provisioning see the quickstart guides for Kind and vSphere
-
Docker Registry (Harbor)
-
Authentication (Dex, Oauth Proxy)
-
Authorization & Policy Enforcement (Open Policy Agent and Gatekeeper)
-
Certificate Management (cert-manager)
- Secret Management (Sealed Secrets, Vault)
- CI/CD (Tekton, ArgoCD, Flux, kpack)
- Database as a Service (postgres-operator, rabbitmq-operator, redis-operator)
-
Logging (ElasticSearch, Filebeat, Packetbeat, Auditbeat, Kibana)
-
Monitoring (Grafana, Prometheus, Thanos, Karma, Canary Checker)
-
Multi-Tenancy (Namespace Configurator Cluster Quotas, Kiosk)
Please follow the guideline below when contributing to this project