Top 25 Kubernetes Tools For Deployment And Management!
In this article, we will tell about the tools that greatly facilitate the work with the deployment of Kubernetes and help build a CI/CD.
Deploying Kubernetes Cluster
Ansible role set for Kubernetes deployment and configuration. Kubespray works on AWS, GCE, Azure, OpenStack, and bare metal IaaS. Kubespray is an open source and open source project, under the hood of kubeadm.
Thanks to Kubespray, to create resources (virtual machines, networks, balancers, and so on) and orchestration it is enough to know Ansible, other tools are not needed. If you are familiar with Ansible, this can be a great help.
Kubernetes distribution tool starting from version 1.4. Helps to initialize Kubernetes clusters in their best configurations on the existing infrastructure.
Kubeadm does not know how to dynamically create the necessary infrastructure in the cloud. Its main advantage is that it can run minimally viable Kubernetes clusters in any environment. However, add-ins and network settings are not included with Kubeadm, so you will have to configure everything manually or use other tools.
Helps to create, delete, update and support Kubernetes industrial fault-tolerant clusters from the command line. This tool officially supports Amazon Web Services (AWS). GCE support is in beta, and VMware vSphere is in alpha. Support for other platforms, including OpenStack, is also planned. Kops allows you to control the full lifecycle of a Kubernetes cluster, from infrastructure preparation to cluster removal.
Terminal console for the cluster Kubernetes, with which you can manage the cluster and track its status in real time through the good old interface. Kubebox shows how hearth resources are involved, monitors a cluster, shows container logs, and so on. Even in it, you can easily navigate to the desired namespace and run the command in the correct container to quickly troubleshoot or restore work.
Provides UI for performance analysis. Aggregates and summarizes metrics from various sources shows administrators high-level analytical data. Kubedash uses Heapster as a data source, which runs as a default service on all Kubernetes clusters and collects indicators and analytics in each container.
Open source UI for Kubernetes, which can be used instead of the native kubectl console. The tool is interesting not only for developers but also for project managers, as it helps to monitor projects running in the Kubernetes cluster in an intuitive interface. The tool allows you to manage running applications, integrates with CI/CD pipelines. Containerum UI will be especially useful to those who only master Kubernetes.
A small bash-script for aggregating logs of many tools in one stream. The original version of Kubetail does not know how to filter or allocate, but on Github, there is a separate fork that can paint logs using MultiTail.
A tool for troubleshooting and monitoring Docker Swarm and Kubernetes clusters. Weave Scope automatically generates application topologies and architectures, which helps to find bottlenecks in the operation of applications. You can deploy Weave Scope as a standalone application on a local server or laptop, or use it as a SaaS in the Weave Cloud. With Weave Scope, it is easy to group, filter, and search containers by name, label, resource consumption. Unexpectedly useful functionality: you can log in to the Kubernetes nodes as root user from the web console, without having ssh access.
Cost: offline – for free; Standard SaaS version – $ 30/month. for the node (30 days trial); corporate version – $ 150/month. for the node.
An open-source monitoring and notification tool inspired by Google Borg Monitor. Prometheus allows you to create your own metrics (there is integration with all popular programming languages), and also contains a large number of ready-made integrations (exporters) with various technologies: PostgreSQL, MySQL, AWS Cloudwatch, ETCD, and Kubernetes.
Prometheus has de facto become the standard for Kubernetes. There is a special Prometheus Operator that allows you to create Prometheus instances in Kubernetes clusters, including tight integration with Grafana and Alertmanager.
Kubernetes operator for Icinga. Searchlight periodically runs checks on Kubernetes clusters, and if something goes wrong, it sends you an email, SMS or writes to the chat. Searchlight includes a default set of checks specifically for Kubernetes.
Searchlight extends the monitoring capabilities of Prometheus as an external black box-monitoring service and serves as a backup system in the event of a complete failure of internal systems.
Read-only system panel that can work with many Kubernetes clusters. Using Kube-ops-view, it is easy to navigate between clusters, monitor nodes and the status of hearts. Kube-ops-view animates some processes, such as creating and destroying pods. The tool also uses Heapster as a data source.
Aquasec protects Kubernetes installations throughout the entire lifecycle. On each container, the solution deploys a dedicated agent that acts as a firewall and plugs holes in the security of the container. The agent interacts with the Aquasec central management console, which manages security restrictions. Aquasec also helps to set up flexible pipeline implementation of security mechanisms in the cloud and local environments.
There is another open source tool associated with Aquasec – Kube-Bench, which tests the Kubernetes environment through a long list of tests from the CIS Kubernetes Benchmark document.
Cost: $0.29 per scan
Another tool that acts as a cloud firewall for applications (Cloud Native Application Firewall) and analyzes network traffic between containers and services. Twistlock analyzes the standard behavior of containers and generates rules based on this behavior, so administrators do not have to create rules manually. Twistlock also supports CIS Benchmark for Kubernetes, starting with version 2.2.
Cost: from $1,700 for an annual license, there is a trial period.
The component of the platform Sysdig Container Intelligence is delivered as a separate solution. Provides container visibility and integrates with orchestration tools, including Kubernetes, Docker, AWS ECS, and Apache Mesos. Thanks to Sysdig Secure, a user can deploy service-aware policies, block attacks, analyze history, and track cluster performance. Sysdig Secure is available as a cloud and on-premise application.
Cost: Free for offline use. The price of the Pro version for the cloud and in the form of software depends on the configuration.
A service that assesses how much Kubernetes resources use to enhance security. Kubesec.io checks the compliance of resource configurations with best practices. The user receives full control and recommendations for improving the overall security of the system. On the project website, there are a lot of links to external sources on container security and Kubernetes.
A very simple but incredibly powerful alias generator for kubectl. It allows you to write Kubernetes daily administration commands much faster, providing more than 800 short aliases for all occasions.
Panel for remote control of Kubernetes clusters from a mobile device (Android and iOS). With Cabin, you can manage applications, scale deployments, and troubleshoot a cluster. Helps Kubernetes cluster operators to quickly respond to incidents from anywhere.
A small open source utility that complements the Kubectl functionality, allowing you to easily switch context and connect to multiple Kubernetes clusters at the same time. Kubens allows you to navigate between Kubernetes namespaces. Both tools support autocomplete in bash/zsh/fish shells.
It helps to work faster with kubectl. Provides autocompletion commands and offers options. It can even search and correct incorrectly entered commands. Kube-shell displays in-line help about the commands being executed.
Kail – short for Kubernetes Tail. This tool works with Kubernetes clusters and helps to track Docker logs for the required subfields. Kail allows you to filter feeds by services, deployments, labels and other parameters. Subs will be automatically added to the log (or deleted from there) after launch if it meets the filtering criteria.
The most popular open source CI/CD server in the world. For it, there is a free plugin that allows you to deploy applications to Kubernetes, conduct their rolling updates (sequential updates with minimized downtime), and also perform Green/Blue updates deployment. This post provides a detailed scenario of this configuration.
A popular CI/CD service from the JetBrains team. With this plugin, you can use the Kubernetes cluster infrastructure to run TeamCity build agents. The plugin supports TeamCity version 2017.1.x and newer.
Cost: Free up to three build agents and 100 build configurations. $299 for the license, giving the opportunity to use additional build-agent and 10 additional build-configurations.
Visualization and control
Universal web interface Kubernetes clusters. Using this native control panel makes it much easier to troubleshoot and monitor clusters. To access the panel, you need to create a secure proxy channel between your machine and the API-server Kubernetes. The Kubernetes native panel relies on the Heapster data collection tool, so it must be installed in the system. Despite the fact that Heapster is not officially recommended for use (deprecated), there is no complete alternative to it yet.
Web interface for the catalog of applications in Kubernetes clusters. Allows you to install, update and delete Helm-charts by pressing a single button, without using the command line.