Kubernetes is a Container-as-a-Service with tons of unique tools to choose from. External tools play a role in integrating with different systems or maintaining control over the clusters you deploy. Manual health checks and troubleshooting is not ideal to keep a system in full health.
This list of tools will provide ample support to your containers and have enough configuration to leave management flexible.
Kubectl is a default CLI tool provided for Kubernetes. The tool allows various Kubernetes operations to be executed from the command line. Kubectl detects nodes and clusters with the config file in the $HOME directory. kubectl accepts other kubeconfig files as well. Just set up the relevant environment variable. It can also be done with the –kubeconfig flag.
Kubectx is useful when you run a multi-cluster environment. When used in tandem with Kubectl, you are provided more features. Kubectx allows for simpler commands with the kubectx keyword. It also eases switching between different clusters. Cluster organization becomes much easier with this tool in hand.
Kube-shell is a simple Kubernetes tool that can be used to enhance kubectl. It is a shell that is built on top of kubectl. It simply helps with easier command executions. Command suggestions, autofill, etc. Kube-shell provides in-line descriptions once commands have been executed. Another vital feature is cycling through previous functions. This scrolling can be done with the arrow keys.
Kops helps you create, destroy, upgrade, and maintain production-grade, highly available Kubernetes clusters from the command line.
Kops currently supports AWS and GCE support is in Beta. Other platforms such as VMware, vSphere etc are in alpha or being planned. Kops allows you to control the full Kubernetes cluster lifecycle; from infrastructure, provisioning to cluster deletion.
Kubespray assists Kubernetes deployment and configuration by providing a set of Ansible roles.
Kubespray can use AWS, GCE, Azure, OpenStack or a bare metal Infrastructure as a Service (IaaS) platform.
Users familiar with Ansible will find Kubespray a good choice. Provisioning and orchestration of your Kubernetes application can be entirely achieved with this one tool and no other. The tool is open-source and with an open development model. Kubespray uses kubeadm under the hood.
Minikube allows for the local deployment of your Kubernetes cluster. For those who are unfamiliar with Kubernetes, this is a great way to explore the service and learn the kinks. From your laptop, you can launch a single-node Kubernetes Cluster inside VMware. OS support include Windows, Linux and OSX.
Launch self-hosted Kubernetes clusters with bootkube. You can set up a temporary control plane for your Kubernetes clusters which operates until the self-hosted control plane can handle requests.
Conjure-up is a canonical Kubernetes deployment tool meant for Ubuntu. You can deploy and distribute your clusters with a few Linux commands. The tool supports cloud platforms such as AWS, GCE, Azure, Joyent, OpenStack, VMware, bare metal, and localhost deployments. Juju, MAAS, and LXD are the underlying technology for Conjure-up.
Kubernetes on AWS (Kube-AWS)
Kube-AWS is a console tool provided by CoreOS which deploys a fully-functional Kubernetes cluster using AWS CloudFormation.
Kube-AWS allows you to deploy a traditional Kubernetes cluster and automatically provision every K8s service with native AWS features (e.g., ELB, S3, and Auto Scaling, etc.).
Kubeadm has been around since Kubernetes version 1.4. This is a distribution tool which helps to bootstrap best-practice Kubernetes clusters on your existing infrastructure. Kubeadm doesn’t set up infrastructure, merely provisions the right cluster. You can launch the least possible clusters anywhere. Kubeadm, unfortunately, doesn’t have similar functionalities to provision add-ons or networking setups automatically.
Prometheus is one of the most popular monitoring tools for Kubernetes clusters. User friendly interfaces and easily accessible tools on top of a multi-dimensional data model makes for convenient monitoring solutions. Applying Prometheus monitoring protocols in Kubernetes is a pretty straightforward task. The data scraped is published using a standard HTTP transport.
Searchlight periodically runs various status checks on Kubernetes clusters and sends you alerts through email, SMS or chat. Searchlight includes a default suite of checks written specifically for Kubernetes. Also, it can enhance Prometheus monitoring with external black-box monitoring and serves as a fallback in case internal systems completely fail.
Sumo Logic App
Sumo Logic App offers complete visibility into individual worker nodes of a cluster and for their application logs. You can monitor and troubleshoot for container health, load balancing, data replication, state of the pod or resource allocations.
Kube-state-metrics generates metrics from Kubernetes API objects without modification. It is deployed through requests from Kubernetes API server. It doesn’t examine the health of individual Kubernetes components, rather focuses on the health of the various objects inside, such as deployments, nodes, and pods.
Kubernetes Operational View (Kube-ops-view)
Kubernetes Operational View is a dashboard for multiple Kubernetes clusters. The tool is read-only, you can view and navigate between your clusters easily. Monitor individual nodes, the overall health of the pods, and learn the status of each cluster. Kube-ops-view animates some Kubernetes processes such as pod creation and termination.
CAdvisor is a native integrated tool found in all cluster notes. It collects metrics for Kubernetes about running containers and nodes. These metrics are exposed though Kubelet APIs. The Metrics Server identifies all available nodes and calls Kubelet API to get containers and nodes resources usage before exposing the metrics through Kubernetes aggregation API.
Weave Scope is another monitoring tool with troubleshooting features that supports both Docker and Kubernetes clusters. Easily identify performance bottlenecks with automatically deployed applications and infrastructure topologies.
Weave Scope can be installed as a standalone application on your hardware/local server or you can opt the Weave Scope as a Service solution on Weave Cloud. Weave Scope also simplifies identifying clusters, grouping, filtering etc with names, labels and other resources.
Kubewatch publishes Kubernetes events to integrated communication apps like Slack. Kubewatch essentially monitors your clusters by running itself as a pod. It notifies any change that occurs in the system. You can specify the notifications you want to receive by editing the configuration file.
Aqua security scans the container images before they are deployed. You can make the images read-only in this last step. Images that can’t be modified, have fewer chances of being attacked. It also makes it easier to detect anomalies with monitoring tools.
Aqua isolates the data and access. It then proceeds to scan for various security issues such as malware, threats, embedded secrets, etc. It runs other tests for problems in settings and permissions.
Twistlock security is throughout the full deployment and management lifecycle. The tool works constantly, performing status checks to note any anomalies. Twistlock sets up an automatic firewall to prevent threats. Aside from scanning container images before deployment, it also detects changes in running containers.
Falco is a security tool that targets specific layers of a container for vulnerabilities. Falco’s monitoring is greatly focused on kernel system calls. Using a single set of rules, it performs security checks on the
- The container
You can also create personalized rules for each of your Kubernetes clusters. These rules can be enforced across all containers.
JAAS is a Juju as a service tool that lets you reduce the complexity of your Kubernetes operation. Simplify the configuration, scaling and operation. You can deploy Juju and your workload in public or private clouds.
Kube-Monkey, similar to Netflix’s Chaos Monkey, follows principles of Chaos engineering. It can delete Kubernetes Pods at random, check for faults in services, and maintain the health of your system. Kube-monkey is also configured by a TOML file where you can specify which app is to be killed and when to practice your recovery strategies.
Kubebox lets you manage and monitor your Kubernetes clusters from the terminal. You can get live updates on pod resource usage, container logs, cluster status, etc. You can also execute fast troubleshooting or recovery by navigating to the desired namespace and executing proper containers. The interface is old-school, so it’s got a nice aesthetic too.
Kubetail is a small bash script that allows you to aggregate logs from multiple pods into one stream. You can find a Kubetail fork on Github that can add-on more features like filtering, highlighting, coloring logs , etc.
These tools will ensure your Kubernetes deployment and management remain fast and secure. Pick the right tools for your organizational needs and you will be able to fill in any gaps you face during your Kubernetes journey. The community is constantly coming out with new tools to enhance your experience, soo keep yourself updated.