🚀 Must Try Kubernetes Addons

Along the lines of managing k8s on my Pi’s, I ran a search on reddit (yes Reddit, and not ChatGPT) and some amazing folks posted these addon’s. Here is the list:

  • Botkube - A monitoring add-on that sends alerts directly to chat messaging platforms with error metadata attached. Compatible with popular clients such as Discord or Slack.
  • Cert Manager - Certificates
  • Chaos Mesh - Simulate hardware, network and other kind of failures, to check the robustness of your deployments.
  • Descheduler - Monitors if workloads are evenly distributed through nodes and cleans failed pods that remained as orphans/stuck.
  • Eraser - A daemonset responsible for cleaning up outdated images stored in the cluster nodes.
  • Falco - A runtime controller that looks for unusual activity within the cluster and alerts of possible security threats.
  • k8s-image-swapper - Mirror images into your own registry and swap image references automatically.
  • Kube-fledged - Allows for image caching on every node in the cluster, in order to speed up deployments. This can be used with Eraser, to define a few images that cannot be cleaned from the cluster.
  • Kured - All the cluster’s nodes will be properly drained before rebooting cordoned back once they’re online.
  • node-problem-detector - Detects if a node has been affected by an issue such as faulty hardware or kernel deadlocks, preventing scheduling.
  • Reflector - Replicate a Secret or configMap between namespaces automatically.
  • Reloader - Everytime a configMap or a Secret resource is created or changed, the pods that use them will be reloaded.
  • Spegel - Locally cache images from external registries with no explicit configuration.
  • Trivy operator - Generates security reports automatically in response to workload and other changes to the cluster.
  • Tailscale-operator - Provides a private load-balancer that generates entries to a zero-trust mesh VPN by annotating services or ingresses to use the operator. Think Ngrok plus all communication is encrypted (even non-SSL domain ingresses) but for free and easier to manage.
  • Wavy - Patches Kubernetes resources with a VNC access using annotations to provide a GUI to any container. If you want to run for example, a containerized Skype client, you can access the application with a VNC using this add-on.

For Baremetal setups

  • Democratic-CSI - A CSI implementation for multiple ZFS-based network attached self-hosted storage systems.

Tool-based but still a few interesting add-on

  • kube-no-trouble - To check if your current running version of Kubernetes and the resources that are a part of this cluster have been deprecated in future upgrades.
  • krr - Uses already existing Prometheus metrics stored to help on guiding the optimal usage of cluster resources.
  • Prometheus Operator - Takes care about the grafana / prometheus setup
  • CloudnativePG - Best way to deploy postgres databases
  • MariaDB Operator - Manages your MariaDBs
  • Velero - Takes care about your backups
  • Glasskube - Manages Open source tool installations (Gitlab, KeyCloak, Matomo Vault)