When working in a DevOps ecosystem, you will realize how important it is to have amazing DevOps tools to ease your manual load. Plenty of DevOps tools are available for every DevOps stage and different functionalities. Kubernetes is one of the must-have if you work in the DevOps domain and run your apps inside containers. There are hundreds of tools out there that work in conjunction with Kubernetes to add more features. I am talking about tools for better management, security, dashboard, monitoring of the Kubernetes cluster. Here is a list of such amazing tools that adds more power to your Kubernetes. Let’s get started!

Helm

Helm is a package manager for Kubernetes that makes it easy to take applications and services that are highly repeatable or get used in many different scenarios, making it easier to deploy them to a typical Kubernetes cluster. Using Helm, you can find, share, and use the software which is built for Kubernetes. It uses charts, called Helm Charts to define, install, and upgrade complex Kubernetes applications. Helm Features:

Takes care of all Kubernetes application complexity using charts Uses upgrades and custom hooks to update things easily. Charts can be shared easily on public or private servers. Easy rollback with just a single command Improves developer productivity and enhances operational readiness

Flagger

Flagger is a Progressive Delivery Operator for Kubernetes. It automates the promotion of canary deployments using Istio, App Mesh, Nginx, Linkerd, Contour, Gloo, Skipper routing for traffic shifting, and Prometheus for canary analysis. In canary deployment, you roll out the releases to a small group of users, test it, if it is working fine, you roll out the release to everyone.

It uses the service mesh that runs in your cluster to manage the traffic that goes between one deployment and another. For shifting traffic to canary, it measures performance indicators like average duration of requests, the success rate of HTTP requests, pod health, etc. Flagger can run automated application analysis, promotion, and rollback for several deployment strategies like Canary, A/B testing, Blue/Green deployment.

Kubewatch

Kubewatch is an open-source Kubernetes watcher which sends a notification through the slack channel. It is written on Go programming and developed by Bitnami Labs. It is used to monitor the Kubernetes resources and notifies if there is any change. You can install Kubewatch through kubectl or by using helm charts. It is simple to understand and has a very easy to use interface. Other than slack, it also supports HipChat, Mattermost, Flock, webhook, and SMTP. Depending on which Kubernetes you want to monitor, you can set true or false for those resources in the ConfigMap file. Once you set the kubewatch configuration and run a pod, you will start receiving notifications on the Kubernetes event, as shown below.

Gitkube

Gitkube is a tool that uses git push for building and deploying docker images on Kubernetes. It has three components – Remote, gitkube-controller, gitkubed. Remote consists of custom resources that are managed by gitkube-controller. gitkube-controller sends the changes to gitkubed, which then builds the docker image and deploys it.

Gitkube features:

Easy to install, plug and play Provides role-based access control for security Simple to authenticate using a public key A namespace for multi-tenancy is supported No extra dependencies apart from kubectl and git

kube-state-metrics

kube-state-metrics is a service that generates state object metrics by listening to the Kubernetes API server. It is used to check the health of various objects such as nodes, pods, namespaces, and deployments. It provides you raw, unmodified data from the Kubernetes API. Below is the information that is provided by kube-state-metrics:

Cron jobs and job status Status of the pods (ready, running, etc.) Resources requests and its range Node capacity and it’s status Specification of replica sets

Kamus

Kamus is an open-source GitOps tool which is used for encryption and decryption of secrets for Kubernetes applications. The encrypted secrets which Kamus does can only be decrypted by applications running on the Kubernetes cluster. It uses AES, Google Cloud KMS, Azure KeyVault for encryption of secrets. You can get started with Kamus using the helm chart. Kamus comes with two utilities – Kamus CLI and Kamus init container. Kamus CLI is used for integrating with encrypt API, and Kamus init container is used for integration with the decryption of API. Kubernetes plain Secrets are not encrypted; they are base64 encoded. You cannot keep it on Git as it is; it is not secure. Anybody having access to the repo will be able to use these secrets. Hence, a proper encryption/decryption solution is needed, like Kamus. It also provides a threat model which takes care of threats and makes secrets secure.

Untrak

Untrak is an open-source tool using in Kubernetes for finding untracked recourses and garbage collect them. It helps you find and delete those files from the cluster, which are untracked. After you inject the manifests to your CI/CD pipeline using kubectl apply or helm template, Kubernetes is unaware when the object will get deleted from the repository. Once the objects get deleted, they are not tracked in the delivery process and still reside on the Kubernetes cluster. It executes command internally using a simple config file untrak.yaml to find out resources that are not a part of your source code management anymore.

Scope

Weave Scope is for visualizing, monitoring, and troubleshooting Docker and Kubernetes. It shows you a top-down view of your containerized application and the complete infrastructure using which you can easily identify any problems and diagnose them. Running microservice architecture applications in docker containers is not that easy. The components here are very dynamic and difficult to monitor. With weave scope, you can easily troubleshoot memory leaks and control CPU consumption, visualize network bottlenecks.

Scope features:

Helps you monitor your docker containers in real-time Provides easy navigation between processes running in the containers Shows CPU and memory usage host or service wise Restart, Stop or Pause containers using CLI without leaving the scope browser window. Supports custom plugins to get more details on containers, processes, and hosts

Kubernetes Dashboard

Kubernetes Dashboard is a web interface provided by Kubernetes. It is used to deploy, troubleshoot, and manage the containerized application on a Kubernetes cluster. It gives all the information about a cluster, such as details on nodes, namespaces, roles, workloads, etc.

You can use helm charts to deploy Kubernetes dashboard or use a simple kubectl command mentioned below:

Kops

Kops stands for Kubernetes operations, an open-source project used to set up production-ready Kubernetes clusters very easily and quickly. Kops can be used to deploy Kubernetes clusters on AWS and GCE primarily. A small size Kubernetes cluster is easy to create and maintain, but when you scale your cluster, a lot of configurations get added, and it becomes difficult to manage operationally. Kops is a tool that helps you solve such problems. It follows a configuration driven approach where it keeps the cluster always up-to-date and safe. Kops also has many networking backends, and choosing one of them, depending on the use case, makes it easy for you to set up various types of clusters.

cAdvisor

cAdvisor is an open-source tool to monitor a container. It is used to understand the performance characteristics and resource usage of the containers running on the cluster. It operates on the node level and can auto-discover all the containers running on a particular node and collects memory, file system, CPU, and network statistics. It provides a web interface that shows the live data of all the containers in the cluster. To get started with cAdvisor, you need to run its docker image google/cadvisor, and then you can access it at http://localhost:8080 in a web browser.

Kubespray

Kubespray is a free tool that has been created by combining Ansible playbooks and Kubernetes. It is used for Kubernetes cluster lifecycle management. By using Kubespray, you can deploy a cluster quickly and customize all the parameters of a cluster implementation like deployment modes, network plugins, DNS configuration, component versions, certificate generation methods, etc. By just running one simple ansible-playbook, your cluster is up and running. You can easily scale or upgrade your Kubernetes cluster.

K9s

K9s is an open-source terminal-based tool, and its dashboard utility can do everything that a Kubernetes web UI does. It is used to navigate, observe, and manage the application deployed on the Kubernetes cluster.

K9s features:

Track your cluster in real-time Customize the display on a per resource basis Zoom in to cluster resource issues Supports Role-based access control Built-in benchmarks to validate resource performance

Kubetail

Kubetail is a simple bash script that is used to aggregate logs from multiple pods in one stream. Very handy! It helps you in debugging with ease. The latest Kubetail version also has highlighting and filtering features. This feature enables you to perform log coloring. Using homebrew, you can install Kubetail with a single command. You can add default values in environment variables that Kubetail can read like KUBETAIL_NAMESPACE, KUBETAIL_TAIL, KUBETAIL_SKIP_COLORS etc.

PowerfulSeal

PowerfulSeal is an open-source, powerful chaos engineering tool written in python for Kubernetes clusters. Chaos engineering is used to get the system’s confidence to check its capability to deal with problematic situations in production. It injects failure to the Kubernetes cluster to identify issues in it as early as possible. It is inspired by Netflix Chaos Monkey and is used to improve Kubernetes resiliency. Using PowerfulSeal, the engineers knowingly try to break things on the cluster to check how the system reacts. PowerfulSeal works in three modes – Autonomous, Interactive, Label. In autonomous mode, it executes scenarios by reading a policy file you provide. In interactive mode, it tells you about cluster components that you manually try to break. In label mode, you kill targeted objects on the cluster like pods using labels.

Popeye

Popeye is a cleaning utility that acts as a sanitizer 🧼 for Kubernetes clusters.

It will scan the complete cluster and report back with issues related to configurations and resources. It helps you execute the best practices on the Kubernetes cluster to stay away from common issues. This utility is available for Windows, Linux, and macOS. Currently, it works only with nodes, pods, namespaces, services. Using Popeye, you can easily identify dead and unused resources, port mismatches, RBAC rules, metrics utilization, and much more.

Conclusion

DevOps tools play a vital role in success, and I hope the above helps you manage Kubernetes better.

Best Tools to Supercharge Kubernetes - 18Best Tools to Supercharge Kubernetes - 48Best Tools to Supercharge Kubernetes - 2Best Tools to Supercharge Kubernetes - 6Best Tools to Supercharge Kubernetes - 22Best Tools to Supercharge Kubernetes - 28Best Tools to Supercharge Kubernetes - 29Best Tools to Supercharge Kubernetes - 61Best Tools to Supercharge Kubernetes - 97Best Tools to Supercharge Kubernetes - 98Best Tools to Supercharge Kubernetes - 79Best Tools to Supercharge Kubernetes - 18Best Tools to Supercharge Kubernetes - 9Best Tools to Supercharge Kubernetes - 17Best Tools to Supercharge Kubernetes - 32Best Tools to Supercharge Kubernetes - 75Best Tools to Supercharge Kubernetes - 31