jetstack/tarmak jetstack/tarmak

  • This repository has been archived on 09/Jan/2023
  • Stars
    star
    269
  • Rank 147,934 (Top 3 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created almost 7 years ago
  • Updated almost 5 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
jetstack/tarmak
github

jetstack

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A toolkit for Kubernetes cluster provisioning and lifecycle management

tarmak logo

What is Tarmak?

Tarmak is an open-source toolkit for Kubernetes cluster lifecycle management that focuses on best practice cluster security and cluster management/operation. It has been built from the ground-up to be cloud provider-agnostic and hence provides a means for consistent and reliable cluster deployment and management, across clouds and on-premises environments.

Tarmak and its underlying components are the product of Jetstack's work with its customers to build and deploy Kubernetes in production at scale.

Under-the-hood, Tarmak uses a number of well-known and proven components, including Terraform, Puppet and systemd.

Quickstart

Get a ready built version of tarmak from the releases page:

$ wget https://github.com/jetstack/tarmak/releases/download/0.6.7/tarmak_0.6.7_linux_amd64
$ mv tarmak_0.6.7_linux_amd64 tarmak
$ chmod +x tarmak

If you want compile from source, follow the build guide instead.

Now follow the user guide.

Documentation

Full documentation, including design/architecture overview, user/developer guides and more, is maintained at https://docs.tarmak.io/.

Disclaimer - please note that current releases of Tarmak are alpha (unless explicitly marked). Although we do not anticipate breaking changes, at this stage this cannot be absolutely guaranteed.

More Repositories

1

kube-lego

DEPRECATED: Automatically request certificates for Kubernetes Ingress resources from Let's Encrypt
Go
2,163
star
2

version-checker

Kubernetes utility for exposing image versions in use, compared to latest available upstream, as metrics.
Go
649
star
3

kube-oidc-proxy

Reverse proxy to authenticate to managed Kubernetes API servers via OIDC.
Go
476
star
4

navigator

Managed Database-as-a-Service (DBaaS) on Kubernetes
Go
271
star
5

jetstack-secure

Open source components of Jetstack Secure
Go
251
star
6

paranoia

Inspect certificate authorities in container images
Go
218
star
7

terraform-google-gke-cluster

A Terraform module to create a best-practise Google Kubernetes Engine (GKE) cluster.
HCL
160
star
8

vault-unsealer

Vault Unseal automation
Go
129
star
9

cni-migration

A CLI to migrate the CNI on a Kubernetes cluster from Canal (Calico + Flannel) to Cilium, live with no downtime.
Go
72
star
10

google-cas-issuer

cert-manager issuer for Google CA Service
Makefile
70
star
11

getting-started-kubernetes

Getting Started with Kubernetes Workshop
Go
63
star
12

kubebuilder-sample-controller

k8s.io/sample-controller written with kubebuilder v2
Go
59
star
13

okta-kubectl-auth

Go
40
star
14

kustomize-cert-manager-demo

Demo using Kustomize for per-environment deployment of cert-manager
26
star
15

vault-helper

Vault helper script
Go
22
star
16

letsencrypt-caa-bug-checker

Tool to check your Kubernetes cluster for certificates affected by Let's Encrypt's CAA rechecking bug
Go
21
star
17

cert-manager-nginx-plus-lab

Lab demonstrating cert-manager, nginx-plus and Venafi
Shell
19
star
18

knet-stress

A simple networking stress test introspective for Kubernetes.
Go
18
star
19

elasticsearch-pet

An elasticsearch image for kubernetes PetSets
Shell
18
star
20

dependency-track-exporter

Go
17
star
21

tally

Go
14
star
22

cert-manager-external-issuer-example

An example repository implementing an external LocalCA issuer type
Go
9
star
23

tekton-demo

Demonstration of Tekton pipelines to supplement our blog post
Jsonnet
8
star
24

airworthy

Go
7
star
25

ingress-yubikey

Experimental Kubernetes Ingress Controller using a Yubikey for an HSM
Go
2
star
26

spiffe-workload-identity-demo

Demo of using cert-manager SPIFFE for for workload identity
Go
2
star
27

spiffe-connector

Using SPIFFE Verifiable Identity Documents to seamlessly authenticate to existing services.
Go
2
star
28

jsctl

CLI tool for Jetstack Secure
Go
2
star
29

cassandra-kubernetes-seed-provider

Java
2
star
30

service-mesh-con-2021-service-identity

Scripts that I used in demos for the 2021 ServiceMeshCon talk; Service Identity - The Key to Zero Trust with
Shell
1
star
31

ubuntu-nsenter

Image containing nsenter, required when running minikube on travis with helm
1
star
32

puppet-module-kubernetes_addons

Puppet module for Kubernetes cluster addons
Ruby
1
star
33

puppet-module-calico

Puppet module for Calico overlay network
Ruby
1
star
34

slingshot-cp-ansible-k8s-coreos

Slingshot config-provider for setting up Kubernetes on CoreOS using Ansible
Python
1
star
35

puppet-module-etcd

Puppet module for Etcd
Ruby
1
star
36

jetstack-secure-gcm

Contains configuration and user guide for the Jetstack Secure for cert-manager offering on the Google Cloud Marketplace.
Mustache
1
star
37

jwt-registry-auth

Go
1
star
38

vcert

Go client SDK and command line utility designed to simplify integrations by automating key generation and certificate enrollment using Venafi machine identity services.
Go
1
star