• This repository has been archived on 09/Jan/2023
  • Stars
    star
    269
  • Rank 152,662 (Top 4 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created over 7 years ago
  • Updated over 5 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A toolkit for Kubernetes cluster provisioning and lifecycle management

tarmak logo

What is Tarmak?

Tarmak is an open-source toolkit for Kubernetes cluster lifecycle management that focuses on best practice cluster security and cluster management/operation. It has been built from the ground-up to be cloud provider-agnostic and hence provides a means for consistent and reliable cluster deployment and management, across clouds and on-premises environments.

Tarmak and its underlying components are the product of Jetstack's work with its customers to build and deploy Kubernetes in production at scale.

Under-the-hood, Tarmak uses a number of well-known and proven components, including Terraform, Puppet and systemd.

Quickstart

Get a ready built version of tarmak from the releases page:

$ wget https://github.com/jetstack/tarmak/releases/download/0.6.7/tarmak_0.6.7_linux_amd64
$ mv tarmak_0.6.7_linux_amd64 tarmak
$ chmod +x tarmak

If you want compile from source, follow the build guide instead.

Now follow the user guide.

Documentation

Full documentation, including design/architecture overview, user/developer guides and more, is maintained at https://docs.tarmak.io/.


Disclaimer - please note that current releases of Tarmak are alpha (unless explicitly marked). Although we do not anticipate breaking changes, at this stage this cannot be absolutely guaranteed.

More Repositories

1

kube-lego

DEPRECATED: Automatically request certificates for Kubernetes Ingress resources from Let's Encrypt
Go
2,161
star
2

version-checker

Kubernetes utility for exposing image versions in use, compared to latest available upstream, as metrics.
Go
695
star
3

kube-oidc-proxy

Reverse proxy to authenticate to managed Kubernetes API servers via OIDC.
Go
476
star
4

navigator

Managed Database-as-a-Service (DBaaS) on Kubernetes
Go
271
star
5

jetstack-secure

Open-source components of Jetstack Secure.
Go
251
star
6

paranoia

Inspect certificate authorities in container images
Go
228
star
7

terraform-google-gke-cluster

A Terraform module to create a best-practise Google Kubernetes Engine (GKE) cluster.
HCL
161
star
8

vault-unsealer

Vault Unseal automation
Go
129
star
9

cni-migration

A CLI to migrate the CNI on a Kubernetes cluster from Canal (Calico + Flannel) to Cilium, live with no downtime.
Go
74
star
10

google-cas-issuer

cert-manager issuer for Google CA Service
Makefile
73
star
11

getting-started-kubernetes

Getting Started with Kubernetes Workshop
Go
65
star
12

kubebuilder-sample-controller

k8s.io/sample-controller written with kubebuilder v2
Go
63
star
13

okta-kubectl-auth

Go
40
star
14

kustomize-cert-manager-demo

Demo using Kustomize for per-environment deployment of cert-manager
26
star
15

dependency-track-exporter

Go
23
star
16

vault-helper

Vault helper script
Go
22
star
17

letsencrypt-caa-bug-checker

Tool to check your Kubernetes cluster for certificates affected by Let's Encrypt's CAA rechecking bug
Go
21
star
18

cert-manager-nginx-plus-lab

Lab demonstrating cert-manager, nginx-plus and Venafi
Shell
19
star
19

knet-stress

A simple networking stress test introspective for Kubernetes.
Go
19
star
20

elasticsearch-pet

An elasticsearch image for kubernetes PetSets
Shell
18
star
21

tally

Go
14
star
22

finops-stack

Go
9
star
23

cert-manager-external-issuer-example

An example repository implementing an external LocalCA issuer type
Go
9
star
24

tekton-demo

Demonstration of Tekton pipelines to supplement our blog post
Jsonnet
8
star
25

airworthy

Go
7
star
26

spiffe-workload-identity-demo

Demo of using cert-manager SPIFFE for for workload identity
Go
3
star
27

seaglass

Go
3
star
28

jwt-registry-auth

Go
3
star
29

ingress-yubikey

Experimental Kubernetes Ingress Controller using a Yubikey for an HSM
Go
2
star
30

spiffe-connector

Using SPIFFE Verifiable Identity Documents to seamlessly authenticate to existing services.
Go
2
star
31

slingshot-cp-ansible-k8s-coreos

Slingshot config-provider for setting up Kubernetes on CoreOS using Ansible
Python
2
star
32

jsctl

CLI tool for Jetstack Secure
Go
2
star
33

cassandra-kubernetes-seed-provider

Java
2
star
34

service-mesh-con-2021-service-identity

Scripts that I used in demos for the 2021 ServiceMeshCon talk; Service Identity - The Key to Zero Trust with
Shell
1
star
35

ubuntu-nsenter

Image containing nsenter, required when running minikube on travis with helm
1
star
36

puppet-module-kubernetes_addons

Puppet module for Kubernetes cluster addons
Ruby
1
star
37

puppet-module-calico

Puppet module for Calico overlay network
Ruby
1
star
38

puppet-module-etcd

Puppet module for Etcd
Ruby
1
star
39

jetstack-secure-gcm

Contains configuration and user guide for the Jetstack Secure for cert-manager offering on the Google Cloud Marketplace.
Mustache
1
star