• Stars
    star
    683
  • Rank 66,158 (Top 2 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created almost 6 years ago
  • Updated 8 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

CSI Driver for Amazon EFS https://aws.amazon.com/efs/

Build Status Coverage Status Go Report Card

Amazon EFS CSI Driver

The Amazon Elastic File System Container Storage Interface (CSI) Driver implements the CSI specification for container orchestrators to manage the lifecycle of Amazon EFS file systems.

CSI Specification Compatibility Matrix

Amazon EFS CSI Driver \ CSI Spec Version v0.3.0 v1.1.0 v1.2.0
master branch no no yes
v1.x.x no no yes
v0.3.0 no yes no
v0.2.0 no yes no
v0.1.0 yes no no

Features

Amazon EFS CSI driver supports dynamic provisioning and static provisioning. Currently, Dynamic Provisioning creates an access point for each PV. This mean an Amazon EFS file system has to be created manually on AWS first and should be provided as an input to the storage class parameter. For static provisioning, the Amazon EFS file system needs to be created manually on AWS first. After that, it can be mounted inside a container as a volume using the driver.

The following CSI interfaces are implemented:

  • Controller Service: CreateVolume, DeleteVolume, ControllerGetCapabilities, ValidateVolumeCapabilities
  • Node Service: NodePublishVolume, NodeUnpublishVolume, NodeGetCapabilities, NodeGetInfo, NodeGetId, NodeGetVolumeStats
  • Identity Service: GetPluginInfo, GetPluginCapabilities, Probe

Storage Class Parameters for Dynamic Provisioning

Parameters Values Default Optional Description
provisioningMode efs-ap false Type of volume provisioned by efs. Currently, Access Points are supported.
fileSystemId false File System under which access points are created.
directoryPerms false Directory permissions for Access Point root directory creation.
uid true POSIX user Id to be applied for Access Point root directory creation and for user identity enforcement.
gid true POSIX group Id to be applied for Access Point root directory creation and for user identity enforcement.
gidRangeStart 50000 true Start range of the POSIX group Id to be applied for Access Point root directory creation and for user identity enforcement. Not used if uid/gid is set. For user identity enforcement, this value will be applied as both the uid and the gid.
gidRangeEnd 7000000 true End range of the POSIX group Id. Not used if uid/gid is set.
basePath true Path under which access points for dynamic provisioning is created. If this parameter is not specified, access points are created under the root directory of the file system
az "" true Used for cross-account mount. az under storage class parameter is optional. If specified, mount target associated with the az will be used for cross-account mount. If not specified, a random mount target will be picked for cross account mount

Note

  • Custom Posix group Id range for Access Point root directory must include both gidRangeStart and gidRangeEnd parameters. These parameters are optional only if both are omitted. If you specify one, the other becomes mandatory.
  • When using a custom Posix group ID range, there is a possibility for the driver to run out of available POSIX group Ids. We suggest ensuring custom group ID range is large enough or create a new storage class with a new file system to provision additional volumes.
  • az under storage class parameter is not be confused with efs-utils mount option az. The az mount option is used for cross-az mount or efs one zone file system mount within the same aws account as the cluster.
  • Using dynamic provisioning, user identity enforcement is always applied.
  • When user enforcement is enabled, Amazon EFS replaces the NFS client's user and group IDs with the identity configured on the access point for all file system operations.
  • The uid/gid configured on the access point is either the uid/gid specified in the storage class, a value in the gidRangeStart-gidRangeEnd (used as both uid/gid) specified in the storage class, or is a value selected by the driver is no uid/gid or gidRange is specified.
  • We suggest using static provisioning if you do not wish to use user identity enforcement.

If you want to pass any other mountOptions to Amazon EFS CSI driver while mounting, they can be passed in through the Persistent Volume or the Storage Class objects, depending on whether static or dynamic provisioning is used. The following are examples of some mountOptions that can be passed:

  • lookupcache: Specifies how the kernel manages its cache of directory entries for a given mount point. Mode can be one of all, none, pos, or positive. Each mode has different functions and for more information you can refer to this link.
  • iam: Use the CSI Node Pod's IAM identity to authenticate with Amazon EFS.

Encryption In Transit

One of the advantages of using Amazon EFS is that it provides encryption in transit support using TLS. Using encryption in transit, data will be encrypted during its transition over the network to the Amazon EFS service. This provides an extra layer of defence-in-depth for applications that requires strict security compliance.

Encryption in transit is enabled by default in the master branch version of the driver. To disable it and mount volumes using plain NFSv4, set the volumeAttributes field encryptInTransit to "false" in your persistent volume manifest. For an example manifest, see the encryption in transit example.

Note
Kubernetes version 1.13 or later is required if you are using this feature in Kubernetes.

Amazon EFS CSI Driver on Kubernetes

The following sections are Kubernetes specific. If you are a Kubernetes user, use this for driver features, installation steps, and examples.

Kubernetes Version Compability Matrix

Amazon EFS CSI Driver \ Kubernetes Version maturity v1.11 v1.12 v1.13 v1.14 v1.15 v1.16 v1.17+
master branch GA no no no no no no yes
v1.5.x GA no no no no no no yes
v1.4.x GA no no no no no no yes
v1.3.x GA no no no no no no yes
v1.2.x GA no no no no no no yes
v1.1.x GA no no no yes yes yes yes
v1.0.x GA no no no yes yes yes yes
v0.3.0 beta no no no yes yes yes yes
v0.2.0 beta no no no yes yes yes yes
v0.1.0 alpha yes yes yes no no no no

Container Images

Amazon EFS CSI Driver Version Image
master branch amazon/aws-efs-csi-driver:master
v1.5.8 amazon/aws-efs-csi-driver:v1.5.8
v1.5.7 amazon/aws-efs-csi-driver:v1.5.7
v1.5.6 amazon/aws-efs-csi-driver:v1.5.6
v1.5.5 amazon/aws-efs-csi-driver:v1.5.5
v1.5.4 amazon/aws-efs-csi-driver:v1.5.4
v1.5.3 amazon/aws-efs-csi-driver:v1.5.3
v1.5.2 amazon/aws-efs-csi-driver:v1.5.2
v1.5.1 amazon/aws-efs-csi-driver:v1.5.1
v1.5.0 amazon/aws-efs-csi-driver:v1.5.0
v1.4.9 amazon/aws-efs-csi-driver:v1.4.9
v1.4.8 amazon/aws-efs-csi-driver:v1.4.8
v1.4.7 amazon/aws-efs-csi-driver:v1.4.7
v1.4.6 amazon/aws-efs-csi-driver:v1.4.6
v1.4.5 amazon/aws-efs-csi-driver:v1.4.5
v1.4.4 amazon/aws-efs-csi-driver:v1.4.4
v1.4.3 amazon/aws-efs-csi-driver:v1.4.3
v1.4.2 amazon/aws-efs-csi-driver:v1.4.2
v1.4.1 amazon/aws-efs-csi-driver:v1.4.1
v1.4.0 amazon/aws-efs-csi-driver:v1.4.0
v1.3.8 amazon/aws-efs-csi-driver:v1.3.8
v1.3.7 amazon/aws-efs-csi-driver:v1.3.7
v1.3.6 amazon/aws-efs-csi-driver:v1.3.6
v1.3.5 amazon/aws-efs-csi-driver:v1.3.5
v1.3.4 amazon/aws-efs-csi-driver:v1.3.4
v1.3.3 amazon/aws-efs-csi-driver:v1.3.3
v1.3.2 amazon/aws-efs-csi-driver:v1.3.2
v1.3.1 amazon/aws-efs-csi-driver:v1.3.1
v1.3.0 amazon/aws-efs-csi-driver:v1.3.0
v1.2.1 amazon/aws-efs-csi-driver:v1.2.1
v1.2.0 amazon/aws-efs-csi-driver:v1.2.0
v1.1.1 amazon/aws-efs-csi-driver:v1.1.1
v1.1.0 amazon/aws-efs-csi-driver:v1.1.0
v1.0.0 amazon/aws-efs-csi-driver:v1.0.0
v0.3.0 amazon/aws-efs-csi-driver:v0.3.0
v0.2.0 amazon/aws-efs-csi-driver:v0.2.0
v0.1.0 amazon/aws-efs-csi-driver:v0.1.0

ECR Image

Driver Version ECR Image
v1.5.0 public.ecr.aws/efs-csi-driver/amazon/aws-efs-csi-driver:v1.5.0

Note
You can find previous efs-csi-driver versions' images from here

Features

  • Static provisioning - Amazon EFS file system needs to be created manually first, then it could be mounted inside container as a persistent volume (PV) using the driver.
  • Dynamic provisioning - Uses a persistent volume claim (PVC) to dynamically provision a persistent volume (PV). On Creating a PVC, kuberenetes requests Amazon EFS to create an Access Point in a file system which will be used to mount the PV.
  • Mount Options - Mount options can be specified in the persistent volume (PV) or storage class for dynamic provisioning to define how the volume should be mounted.
  • Encryption of data in transit - Amazon EFS file systems are mounted with encryption in transit enabled by default in the master branch version of the driver.
  • Cross account mount - Amazon EFS file systems from different aws accounts can be mounted from an Amazon EKS cluster.
  • Multiarch - Amazon EFS CSI driver image is now multiarch on ECR

Note
Since Amazon EFS is an elastic file system, it doesn't really enforce any file system capacity. The actual storage capacity value in persistent volume and persistent volume claim is not used when creating the file system. However, since the storage capacity is a required field by Kubernetes, you must specify the value and you can use any valid value for the capacity.

Installation

Considerations

  • The Amazon EFS CSI Driver isn't compatible with Windows-based container images.
  • You can't use dynamic persistent volume provisioning with Fargate nodes, but you can use static provisioning.
  • Dynamic provisioning requires 1.2 or later of the driver. You can statically provision persistent volumes using version 1.1 of the driver on any supported Amazon EKS cluster version.
  • Version 1.3.2 or later of this driver supports the Arm64 architecture, including Amazon EC2 Graviton-based instances.
  • Version 1.4.2 or later of this driver supports using FIPS for mounting file systems. For more information on how to enable FIPS, see Helm.
  • Take note of the resource quotas for Amazon EFS. For example, there's a quota of 1000 access points that can be created for each Amazon EFS file system. For more information, see https://docs.aws.amazon.com/efs/latest/ug/limits.html#limits-efs-resources-per-account-per-region.

Prerequisites

Note
A Pod running on AWS Fargate automatically mounts an Amazon EFS file system, without needing the manual driver installation steps described on this page.

Set up driver permission

The driver requires IAM permission to talk to Amazon EFS to manage the volume on user's behalf. There are several methods to grant driver IAM permission:


Deploy the driver

There are several options for deploying the driver. The following are some examples.


[ Helm ]

This procedure requires Helm V3 or later. To install or upgrade Helm, see Using Helm with Amazon EKS.

To install the driver using Helm

  1. Add the Helm repo.

    helm repo add aws-efs-csi-driver https://kubernetes-sigs.github.io/aws-efs-csi-driver/
  2. Update the repo.

    helm repo update aws-efs-csi-driver
  3. Install a release of the driver using the Helm chart.

    helm upgrade --install aws-efs-csi-driver --namespace kube-system aws-efs-csi-driver/aws-efs-csi-driver

    To specify an image repository, add the following argument. Replace the repository address with the cluster's container image address.

    --set image.repository=602401143452.dkr.ecr.region-code.amazonaws.com/eks/aws-efs-csi-driver

    If you already created a service account by following Create an IAM policy and role for Amazon EKS, then add the following arguments.

    --set controller.serviceAccount.create=false \
    --set controller.serviceAccount.name=efs-csi-controller-sa

    If you don't have outbound access to the Internet, add the following arguments.

    --set sidecars.livenessProbe.image.repository=602401143452.dkr.ecr.region-code.amazonaws.com/eks/livenessprobe \
    --set sidecars.node-driver-registrar.image.repository=602401143452.dkr.ecr.region-code.amazonaws.com/eks/csi-node-driver-registrar \
    --set sidecars.csiProvisioner.image.repository=602401143452.dkr.ecr.region-code.amazonaws.com/eks/csi-provisioner

    To force the Amazon EFS CSI driver to use FIPS for mounting the file system, add the following argument.

    --set useFips=true

Note
hostNetwork: true (should be added under spec/deployment on kubernetes installations where AWS metadata is not reachable from pod network. To fix the following error NoCredentialProviders: no valid providers in chain this parameter should be added.)


[ Manifest (private registry) ]

If you want to download the image with a manifest, we recommend first trying these steps to pull secured images from the private Amazon ECR registry.

To install the driver using images stored in the private Amazon ECR registry

  1. Download the manifest. Replace release-X.X with your desired branch. We recommend using the latest released version. For a list of active branches, see Branches.

    kubectl kustomize \
        "github.com/kubernetes-sigs/aws-efs-csi-driver/deploy/kubernetes/overlays/stable/ecr/?ref=release-1.X" > private-ecr-driver.yaml

    Note
    If you encounter an issue that you aren't able to resolve by adding IAM permissions, try the Manifest (public registry) steps instead.

  2. In the following command, replace region-code with the AWS Region that your cluster is in. Then run the modified command to replace us-west-2 in the file with your AWS Region.

    sed -i.bak -e 's|us-west-2|region-code|' private-ecr-driver.yaml
  3. Replace account in the following command with the account from Amazon container image registries for the AWS Region that your cluster is in and then run the modified command to replace 602401143452 in the file.

    sed -i.bak -e 's|602401143452|account|' private-ecr-driver.yaml
  4. If you already created a service account by following Create an IAM policy and role for Amazon EKS, then edit the private-ecr-driver.yaml file. Remove the following lines that create a Kubernetes service account.

    apiVersion: v1
    kind: ServiceAccount
    metadata:
      labels:
        app.kubernetes.io/name: aws-efs-csi-driver
      name: efs-csi-controller-sa
      namespace: kube-system
    ---
    
  5. Apply the manifest.

    kubectl apply -f private-ecr-driver.yaml

[ Manifest (public registry) ]

For some situations, you may not be able to add the necessary IAM permissions to pull from the private Amazon ECR registry. One example of this scenario is if your IAM principal isn't allowed to authenticate with someone else's account. When this is true, you can use the public Amazon ECR registry.

To install the driver using images stored in the public Amazon ECR registry

  1. Download the manifest. Replace release-X.X with your desired branch. We recommend using the latest released version. For a list of active branches, see Branches.

    kubectl kustomize \
        "github.com/kubernetes-sigs/aws-efs-csi-driver/deploy/kubernetes/overlays/stable/?ref=release-1.X" > public-ecr-driver.yaml
  2. If you already created a service account by following Create an IAM policy and role, then edit the private-ecr-driver.yaml file. Remove the following lines that create a Kubernetes service account.

    apiVersion: v1
    kind: ServiceAccount
    metadata:
      labels:
        app.kubernetes.io/name: aws-efs-csi-driver
      name: efs-csi-controller-sa
      namespace: kube-system
    ---
  3. Apply the manifest.

    kubectl apply -f public-ecr-driver.yaml

After deploying the driver, you can continue to these sections:

Container Arguments for efs-plugin of efs-csi-node daemonset

Parameters Values Default Optional Description
vol-metrics-opt-in false true Opt in to emit volume metrics.
vol-metrics-refresh-period 240 true Refresh period for volume metrics in minutes.
vol-metrics-fs-rate-limit 5 true Volume metrics routines rate limiter per file system.
tags true Space separated key:value pairs which will be added as tags for Amazon EFS resources. For example, '--tags=name:efs-tag-test date:Jan24'

Container Arguments for deployment(controller)

Parameters Values Default Optional Description
delete-access-point-root-dir false true Opt in to delete access point root directory by DeleteVolume. By default, DeleteVolume will delete the access point behind Persistent Volume and deleting access point will not delete the access point root directory or its contents.

Upgrading the Amazon EFS CSI Driver

Upgrade to the latest version:

If you want to update to latest released version:

kubectl apply -k "github.com/kubernetes-sigs/aws-efs-csi-driver/deploy/kubernetes/overlays/stable/?ref=release-1.5"

Upgrade to a specific version:

If you want to update to a specific version, first customize the driver yaml file locally:

kubectl kustomize "github.com/kubernetes-sigs/aws-efs-csi-driver/deploy/kubernetes/overlays/stable/?ref=release-1.5" > driver.yaml

Then, update all lines referencing image: amazon/aws-efs-csi-driver to the desired version (e.g., to image: amazon/aws-efs-csi-driver:v1.5.0) in the yaml file, and deploy driver yaml again:

kubectl apply -f driver.yaml

Examples

Before following the examples, you need to:

  • Get yourself familiar with how to setup Kubernetes on AWS and how to create Amazon EFS file system.
  • When creating an Amazon EFS file system, make sure it is accessible from the Kubernetes cluster. This can be achieved by creating the file system inside the same VPC as the Kubernetes cluster or using VPC peering.
  • Install Amazon EFS CSI driver following the Installation steps.

Example links

Using botocore to retrieve mount target ip address when dns name cannot be resolved

  • Amazon EFS CSI driver supports using botocore to retrieve mount target ip address when dns name cannot be resolved, e.g., when user is mounting a file system in another VPC, botocore comes preinstalled on efs-csi-driver which can solve this DNS issue.
  • IAM policy prerequisites to use this feature :
    Allow elasticfilesystem:DescribeMountTargets and ec2:DescribeAvailabilityZones actions in your policy attached to the Amazon EKS service account role, refer to example policy here.

Development

Requirements

  • Golang 1.13.4+

Dependency

Dependencies are managed through go module. To build the project, first turn on go mod using export GO111MODULE=on, to build the project run: make

Testing

To execute all unit tests, run: make test

Troubleshooting

To pull logs and troubleshoot the driver, see troubleshooting/README.md.

License

This library is licensed under the Apache 2.0 License.

More Repositories

1

kubespray

Deploy a Production Ready Kubernetes Cluster
Jinja
14,679
star
2

kind

Kubernetes IN Docker - local clusters for testing Kubernetes
Go
13,222
star
3

kustomize

Customization of kubernetes YAML configurations
Go
10,363
star
4

kubebuilder

Kubebuilder - SDK for building Kubernetes APIs using CRDs
Go
7,716
star
5

external-dns

Configure external DNS servers (AWS Route53, Google CloudDNS and others) for Kubernetes Ingresses and Services
Go
6,672
star
6

krew

πŸ“¦ Find and install kubectl plugins
Go
6,132
star
7

metrics-server

Scalable and efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines.
Go
4,761
star
8

aws-load-balancer-controller

A Kubernetes controller for Elastic Load Balancers
Go
3,921
star
9

descheduler

Descheduler for Kubernetes
Go
3,444
star
10

cluster-api

Home for Cluster API, a subproject of sig-cluster-lifecycle
Go
2,944
star
11

kui

A hybrid command-line/UI development experience for cloud-native development
TypeScript
2,746
star
12

nfs-subdir-external-provisioner

Dynamic sub-dir volume provisioner on a remote NFS server.
Shell
2,378
star
13

kwok

Kubernetes WithOut Kubelet - Simulates thousands of Nodes and Clusters.
Go
2,304
star
14

controller-runtime

Repo for the controller-runtime subproject of kubebuilder (sig-apimachinery)
Go
2,240
star
15

aws-iam-authenticator

A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster
Go
2,008
star
16

prometheus-adapter

An implementation of the custom.metrics.k8s.io API using Prometheus
Go
1,662
star
17

gateway-api

Repository for the next iteration of composite service (e.g. Ingress) and load balancing APIs.
Go
1,582
star
18

cri-tools

CLI and validation tools for Kubelet Container Runtime Interface (CRI) .
Go
1,333
star
19

secrets-store-csi-driver

Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.
Go
1,177
star
20

kueue

Kubernetes-native Job Queueing
Go
1,144
star
21

scheduler-plugins

Repository for out-of-tree scheduler plugins based on scheduler framework.
Go
1,015
star
22

sig-storage-local-static-provisioner

Static provisioner of local volumes
Go
1,009
star
23

aws-ebs-csi-driver

CSI driver for Amazon EBS https://aws.amazon.com/ebs/
Go
923
star
24

apiserver-builder-alpha

apiserver-builder-alpha implements libraries and tools to quickly and easily build Kubernetes apiservers/controllers to support custom resource types based on APIServer Aggregation
Go
787
star
25

etcdadm

Go
758
star
26

kube-scheduler-simulator

The simulator for the Kubernetes scheduler
Go
715
star
27

controller-tools

Tools to use with the controller-runtime libraries
Go
682
star
28

security-profiles-operator

The Kubernetes Security Profiles Operator
C
649
star
29

krew-index

Plugin index for https://github.com/kubernetes-sigs/krew. This repo is for plugin maintainers.
628
star
30

cluster-api-provider-aws

Kubernetes Cluster API Provider AWS provides consistent deployment and day 2 operations of "self-managed" and EKS Kubernetes clusters on AWS.
Go
618
star
31

node-feature-discovery

Node feature discovery for Kubernetes
Go
595
star
32

hierarchical-namespaces

Home of the Hierarchical Namespace Controller (HNC). Adds hierarchical policies and delegated creation to Kubernetes namespaces for improved in-cluster multitenancy.
Go
583
star
33

cluster-proportional-autoscaler

Kubernetes Cluster Proportional Autoscaler Container
Go
519
star
34

sig-storage-lib-external-provisioner

Go
515
star
35

alibaba-cloud-csi-driver

CSI Plugin for Kubernetes, Support Alibaba Cloud EBS/NAS/OSS/CPFS
Go
511
star
36

application

Application metadata descriptor CRD
Go
488
star
37

custom-metrics-apiserver

Framework for implementing custom metrics support for Kubernetes
Go
457
star
38

e2e-framework

A Go framework for end-to-end testing of components running in Kubernetes clusters.
Go
439
star
39

nfs-ganesha-server-and-external-provisioner

NFS Ganesha Server and Volume Provisioner.
Shell
399
star
40

cluster-capacity

Cluster capacity analysis
Go
390
star
41

karpenter

Karpenter is a Kubernetes Node Autoscaler built for flexibility, performance, and simplicity.
Go
356
star
42

cluster-api-provider-vsphere

Go
349
star
43

apiserver-network-proxy

Go
349
star
44

image-builder

Tools for building Kubernetes disk images
Shell
344
star
45

kubetest2

Kubetest2 is the framework for launching and running end-to-end tests on Kubernetes.
Go
323
star
46

ingress2gateway

Convert Ingress resources to Gateway API resources
Go
301
star
47

bom

A utility to generate SPDX-compliant Bill of Materials manifests
Go
300
star
48

cluster-api-provider-nested

Cluster API Provider for Nested Clusters
Go
294
star
49

vsphere-csi-driver

vSphere storage Container Storage Interface (CSI) plugin
Go
289
star
50

cluster-api-provider-azure

Cluster API implementation for Microsoft Azure
Go
283
star
51

blixt

Layer 4 Kubernetes load-balancer
Rust
268
star
52

cluster-api-provider-openstack

Go
266
star
53

kubebuilder-declarative-pattern

A toolkit for building declarative operators with kubebuilder
Go
248
star
54

kpng

Reworking kube-proxy's architecture
Go
240
star
55

cloud-provider-azure

Cloud provider for Azure
Go
222
star
56

aws-encryption-provider

APIServer encryption provider, backed by AWS KMS
Go
192
star
57

mcs-api

This repository hosts the Multi-Cluster Service APIs. Providers can import packages in this repo to ensure their multi-cluster service controller implementations will be compatible with MCS data planes.
Go
187
star
58

ip-masq-agent

Manage IP masquerade on nodes
Go
180
star
59

zeitgeist

Zeitgeist: the language-agnostic dependency checker
Go
171
star
60

contributor-playground

Dockerfile
171
star
61

cluster-api-provider-gcp

The GCP provider implementation for Cluster API
Go
168
star
62

cluster-addons

Addon operators for Kubernetes clusters.
Go
156
star
63

azurefile-csi-driver

Azure File CSI Driver
Go
155
star
64

gcp-compute-persistent-disk-csi-driver

The Google Compute Engine Persistent Disk (GCE PD) Container Storage Interface (CSI) Storage Plugin.
Go
151
star
65

cli-utils

This repo contains binaries that built from libraries in cli-runtime.
Go
147
star
66

azuredisk-csi-driver

Azure Disk CSI Driver
Go
145
star
67

promo-tools

Container and file artifact promotion tooling for the Kubernetes project
Go
138
star
68

cluster-api-operator

Home for Cluster API Operator, a subproject of sig-cluster-lifecycle
Go
134
star
69

kube-storage-version-migrator

Go
125
star
70

lws

LeaderWorkerSet: An API for deploying a group of pods as a unit of replication
Go
124
star
71

blob-csi-driver

Azure Blob Storage CSI driver
Go
123
star
72

aws-fsx-csi-driver

CSI Driver of Amazon FSx for Lustre https://aws.amazon.com/fsx/lustre/
Go
118
star
73

usage-metrics-collector

High fidelity and scalable capacity and usage metrics for Kubernetes clusters
Go
117
star
74

boskos

Boskos is a resource management service that provides reservation and lifecycle management of a variety of different kinds of resources.
Go
117
star
75

sig-windows-tools

Repository for tools and artifacts related to the sig-windows charter in Kubernetes. Scripts to assist kubeadm and wincat and flannel will be hosted here.
PowerShell
117
star
76

downloadkubernetes

Download kubernetes binaries more easily
Go
115
star
77

cluster-api-provider-digitalocean

The DigitalOcean provider implementation of the Cluster Management API
Go
108
star
78

cluster-api-provider-kubevirt

Cluster API Provider for KubeVirt
Go
103
star
79

kubectl-validate

Go
103
star
80

jobset

JobSet: An API for managing a group of Jobs as a unit
Go
97
star
81

cluster-api-provider-packet

Cluster API Provider Packet (now Equinix Metal)
Go
94
star
82

structured-merge-diff

Test cases and implementation for "server-side apply"
Go
92
star
83

slack-infra

Tooling for kubernetes.slack.com
Go
90
star
84

cluster-api-addon-provider-helm

Cluster API Add-on Provider for Helm is a extends the functionality of Cluster API by providing a solution for managing the installation, configuration, upgrade, and deletion of Cluster add-ons using Helm charts.
Go
85
star
85

dashboard-metrics-scraper

Container to scrape, store, and retrieve a window of time from the Metrics Server.
Go
84
star
86

apiserver-runtime

Libraries for implementing aggregated apiservers
Go
83
star
87

kube-scheduler-wasm-extension

All the things to make the scheduler extendable with wasm.
Go
83
star
88

container-object-storage-interface-controller

Container Object Storage Interface (COSI) controller responsible to manage lifecycle of COSI objects.
Go
83
star
89

cli-experimental

Experimental Kubectl libraries and commands.
Go
82
star
90

gcp-filestore-csi-driver

The Google Cloud Filestore Container Storage Interface (CSI) Plugin.
Go
82
star
91

lwkd

Last Week in Kubernetes Development
HTML
78
star
92

sig-windows-dev-tools

This is a batteries included local development environment for Kubernetes on Windows.
PowerShell
77
star
93

cloud-provider-kind

Cloud provider for KIND clusters
Go
75
star
94

kernel-module-management

The kernel module management operator builds, signs and loads kernel modules in Kubernetes clusters.
Go
75
star
95

cloud-provider-equinix-metal

Kubernetes Cloud Provider for Equinix Metal (formerly Packet Cloud Controller Manager)
Go
71
star
96

reference-docs

Tools to build reference documentation for Kubernetes APIs and CLIs.
HTML
69
star
97

hydrophone

Hydrophone is a lightweight Kubernetes conformance tests runner
Go
63
star
98

community-images

kubectl plugin that displays images running in a Kubernetes cluster that were pulled from community owned repositories and warn the user to switch repositories if needed
Go
61
star
99

wg-policy-prototypes

A place for policy work group related proposals and prototypes.
Go
60
star
100

cluster-api-ipam-provider-in-cluster

An IPAM provider for Cluster API that manages pools of IP addresses using Kubernetes resources.
Go
59
star