Kubernetes operator that helps you to set up the RBAC rules for your application. If requested, it scans the application's log files for authorization errors and adds them as exceptions/rights to the associated {Cluster}Role. It is like having a sudo command for your service accounts. However, with great power comes great responsibility. The goal of the tool is to find the minimum set of rights that is needed for your workload to run instead of using the cluster admin for everything.
k8gb is DNS based global service load balancer that can interconnect multiple Kubernetes clusters into one resilient system. Join this talk to learn how it can handle a failover scenario when pods in one cluster go down and second cluster in different location saves the situation.
k8gb is an open-source Kubernetes operator that is deployed in each participating cluster. It is comprised of CoreDNS, ExternalDNS and the k8gb controller itself. Using ExternalDNS it can create a zone delegation on a common cloud DNS server like Route53 or Infoblox so that the embedded CoreDNS servers work as an authoritative DNS. K8gb controller makes sure these CoreDNS servers are updated accordingly based on the readiness probes of the application.
In this sense this solution is unique, because it is using Kubernetes native tools with customisable probes and battle tested DNS protocol instead of HTTP pings or other similar approaches where single point of failure might be a problem. In k8gb architecture all k8s clusters are equal and there is no SPoF except the common edge DNS server.
If you have ever developed an operator pattern for Kubernetes, you have probably had to tweak your service account and assign it to a role. Setting up the RBAC correctly is not that hard, but it's not fun and it distracts you from the real problem the operator is about to solve. This often leads to assigning the cluster admin to the operator and neglecting the security altogether.
Log2rbac is a tool (yet another operator) that aims to solve this issue. It assists you with setting up your RBAC roles that are tailored for your application's needs. Come to see this talk and learn more.
In this talk Jiri Kremser and Mike McCune will show a library for implementing the operator pattern for Kubernetes in JVM languages. The library has been used to develop an operator for deploying and managing Apache Spark clusters in Kubernetes. The talk will also feature a live-coding demo in which you will see how easy it is to create a new operator from scratch on your own.
Have you ever wondered how to implement your own operator pattern for you service X in Kubernetes? You can learn this in this session and see an example of open-source project that does spawn Apache Spark clusters on Kubernetes and OpenShift following the pattern. You will leave this talk with a better understanding of how spark-on-k8s native scheduling mechanism can be leveraged and how you can wrap your own service into operator pattern not only in Go lang but also in Java. The pod with spark operator and optionally the spark clusters expose the metrics for Prometheus so it makes it easy for monitoring and alerting.