Skip to main content
  1. All Posts/

docker-tools

Tools Shell

Practical Docker Tools


Kubernetes is hard–or is it? This repo is a collection of
multi-platform images and container resource definitions for managing
a software-dev organization using Kubernetes. These tools make it
easy. Contents:

Directory
Description

ansible
build your own cluster (Kubernetes or Swarm)

images
images which are published to Docker Hub

k8s
container resources in kubernetes yaml format

lib/build
build makefile and tools

services
non-clustered docker-compose services

ssl
PKI certificate tools (deprecated by k8s)

stacks
container resources in docker-compose format

Find images at docker hub/instantlinux.
Find a lot more details about the Kubernetes bare-metal installer in k8s/README.

Kubernetes capabilities

The cluster-deployment tools here include helm charts and ansible playbooks to spin up bare-metal or VM master/worker nodes, and a Makefile to add several additional features.

  • Direct-attached SSD local storage pools
  • Dashboard
  • Non-default namespace with its own service account (full permissions
    within namespace, limited read-only in kube-system namespaces)
  • Keycloak for OpenID / OAuth2 user authentication / authorization
  • Helm3
  • Mozilla sops with encryption (to keep credentials in local git repo)
  • Encryption for internal etcd
  • MFA using Authelia and Google Authenticator
  • Calico or flannel networking
  • ingress-nginx
  • Local-volume sync
  • Pod security policies
  • Automatic certificate issuing/renewal with Letsencrypt
  • PostgreSQL-operator from CrunchyData

Resource definitions

Developer infrastructure

Service
Version
Notes

artifactory
**
binary repo

gitlab
**
CI server and git repo

admin-git

sync git repo across swarm

jira
**
ticket tracking

mariadb-galera

automatic cluster setup

nexus
**
binary repo with docker registry

python-builder

CI testing for python

python-wsgi

WSGI runtime for python flask apps

wordpress
**

Networking and support

Service
Version
Notes

authelia
**
single-signon multi-factor auth

cloud
**
nextcloud, private sync like Apple iCloud

data-sync

poor-man’s SAN for persistent storage

duplicati

backups

ez-ipupdate

Dynamic DNS client

haproxy-keepalived

load balancer

guacamole
**
authenticated remote-desktop server

logspout
**
central logging for Docker

mysqldump

per-database alternative to xtrabackup

nagios

Nagios Core v4 for monitoring

nagiosql

NagiosQL for configuring Nagios Core v4

nut-upsd

Network UPS Tools

openldap

OpenLDAP authentication server

restic
**
backups

rsyslogd

logger in a 13MB image

samba

file server

samba-dc

Active-Directory compatible domain controller

secondshot

rsnapshot-based backups

splunk
**
the free version

Email

Service
Version
Notes

blacklist

a local rbldnsd for spam control

dovecot

imapd server

postfix

compact general-purpose image in 11MB

postfix-python

postfix with spam-control scripts

rainloop
**
webmail imapd-client server

spamassassin

spam control daemon

Entertainment

Service
Version
Notes

davite

party-invites manager like eVite

mt-daapd

iTunes server

mythtv-backend

MythTV backend

weewx

Weather station software (Davis VantagePro2 etc.)

wxcam-upload

Upload webcam images to Weather Underground

Credits

Thank you to the following contributors!

  • Chad Hedstrom – personal site
  • Sean Mollet
  • Juan Manuel Carrillo Moreno – personal site
  • nicxvan
  • Frank Riley
  • Devin Bayer
  • Daniel Muller

Contents created 2017-20 under Apache 2.0 License by Rich Braun.