docker-tools
Practical Docker Tools
Kubernetes is hard–or is it? This repo is a collection of
multi-platform images and container resource definitions for managing
a software-dev organization using Kubernetes. These tools make it
easy. Contents:
Directory
Description
ansible
build your own cluster (Kubernetes or Swarm)
images
images which are published to Docker Hub
k8s
container resources in kubernetes yaml format
lib/build
build makefile and tools
services
non-clustered docker-compose services
ssl
PKI certificate tools (deprecated by k8s)
stacks
container resources in docker-compose format
Find images at docker hub/instantlinux.
Find a lot more details about the Kubernetes bare-metal installer in k8s/README.
Kubernetes capabilities
The cluster-deployment tools here include helm charts and ansible playbooks to spin up bare-metal or VM master/worker nodes, and a Makefile to add several additional features.
- Direct-attached SSD local storage pools
- Dashboard
-
Non-default namespace with its own service account (full permissions
within namespace, limited read-only in kube-system namespaces) - Keycloak for OpenID / OAuth2 user authentication / authorization
- Helm3
- Mozilla sops with encryption (to keep credentials in local git repo)
- Encryption for internal etcd
- MFA using Authelia and Google Authenticator
- Calico or flannel networking
- ingress-nginx
- Local-volume sync
- Pod security policies
- Automatic certificate issuing/renewal with Letsencrypt
- PostgreSQL-operator from CrunchyData
Resource definitions
Developer infrastructure
Service
Version
Notes
artifactory
**
binary repo
gitlab
**
CI server and git repo
admin-git
sync git repo across swarm
jira
**
ticket tracking
mariadb-galera
automatic cluster setup
nexus
**
binary repo with docker registry
python-builder
CI testing for python
python-wsgi
WSGI runtime for python flask apps
wordpress
**
Networking and support
Service
Version
Notes
authelia
**
single-signon multi-factor auth
cloud
**
nextcloud, private sync like Apple iCloud
data-sync
poor-man’s SAN for persistent storage
ez-ipupdate
Dynamic DNS client
haproxy-keepalived
load balancer
guacamole
**
authenticated remote-desktop server
logspout
**
central logging for Docker
mysqldump
per-database alternative to xtrabackup
nagios
Nagios Core v4 for monitoring
nagiosql
NagiosQL for configuring Nagios Core v4
openldap
OpenLDAP authentication server
restic
**
backups
rsyslogd
logger in a 13MB image
samba-dc
Active-Directory compatible domain controller
secondshot
rsnapshot-based backups
splunk
**
the free version
Service
Version
Notes
blacklist
a local rbldnsd for spam control
postfix
compact general-purpose image in 11MB
postfix-python
postfix with spam-control scripts
rainloop
**
webmail imapd-client server
spamassassin
spam control daemon
Entertainment
Service
Version
Notes
davite
party-invites manager like eVite
weewx
Weather station software (Davis VantagePro2 etc.)
wxcam-upload
Upload webcam images to Weather Underground
Credits
Thank you to the following contributors!
- Chad Hedstrom – personal site
- Sean Mollet
- Juan Manuel Carrillo Moreno – personal site
- nicxvan
- Frank Riley
- Devin Bayer
- Daniel Muller
Contents created 2017-20 under Apache 2.0 License by Rich Braun.