Zeropod is a Kubernetes runtime (more specifically a containerd shim) that automatically checkpoints containers to disk after a certain amount of time of the last TCP connection. While in scaled down state, it will listen on the same port the application inside the container was listening on and will restore the container on the first incoming connection. Depending on the memory size of the checkpointed program this happens in tens to a few hundred milliseconds, virtually unnoticable to the user. As all the memory contents are stored to disk during checkpointing, all state of the application is restored.

Manage AWS services using Kubernetes

A little helper that pushes Helm Charts and images to your registries, easily configured with a declarative spec.

Contrast runs confidential container deployments on Kubernetes at scale.

prom-analytics-proxy is a lightweight proxy application designed to sit between your Prometheus server and its clients. It provides valuable insights by collecting detailed analytics on PromQL queries, helping you understand query performance, resource usage, and overall system behavior. This can significantly improve observability for Prometheus users, providing actionable data to optimize query execution and infrastructure.

Cloudflare DDNS is a Go application designed to update DNS records on Cloudflare according to your current public IPv4 and/or IPv6 addresses. It reads configuration from a JSON file, retrieves the current IP addresses, and updates DNS records as needed.

Overcoming imperfections of managed Kubernetes with early self-healing.

Master Kubernetes networking with a comprehensive packet walk, and learn how Otterize helps build adaptive Network Policies.

In this article, I’ll share our surprisingly simple recovery process after our StatefulSets lost their PVCs (volumes were still available on our cloud provider) due to an accidental deletion.

How to use k8s admission controller for authorize externally

This project aims to provide a general-purpose, Kubernetes-native upgrade controller (for nodes). It introduces a new CRD, the Plan, for defining any and all of your upgrade policies/requirements. A Plan is an outstanding intent to mutate nodes in your cluster. For up-to-date details on defining a plan please review v1/types.go.

kraan helps you deploy and manage 'layers' on top of kubernetes. By applying layers on top of K8s clusters, you can build focused platforms on top of K8s e.g ML platforms, Data platform etc. Each layer is a collection of addons and can have dependencies established between the layers. i.e a "mgmt-layer" can depend on a "common-layer". Kraan will always ensure that the addons in the "common-layer" are deployed successfully before deploying the "mgmt-layer" addons. A layer is represented as a kubernetes custom resource and kraan is an operator that is deployed into the cluster and works constantly to reconcile the state of the layer custom resource.

kraan is powered by flux2 and builds on top of projects like source-controller and helm-controller.

Collection of Intel device plugins for Kubernetes

Operator which manages Kubernetes Secret Resources created from user defined SopsSecrets CRs, inspired by Bitnami SealedSecrets and sops.

As an open-source distributed storage, CubeFS can serve as your datacenter filesystem, data lake storage infra, and private or hybrid cloud storage. In particular, CubeFS enables the separation of storage/compute architecture for databases and AI/ML applications.