9 Repos
Reconciliation engines that monitor and maintain desired system states.
Distinguishing note: Focuses on the Kubernetes-style reconciliation pattern.
Explore 9 awesome GitHub repositories matching devops & infrastructure · Control Loops. Refine with filters or upvote what's useful.
Keycloak is an open-source identity and access management server that provides a centralized platform for user authentication, authorization, and identity federation. It functions as a standards-compliant identity provider, utilizing a centralized engine to validate credentials and issue cryptographically signed tokens based on industry-standard protocols like OpenID Connect and SAML. This enables organizations to secure diverse applications and services through a unified authentication layer. The platform distinguishes itself through its cloud-native orchestration and high-availability capab
Continuously monitors the desired state of the cluster to automate deployments and complex lifecycle management tasks.
This project is a Kubernetes controller that automates the issuance, renewal, and lifecycle management of TLS certificates. It functions as a native extension to the cluster API, using custom resource definitions and reconciliation loops to maintain the desired state of certificates and trust bundles across distributed services. By integrating directly with the cluster's admission control and secret storage systems, it ensures that cryptographic identities are consistently provisioned and available for application workloads. The project distinguishes itself through its extensive support for a
Maintains the desired state of certificates through continuous reconciliation loops within the cluster.
Velero is a backup and recovery tool for Kubernetes cluster resources and persistent volumes. It functions as a disaster recovery solution and a utility for migrating applications and their associated data between different clusters. The project enables the replication of production environments by cloning cluster resources into development or testing environments for validation and debugging. It provides capabilities for backing up system objects, restoring resources to a known good state, and transferring applications across environments to facilitate system transitions.
Implements a reconciliation engine to continuously monitor and maintain the desired state of cluster backups and restores.
The Prometheus Operator is a Kubernetes monitoring orchestrator and controller that manages Prometheus clusters and observability components through declarative custom resources. It functions as a custom resource controller that translates high-level Kubernetes resource definitions into the configuration files required by the underlying monitoring software. The project automates the deployment, scaling, and lifecycle of an observability stack, including the integration of components like Thanos and Alertmanager. It distinguishes itself by syncing monitoring targets, alerting rules, and scrape
Uses a continuous reconciliation loop to synchronize the current cluster state with desired Prometheus resource definitions.
ExternalDNS is a controller that automatically synchronizes Kubernetes resource states with external DNS providers. It monitors cluster resources such as services, ingresses, and gateway APIs to dynamically create and update DNS records, enabling automated service discovery and external traffic management. The project features a provider-agnostic interface that supports a wide array of cloud-managed vendors and on-premises providers, as well as an extension system for custom providers via webhooks and sidecars. It implements a reconciliation loop that uses resource annotations and custom reso
Implements a continuous reconciliation loop to synchronize cluster state with external DNS providers.
Sealed Secrets is a Kubernetes secret encryption tool and controller designed for GitOps security. It provides a mechanism to encrypt sensitive data into specialized resources that can be safely stored in public version control systems and decrypted only within a cluster. The system uses an asymmetric encryption manager to seal secrets with a public key, ensuring that only the corresponding private key held within the cluster can unseal them. It includes utilities for security key rotation, secret re-encryption, and offline private key recovery to maintain data access during disaster recovery
Utilizes a Kubernetes-style reconciliation loop to automatically synchronize encrypted resources into standard secrets.
The Operator SDK is a framework for building, packaging, and managing custom controllers that extend the Kubernetes API. It serves as a toolset for defining new API types and implementing reconcile loops to automate the lifecycles of complex applications. The project provides specialized support for creating operators based on Helm charts or Ansible playbooks, allowing users to maintain a desired cluster state using existing automation tools. It includes a dedicated system for packaging controllers into standardized container image bundles for distribution via the Operator Lifecycle Manager.
Implements the fundamental Kubernetes-style reconciliation pattern to maintain desired system states.
This is a Java client library for interacting with the Kubernetes API server. It provides a programmatic interface and a set of typed models to manage cluster resources, orchestrate state reconciliation, and administer pods and namespaces within a Kubernetes environment. The library enables the development of custom controllers by providing frameworks for implementing automated control loops that reconcile the actual state of resources with a desired target state. It supports the generation of strongly-typed Java classes from OpenAPI specifications and custom resource definitions to ensure ty
Provides a framework for implementing reconciliation loops that align actual resource state with a desired target state.
This project is a comprehensive educational curriculum designed to teach the fundamentals of container orchestration and infrastructure automation. It provides a structured learning path for mastering the lifecycle management of containerized applications, covering the core concepts of declarative resource definitions, control-loop-based reconciliation, and distributed cluster state management. The course distinguishes itself by focusing on practical, hands-on implementation of modern DevOps practices. It guides users through the integration of GitOps workflows for state synchronization, the
Implements control loops to continuously monitor and maintain the desired state of the cluster environment.