# Kubernetes operations and GitOps > Search results for `Kubernetes operations and GitOps` on awesome-repositories.com. 108 total matches; showing the first 50. Explore on the web: https://awesome-repositories.com/q/kubernetes-operations-and-gitops **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [this search on awesome-repositories.com](https://awesome-repositories.com/q/kubernetes-operations-and-gitops).** ## Results - [operator-framework/operator-sdk](https://awesome-repositories.com/repository/operator-framework-operator-sdk.md) (7,658 ⭐) — The Operator SDK is a framework for building, packaging, and managing custom controllers that extend the Kubernetes API. It serves as a toolset for defining new API types and implementing reconcile loops to automate the lifecycles of complex applications. The project provides specialized support for creating operators based on Helm charts or Ansible playbooks, allowing users to maintain a desired cluster state using existing automation tools. It includes a dedicated system for packaging controllers into standardized container image bundles for distribution via the Operator Lifecycle Manager. - [kubernetes/kops](https://awesome-repositories.com/repository/kubernetes-kops.md) (16,631 ⭐) — kops is a Kubernetes cluster provisioner and lifecycle manager designed to automate the creation, maintenance, and destruction of production-grade clusters on cloud infrastructure. It functions as a declarative infrastructure manager, synchronizing the live state of a cluster with versioned manifests stored in remote object storage to ensure idempotent operations. The project distinguishes itself by offering comprehensive automation for the entire cluster lifecycle, including high-availability control plane deployment, incremental rolling updates, and automated version upgrades. It also serve - [fosrl/pangolin](https://awesome-repositories.com/repository/fosrl-pangolin.md) (21,255 ⭐) — Pangolin is a zero-trust remote access platform designed to provide secure, identity-aware connectivity to private network resources. It functions as a cloud-native network controller that orchestrates encrypted tunnels, traffic routing, and access policies across distributed environments. By leveraging WireGuard for secure data transport, the platform enables authenticated access to internal web applications, terminal sessions, and remote desktops without exposing services to the public internet. The platform distinguishes itself through a declarative infrastructure model that synchronizes n - [kubernetes/kubernetes](https://awesome-repositories.com/repository/kubernetes-kubernetes.md) (123,197 ⭐) — Kubernetes is a distributed container orchestration platform that automates the deployment, scaling, and management of containerized applications across clusters of computing nodes. It functions as a declarative infrastructure controller, utilizing a control loop architecture that continuously monitors the current system state against user-defined configurations to ensure desired operational outcomes. The system relies on a centralized API-driven interface and a replicated key-value store to maintain a consistent source of truth for all cluster objects. The platform distinguishes itself throu - [crossplane/crossplane](https://awesome-repositories.com/repository/crossplane-crossplane.md) (11,791 ⭐) — Crossplane is a Kubernetes-based control plane framework that functions as a cloud resource orchestrator and infrastructure-as-code platform. It enables the management of heterogeneous infrastructure by extending the Kubernetes API to provision and maintain external cloud services through declarative configuration. By utilizing custom resource controllers, it continuously reconciles the state of external infrastructure with defined desired states, ensuring consistent deployment and lifecycle management across multiple cloud providers. The platform distinguishes itself through its composition- - [argoproj/argo-cd](https://awesome-repositories.com/repository/argoproj-argo-cd.md) (22,087 ⭐) — Argo CD is a declarative, GitOps-based continuous delivery tool designed for Kubernetes. It functions as a centralized control plane that synchronizes application states from version-controlled repositories directly into target clusters, ensuring that the live environment consistently matches the desired configuration defined in Git. The platform distinguishes itself through its ability to manage multi-cluster deployments from a single interface, providing unified oversight across distinct computing environments. It employs a controller-based reconciliation loop to continuously monitor for co - [cert-manager/cert-manager](https://awesome-repositories.com/repository/cert-manager-cert-manager.md) (13,578 ⭐) — This project is a Kubernetes controller that automates the issuance, renewal, and lifecycle management of TLS certificates. It functions as a native extension to the cluster API, using custom resource definitions and reconciliation loops to maintain the desired state of certificates and trust bundles across distributed services. By integrating directly with the cluster's admission control and secret storage systems, it ensures that cryptographic identities are consistently provisioned and available for application workloads. The project distinguishes itself through its extensive support for a - [redis/go-redis](https://awesome-repositories.com/repository/redis-go-redis.md) (22,159 ⭐) — This project is a feature-rich Go client library designed for interacting with Redis. It serves as a comprehensive interface for managing remote data stores, enabling developers to execute standard database commands, handle complex data structures, and perform asynchronous operations within Go applications. The library distinguishes itself through its support for advanced Redis capabilities, including connection pooling, pipelining, and transactional integrity. It provides specialized primitives for managing distributed clusters, including automated topology updates and request routing to sha - [kubernetes/autoscaler](https://awesome-repositories.com/repository/kubernetes-autoscaler.md) (8,771 ⭐) — The Kubernetes Cluster Autoscaler is a mechanism that automatically adjusts the number of nodes in a cluster to match the resource demands of pending pods. It functions as a cloud infrastructure scaler that manages the desired capacity of scaling groups to ensure sufficient compute resources for workloads. The system manages cloud infrastructure automation by adjusting node counts when resources are insufficient or nodes are underutilized. It includes a manager for scaling groups using mixed instance policies to balance on-demand and spot instances for cost and availability. The project also - [fyralabs/chisel-operator](https://awesome-repositories.com/repository/fyralabs-chisel-operator.md) (145 ⭐) — Kubernetes Operator for Chisel - [aquasecurity/trivy](https://awesome-repositories.com/repository/aquasecurity-trivy.md) (36,462 ⭐) — Trivy is a comprehensive security scanner designed to identify vulnerabilities and misconfigurations across container images, filesystems, and infrastructure as code files. It functions as a software composition analysis tool and an infrastructure security scanner, providing automated checks for CI/CD pipelines and cloud environments to ensure the integrity of the software supply chain. The tool distinguishes itself through a modular, plugin-based architecture that allows for the independent inspection of diverse targets. It utilizes a declarative policy engine to evaluate configurations agai - [victoriametrics/victoriametrics](https://awesome-repositories.com/repository/victoriametrics-victoriametrics.md) (16,343 ⭐) — VictoriaMetrics is a high-performance, scalable time series database and observability platform designed for long-term storage and analysis of metric, log, and trace data. It functions as a unified backend for monitoring ecosystems, offering full compatibility with industry-standard protocols and query languages. The system is built to handle massive data volumes through a distributed architecture that supports horizontal scaling and efficient data lifecycle management. The platform distinguishes itself through a storage engine that utilizes consistent hashing for data sharding and log-struct - [argoproj/argo-workflows](https://awesome-repositories.com/repository/argoproj-argo-workflows.md) (16,466 ⭐) — Argo Workflows is a container-native workflow engine that functions as a Kubernetes custom resource controller. It orchestrates complex sequences of containerized tasks by executing them as directed acyclic graphs, allowing for dependency management and parallel processing within a cluster. The system extends the native Kubernetes control plane to manage the full lifecycle of automated processes, from initial triggering to final resource cleanup. The platform distinguishes itself through its controller-pattern reconciliation, which continuously monitors workflow states to align them with desi - [galleybytes/terraform-operator](https://awesome-repositories.com/repository/galleybytes-terraform-operator.md) (381 ⭐) — A Kubernetes CRD to handle terraform operations - [stakater/reloader](https://awesome-repositories.com/repository/stakater-reloader.md) (10,157 ⭐) — Reloader is a Kubernetes custom controller designed to automate pod restarts and synchronize running workloads with external configuration stores. It functions as a configuration reloader that triggers rolling upgrades for pods whenever referenced ConfigMaps or Secrets are updated. The tool distinguishes itself by integrating with external secret managers, CSI drivers, and GitOps workflows to ensure workloads are restarted when secrets from external stores change. It utilizes targeted filtering via labels and annotations to control which resources or namespaces trigger restarts, and it can pa - [prometheus-operator/prometheus-operator](https://awesome-repositories.com/repository/prometheus-operator-prometheus-operator.md) (9,941 ⭐) — The Prometheus Operator is a Kubernetes monitoring orchestrator and controller that manages Prometheus clusters and observability components through declarative custom resources. It functions as a custom resource controller that translates high-level Kubernetes resource definitions into the configuration files required by the underlying monitoring software. The project automates the deployment, scaling, and lifecycle of an observability stack, including the integration of components like Thanos and Alertmanager. It distinguishes itself by syncing monitoring targets, alerting rules, and scrape - [tailscale/tailscale](https://awesome-repositories.com/repository/tailscale-tailscale.md) (32,596 ⭐) — Tailscale is a zero-trust networking overlay that connects distributed devices and services into a private, encrypted mesh network. By utilizing a high-performance, user-space implementation of the WireGuard protocol, it establishes secure peer-to-peer tunnels across diverse network topologies without requiring complex firewall configuration. The platform operates on a centralized control plane that manages global network state, authentication, and policy distribution, ensuring that connectivity is governed by identity rather than traditional IP-based rules. What distinguishes Tailscale is it - [cockroachdb/cockroach](https://awesome-repositories.com/repository/cockroachdb-cockroach.md) (32,207 ⭐) — Cockroach is a distributed SQL database designed to scale horizontally across multiple nodes while maintaining strict ACID compliance and global data consistency. It functions as a relational database engine that automatically partitions data into ranges, rebalancing them across a cluster to accommodate growing storage and throughput requirements. By utilizing a distributed consensus protocol, the system ensures that all nodes agree on the order of operations, providing fault tolerance and continuous availability even in the event of hardware failures. The system distinguishes itself through - [longhorn/longhorn](https://awesome-repositories.com/repository/longhorn-longhorn.md) (7,803 ⭐) — Longhorn is a distributed block storage system and orchestrator for Kubernetes. It provides persistent, replicated block storage volumes that survive pod restarts and node failures by maintaining synchronous copies of data across multiple cluster nodes. The system implements the Container Storage Interface (CSI) for dynamic volume provisioning and attachment. It is distinguished by its support for shared read-write access to a single block volume across multiple pods, as well as the ability to export volume snapshots to external S3 or NFS targets for off-cluster disaster recovery. The platfo - [traefik/traefik](https://awesome-repositories.com/repository/traefik-traefik.md) (63,644 ⭐) — Traefik is a cloud-native edge router and API gateway designed to manage service communication and traffic flow across distributed infrastructure. It functions as a dynamic service proxy that automatically discovers backend services and configures routing rules in real time, eliminating the need for manual restarts or complex configuration updates. By integrating directly with container orchestrators and service registries, it maintains a consistent state for network traffic, load balancing, and security policy enforcement. The project distinguishes itself through its deep integration with di - [zalando-incubator/es-operator](https://awesome-repositories.com/repository/zalando-incubator-es-operator.md) (352 ⭐) — Kubernetes Operator for Elasticsearch - [redis/redis](https://awesome-repositories.com/repository/redis-redis.md) (74,906 ⭐) — Redis is an in-memory, key-value database designed to provide sub-millisecond latency for read and write operations. It functions as a versatile data platform, serving as a distributed cache, a message broker, a NoSQL document store, and a vector database. The system utilizes an event-driven, single-threaded loop to process requests efficiently, while maintaining data durability through append-only persistence logs and asynchronous snapshotting mechanisms. What distinguishes Redis is its ability to handle complex data structures—including strings, hashes, lists, sets, and sorted sets—alongsid - [kubernetes-sigs/kubebuilder](https://awesome-repositories.com/repository/kubernetes-sigs-kubebuilder.md) (8,992 ⭐) — Kubebuilder is a framework and set of scaffolding tools used to build Kubernetes APIs and controllers. It functions as an operator framework that provides generators for custom resource definitions, admission webhooks, and RBAC manifests to extend cluster functionality. The project distinguishes itself through marker-based code generation, which parses source code comments to automatically produce Kubernetes manifests and boilerplate logic. It employs a hub-and-spoke versioning model to translate data between multiple API versions and uses a three-way merge strategy to automate project migrat - [kubeflow/mpi-operator](https://awesome-repositories.com/repository/kubeflow-mpi-operator.md) (528 ⭐) — The MPI Operator makes it easy to run allreduce-style distributed training on Kubernetes. Please check out this blog post for an introduction to MPI Operator and its industry adoption. - [kubernetes/examples](https://awesome-repositories.com/repository/kubernetes-examples.md) (6,651 ⭐) — Welcome to the official Kubernetes Examples repository! This curated collection, stewarded by SIG Apps, provides high-quality, educational examples for running a diverse range of applications and workloads on Kubernetes. - [actions/actions-runner-controller](https://awesome-repositories.com/repository/actions-actions-runner-controller.md) (6,320 ⭐) — Kubernetes controller for GitHub Actions self-hosted runners - [kubernetes/client-go](https://awesome-repositories.com/repository/kubernetes-client-go.md) (9,837 ⭐) — This project is a Go language library that provides a programmatic interface for interacting with the Kubernetes API server. It serves as a client for managing cluster resources, offering both typed interfaces for compile-time safety and dynamic interfaces for unstructured data and custom resource management. The library includes a controller framework designed for building event-driven automation. This framework utilizes informers to maintain local resource caches and rate-limited work queues to decouple event detection from state reconciliation. High availability is supported through a lead - [k0sproject/k0s](https://awesome-repositories.com/repository/k0sproject-k0s.md) (6,290 ⭐) — k0s is a Kubernetes distribution that packages all control plane and worker components into a single binary, enabling cluster deployment with no host dependencies beyond the Linux kernel. It supports a container-native runtime where controllers and workers run inside Docker containers using a single OCI image, and offers declarative YAML configuration for defining cluster topology, host roles, and SSH connection details. The distribution provides pre-built binaries for x86-64, ARM64, ARMv7, and RISC-V architectures, and uses cryptographically signed tokens for secure node enrollment. The proj - [aquasecurity/trivy-operator](https://awesome-repositories.com/repository/aquasecurity-trivy-operator.md) (1,890 ⭐) — Kubernetes-native security toolkit - [strangelove-ventures/cosmos-operator](https://awesome-repositories.com/repository/strangelove-ventures-cosmos-operator.md) (100 ⭐) — Cosmos Operator is a Kubernetes Operator primarily for blockchains built with the Cosmos SDK. It also supports Penumbra and other chains which use CometBFT for consensus. - [filipedeschamps/tabnews.com.br](https://awesome-repositories.com/repository/filipedeschamps-tabnews-com-br.md) (6,360 ⭐) — TabNews is a community content platform where technology professionals publish, discuss, and vote on programming and tech-related articles and posts. It combines a voting and reputation system with a custom virtual currency called Tabcoins, enabling users to earn tokens for quality contributions and spend them on content promotion or tipping other users. The platform provides a full set of interactive capabilities, including community content browsing and voting, post and comment publishing, and threaded comment trees for hierarchical discussions. Content is rendered from Markdown into format - [bitnami-labs/sealed-secrets](https://awesome-repositories.com/repository/bitnami-labs-sealed-secrets.md) (8,925 ⭐) — Sealed Secrets is a Kubernetes secret encryption tool and controller designed for GitOps security. It provides a mechanism to encrypt sensitive data into specialized resources that can be safely stored in public version control systems and decrypted only within a cluster. The system uses an asymmetric encryption manager to seal secrets with a public key, ensuring that only the corresponding private key held within the cluster can unseal them. It includes utilities for security key rotation, secret re-encryption, and offline private key recovery to maintain data access during disaster recovery - [linkerd/linkerd2](https://awesome-repositories.com/repository/linkerd-linkerd2.md) (11,424 ⭐) — This project is a service mesh platform designed to manage, secure, and observe service-to-service communication within Kubernetes clusters. It functions as a control plane that orchestrates transparent sidecar proxies, which intercept and manage network traffic to provide reliable connectivity for microservices. By automating the injection of these proxies, the platform ensures that infrastructure-level policies are applied consistently across all workloads without requiring manual configuration changes. The platform distinguishes itself through its focus on zero-trust security and cross-clu - [inlets/inlets-operator](https://awesome-repositories.com/repository/inlets-inlets-operator.md) (1,435 ⭐) — Get public TCP LoadBalancers for local Kubernetes clusters - [netbirdio/netbird](https://awesome-repositories.com/repository/netbirdio-netbird.md) (26,188 ⭐) — NetBird is a zero-trust networking platform that builds secure, encrypted peer-to-peer overlay networks using the WireGuard protocol. It functions as a software-defined perimeter, connecting distributed infrastructure across cloud environments and physical locations while hiding network resources from the public internet. By integrating with external identity providers, the platform enforces granular access control and identity-based segmentation for every user and device. The platform distinguishes itself through extensive automation and programmatic management capabilities. It provides a ce - [madhuakula/kubernetes-goat](https://awesome-repositories.com/repository/madhuakula-kubernetes-goat.md) (5,686 ⭐) — Kubernetes Goat ✨ The Kubernetes Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security 🚀 - [openfaas/faas](https://awesome-repositories.com/repository/openfaas-faas.md) (26,092 ⭐) — OpenFaaS is a serverless function platform that provides a container-native framework for deploying and managing event-driven code. It functions as an abstraction layer over container orchestrators, allowing developers to package code into scalable functions that run across Kubernetes clusters or edge computing environments. The platform distinguishes itself through a developer-centric runtime that utilizes standardized language templates and automated build pipelines to simplify the creation of container images. It features a central API gateway that manages request routing, authentication, - [dbz/zsh-kubernetes](https://awesome-repositories.com/repository/dbz-zsh-kubernetes.md) (126 ⭐) — Kubernetes Aliases and Bash Functions - [infisical/infisical](https://awesome-repositories.com/repository/infisical-infisical.md) (27,374 ⭐) — Infisical is a centralized secrets management platform designed to store, synchronize, and control access to sensitive credentials and configuration data across distributed development, staging, and production environments. It employs client-side encryption to ensure that secrets remain unreadable to the underlying storage infrastructure, while providing a hierarchical permission model to govern both user and machine access. The platform distinguishes itself through dynamic credential provisioning, which generates short-lived access tokens that are automatically revoked after use. It supports - [locustio/locust](https://awesome-repositories.com/repository/locustio-locust.md) (27,516 ⭐) — Locust is a distributed performance testing framework that allows users to define complex system stress scenarios using standard Python code. By modeling concurrent users as classes with weighted tasks and lifecycle hooks, it enables the simulation of realistic user behavior across large-scale environments. The tool functions as a scalable load generator capable of orchestrating traffic across multiple worker nodes to measure system stability and responsiveness under heavy, real-world conditions. The framework is distinguished by its protocol-agnostic architecture, which supports diverse comm - [fluxcd/flux](https://awesome-repositories.com/repository/fluxcd-flux.md) (6,861 ⭐) — Flux is a Kubernetes GitOps controller and deployment engine that synchronizes cluster state with configurations stored in a Git repository. It serves as a system for continuous delivery, utilizing a manifest generator to create configuration files from templates and a reconciliation loop to ensure the live environment matches the desired state defined in versioned repositories. The project distinguishes itself through a container image automator that scans registries and updates manifests based on semantic versioning or regular expressions. It incorporates secure configuration deployment via - [zufardhiyaulhaq/frp-operator](https://awesome-repositories.com/repository/zufardhiyaulhaq-frp-operator.md) (76 ⭐) — Expose your service in Kubernetes to the Internet with open source FRP! - [fluxcd/flux2](https://awesome-repositories.com/repository/fluxcd-flux2.md) (7,888 ⭐) — Flux is a Kubernetes GitOps delivery tool used to automate application deployments by synchronizing cluster state with configurations stored in Git, OCI, or Helm repositories. It functions as a set of controllers that monitor desired state in external sources and continuously reconcile the live cluster to match those definitions. The system distinguishes itself through a multi-cluster management plane that coordinates application delivery across fleets of remote clusters from a central hub. It provides a dedicated mechanism for automated image updates, which scans container registries for new - [feiskyer/kubernetes-handbook](https://awesome-repositories.com/repository/feiskyer-kubernetes-handbook.md) (5,537 ⭐) — Kubernetes Handbook (Kubernetes指南) https://kubernetes.feisky.xyz - [external-secrets/external-secrets](https://awesome-repositories.com/repository/external-secrets-external-secrets.md) (6,697 ⭐) — External Secrets Operator reads information from a third-party service like AWS Secrets Manager and automatically injects the values as Kubernetes Secrets. - [percona/everest-operator](https://awesome-repositories.com/repository/percona-everest-operator.md) (42 ⭐) — OpenEverest Operator - [khuedoan/homelab](https://awesome-repositories.com/repository/khuedoan-homelab.md) (9,109 ⭐) — This project is a GitOps infrastructure framework designed for managing bare metal servers, container clusters, and networking. It serves as a declarative system for orchestrating the deployment and lifecycle of self-hosted services, using Git as the source of truth to synchronize the desired state of the environment. The framework differentiates itself through a comprehensive automation suite that covers the entire hardware-to-service pipeline. It includes a PXE-based bare metal provisioner for network booting and operating system installation, alongside a lightweight container orchestration - [openshift/origin](https://awesome-repositories.com/repository/openshift-origin.md) (8,662 ⭐) — OpenShift Origin is a Kubernetes distribution platform that extends Kubernetes with integrated security, multi-tenancy, and application lifecycle management for enterprise container orchestration. It functions as a multi-tenant container orchestrator that enforces per-project security policies, resource quotas, and SELinux isolation for shared cluster environments. The platform includes a Source-to-Image builder that creates container images directly from application source code using Dockerfiles or buildpacks without external build servers, and an Operator Lifecycle Manager that installs and - [portainer/portainer](https://awesome-repositories.com/repository/portainer-portainer.md) (37,740 ⭐) — Portainer is a unified infrastructure management platform that provides a centralized control plane for deploying, monitoring, and managing containerized applications. It functions as an orchestration-abstraction layer, translating user actions into platform-specific API calls to maintain consistency across diverse container runtimes and cluster technologies. By organizing users, teams, and resources into a single interface, it enables granular role-based access control and lifecycle management for containerized services and stacks. The platform distinguishes itself through its support for di - [crunchydata/postgres-operator](https://awesome-repositories.com/repository/crunchydata-postgres-operator.md) (4,423 ⭐) — Production PostgreSQL for Kubernetes, from high availability Postgres clusters to full-scale database-as-a-service.