# Kubernetes Operator Development Frameworks > Search results for `Kubernetes operator framework for building custom controllers` on awesome-repositories.com. 106 total matches; showing the first 50. Explore on the web: https://awesome-repositories.com/q/kubernetes-operator-framework-for-building-custom-controllers **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [this search on awesome-repositories.com](https://awesome-repositories.com/q/kubernetes-operator-framework-for-building-custom-controllers).** ## Results - [operator-framework/operator-sdk](https://awesome-repositories.com/repository/operator-framework-operator-sdk.md) (7,658 ⭐) — The Operator SDK is a framework for building, packaging, and managing custom controllers that extend the Kubernetes API. It serves as a toolset for defining new API types and implementing reconcile loops to automate the lifecycles of complex applications. The project provides specialized support for creating operators based on Helm charts or Ansible playbooks, allowing users to maintain a desired cluster state using existing automation tools. It includes a dedicated system for packaging controllers into standardized container image bundles for distribution via the Operator Lifecycle Manager. The SDK covers a broad range of operational capabilities, including project scaffolding, RBAC manifest generation, and the implementation of admission webhooks for API validation. It also provides tools for multi-architecture builds, observability instrumentation, and automated testing through scorecard and integration frameworks. A command-line interface is provided to scaffold projects, manage operator deployments, and validate bundle compliance from a local environment. - [kubernetes/kubernetes](https://awesome-repositories.com/repository/kubernetes-kubernetes.md) (123,197 ⭐) — Kubernetes is a distributed container orchestration platform that automates the deployment, scaling, and management of containerized applications across clusters of computing nodes. It functions as a declarative infrastructure controller, utilizing a control loop architecture that continuously monitors the current system state against user-defined configurations to ensure desired operational outcomes. The system relies on a centralized API-driven interface and a replicated key-value store to maintain a consistent source of truth for all cluster objects. The platform distinguishes itself through a highly extensible design that allows users to define domain-specific objects using the same native API and control loop infrastructure. It employs a standardized abstraction layer for container runtimes, enabling modular execution engines, and utilizes a pluggable controller pattern that supports third-party integrations without requiring modifications to the core codebase. An algorithmic bin-packing engine further optimizes hardware utilization by dynamically matching workload requirements with available cluster capacity. Beyond core orchestration, the system provides comprehensive operational support for distributed environments, including automated lifecycle management, horizontal and vertical scaling, and self-healing mechanisms that maintain service availability. It encompasses integrated solutions for networking, persistent storage orchestration, and secure secret management. Diagnostic utilities for monitoring performance metrics, aggregating logs, and troubleshooting infrastructure-level issues are also included to support cluster health and reliability. - [actions/actions-runner-controller](https://awesome-repositories.com/repository/actions-actions-runner-controller.md) (6,320 ⭐) — Kubernetes controller for GitHub Actions self-hosted runners - [prometheus-operator/prometheus-operator](https://awesome-repositories.com/repository/prometheus-operator-prometheus-operator.md) (9,941 ⭐) — The Prometheus Operator is a Kubernetes monitoring orchestrator and controller that manages Prometheus clusters and observability components through declarative custom resources. It functions as a custom resource controller that translates high-level Kubernetes resource definitions into the configuration files required by the underlying monitoring software. The project automates the deployment, scaling, and lifecycle of an observability stack, including the integration of components like Thanos and Alertmanager. It distinguishes itself by syncing monitoring targets, alerting rules, and scrape configurations directly via the Kubernetes API to maintain a consistent desired state across the cluster. The system covers several capability areas, including automated target discovery via label queries, declarative alerting and recording rule management, and the configuration of remote storage endpoints. It also handles infrastructure state management, synthetic endpoint probing, and the synchronization of notification routing and receivers. Resource correctness is maintained through admission webhooks that validate configuration rules and resource schemes before they are persisted to the cluster. - [kubernetes-sigs/kubebuilder](https://awesome-repositories.com/repository/kubernetes-sigs-kubebuilder.md) (8,992 ⭐) — Kubebuilder is a framework and set of scaffolding tools used to build Kubernetes APIs and controllers. It functions as an operator framework that provides generators for custom resource definitions, admission webhooks, and RBAC manifests to extend cluster functionality. The project distinguishes itself through marker-based code generation, which parses source code comments to automatically produce Kubernetes manifests and boilerplate logic. It employs a hub-and-spoke versioning model to translate data between multiple API versions and uses a three-way merge strategy to automate project migrations and framework updates. Its broader capabilities cover the entire controller lifecycle, including the implementation of reconciliation loops to synchronize cluster state, the configuration of mutating and validating admission webhooks, and the generation of Helm charts for distribution. It also provides integrated monitoring through Prometheus metrics and Grafana dashboard scaffolding, as well as local control plane orchestration for integration testing. The framework includes a command-line interface for project bootstrapping, directory structure scaffolding, and the automated generation of API resource manifests. - [victoriametrics/victoriametrics](https://awesome-repositories.com/repository/victoriametrics-victoriametrics.md) (16,343 ⭐) — VictoriaMetrics is a high-performance, scalable time series database and observability platform designed for long-term storage and analysis of metric, log, and trace data. It functions as a unified backend for monitoring ecosystems, offering full compatibility with industry-standard protocols and query languages. The system is built to handle massive data volumes through a distributed architecture that supports horizontal scaling and efficient data lifecycle management. The platform distinguishes itself through a storage engine that utilizes consistent hashing for data sharding and log-structured merge trees to optimize write throughput and disk space. It provides robust multi-tenant isolation, allowing organizations to segment data and alerting configurations by account or project while maintaining secure, partitioned access. By offloading long-term data to object storage while retaining local caching, it balances cost-effective persistence with high-performance query execution. The system covers the entire observability lifecycle, including automated metric scraping, log aggregation, and distributed tracing. It features a sophisticated alerting and recording engine that supports dynamic rule evaluation and high-availability execution. Additionally, the project includes a Kubernetes operator that automates the deployment, configuration, and lifecycle management of monitoring components, ensuring consistent observability across containerized environments. VictoriaMetrics is distributed as a set of container-native services and can be managed via declarative resource definitions within Kubernetes clusters. - [rootsongjc/kubernetes-handbook](https://awesome-repositories.com/repository/rootsongjc-kubernetes-handbook.md) (11,584 ⭐) — This project is a comprehensive infrastructure guide and technical reference for designing and deploying cloud native and AI native environments using Kubernetes. It serves as a manual for managing container orchestration, pod lifecycles, and declarative state reconciliation to maintain scalable cluster workloads. The resource provides instructional material on building custom controllers and implementing operational logic via the operator pattern. It also functions as a framework for optimizing the delivery of large language models through specialized gateways and workload scheduling. The handbook covers a broad range of capabilities including cloud native network routing, multi-cluster workload orchestration, and the implementation of persistent storage. It further details cluster administration, security management through role-based access control, and the coordination of service mesh traffic. - [agones-dev/agones](https://awesome-repositories.com/repository/agones-dev-agones.md) (6,888 ⭐) — Agones is a Kubernetes game server orchestrator designed for hosting, scaling, and managing dedicated multiplayer game servers. It extends the Kubernetes control plane using custom resource definitions to define game server and fleet objects, utilizing a dedicated fleet manager to maintain pools of warm server instances. The system provides a game server SDK and language-specific client libraries that allow server processes to signal readiness, health, and shutdown states directly to the controller. It distinguishes itself through specialized scaling logic, including the use of WebAssembly modules and external webhooks to calculate replica counts and maintain ready server buffers. The platform covers a broad range of operational capabilities, including automated fleet scaling, session-aware deployment strategies, and precise port mapping for UDP traffic. It manages the full infrastructure lifecycle across multi-cloud environments, offering tools for regional allocation, latency-based routing, and integrated health monitoring via sidecar containers. The project supports deployment via infrastructure-as-code tools like Terraform and provides local development environments for simulating server lifecycles and debugging binaries. - [strimzi/strimzi-kafka-operator](https://awesome-repositories.com/repository/strimzi-strimzi-kafka-operator.md) (5,706 ⭐) — Strimzi is a Kubernetes operator that automates the deployment, management, and lifecycle of Apache Kafka clusters on Kubernetes or OpenShift. It uses custom resource definitions and declarative YAML configuration to define Kafka cluster topology, broker placement, and security settings, with operator-based controllers that reconcile the desired state with the actual cluster state. The operator handles rolling updates during cluster upgrades or configuration changes to maintain availability and data integrity, and supports rack-aware broker scheduling across Kubernetes nodes and availability zones for fault tolerance. It also includes an HTTP bridge that translates the Kafka binary protocol to HTTP requests and responses, enabling non-JVM applications to produce and consume messages without native Kafka client libraries. Strimzi provides tools for managing Kafka topics, users, connectors, and MirrorMaker through standard kubectl commands and custom resources. It secures Kafka communication with TLS, SCRAM-SHA, or OAuth authentication, automates TLS certificate generation and renewal, and verifies container image signatures using cosign before deployment to ensure supply chain integrity. - [zalando/postgres-operator](https://awesome-repositories.com/repository/zalando-postgres-operator.md) (5,093 ⭐) — This project is a PostgreSQL Kubernetes operator and database orchestrator designed to automate the deployment, scaling, and lifecycle management of high-availability database clusters. It functions as a controller that uses declarative manifests to provision and synchronize the state of database instances within a cluster. The system manages high availability through streaming replication and ensures constant availability during maintenance via rolling updates. It also serves as a backup and recovery manager, handling point-in-time recovery, logical backups, and cluster cloning using cloud storage providers. Additional capabilities include managing storage volume resizing without process restarts and optimizing database connections through the integration of connection poolers. The operator also covers security and extensibility by managing TLS certificates for encrypted communication and deploying sidecar containers for monitoring and performance tuning. - [argoproj/argo-cd](https://awesome-repositories.com/repository/argoproj-argo-cd.md) (22,087 ⭐) — Argo CD is a declarative, GitOps-based continuous delivery tool designed for Kubernetes. It functions as a centralized control plane that synchronizes application states from version-controlled repositories directly into target clusters, ensuring that the live environment consistently matches the desired configuration defined in Git. The platform distinguishes itself through its ability to manage multi-cluster deployments from a single interface, providing unified oversight across distinct computing environments. It employs a controller-based reconciliation loop to continuously monitor for configuration drift, automatically remediating discrepancies to maintain the integrity of the infrastructure. Furthermore, it supports complex lifecycle orchestration, allowing for the execution of custom logic during deployment phases to facilitate advanced release strategies such as blue-green or canary upgrades. Beyond core delivery, the project provides comprehensive observability into deployment health and maintains an event-driven audit log of all infrastructure modifications. It includes an integrated security layer that enforces granular access control by syncing with external identity providers, enabling centralized management of user permissions across the entire deployment infrastructure. - [graniet/operative-framework](https://awesome-repositories.com/repository/graniet-operative-framework.md) (744 ⭐) — operative framework is a rust investigation OSINT framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules. - [argoproj/argo-workflows](https://awesome-repositories.com/repository/argoproj-argo-workflows.md) (16,466 ⭐) — Argo Workflows is a container-native workflow engine that functions as a Kubernetes custom resource controller. It orchestrates complex sequences of containerized tasks by executing them as directed acyclic graphs, allowing for dependency management and parallel processing within a cluster. The system extends the native Kubernetes control plane to manage the full lifecycle of automated processes, from initial triggering to final resource cleanup. The platform distinguishes itself through its controller-pattern reconciliation, which continuously monitors workflow states to align them with desired configurations. It supports event-driven execution, enabling workflows to trigger based on external signals or time-based schedules. Users can define reusable operational patterns through a centralized template management system, ensuring consistency across distributed environments. The engine provides a comprehensive suite of tools for managing multi-step pipelines, including sidecar-based artifact management for data transfer between steps and external storage providers. It includes built-in administrative interfaces for visualizing execution progress, monitoring performance metrics, and enforcing security through standard authentication and authorization protocols. The system is designed to handle diverse operational requirements, ranging from automated batch processing and data engineering to infrastructure maintenance and software delivery pipelines. - [fyralabs/chisel-operator](https://awesome-repositories.com/repository/fyralabs-chisel-operator.md) (145 ⭐) — Kubernetes Operator for Chisel - [cockroachdb/cockroach](https://awesome-repositories.com/repository/cockroachdb-cockroach.md) (32,207 ⭐) — Cockroach is a distributed SQL database designed to scale horizontally across multiple nodes while maintaining strict ACID compliance and global data consistency. It functions as a relational database engine that automatically partitions data into ranges, rebalancing them across a cluster to accommodate growing storage and throughput requirements. By utilizing a distributed consensus protocol, the system ensures that all nodes agree on the order of operations, providing fault tolerance and continuous availability even in the event of hardware failures. The system distinguishes itself through a layered architecture that separates the relational SQL abstraction from a distributed key-value store. It achieves global consistency without requiring perfectly synchronized hardware clocks by employing a hybrid logical clock synchronization mechanism. To support high-concurrency environments, it utilizes multi-version concurrency control and lock-free transaction execution, which allow for consistent snapshots and efficient conflict resolution. Furthermore, the engine is built for compatibility, implementing the standard wire protocol to support existing relational database drivers and tools. Beyond its core transactional capabilities, the platform includes comprehensive tooling for cluster orchestration, security, and performance diagnostics. It supports a variety of deployment models, ranging from self-hosted on-premises configurations to fully managed cloud services. The system provides a command-line interface for session management and query execution, ensuring that administrators can monitor cluster health and manage workloads through standard relational interfaces. - [bitnami-labs/sealed-secrets](https://awesome-repositories.com/repository/bitnami-labs-sealed-secrets.md) (8,925 ⭐) — Sealed Secrets is a Kubernetes secret encryption tool and controller designed for GitOps security. It provides a mechanism to encrypt sensitive data into specialized resources that can be safely stored in public version control systems and decrypted only within a cluster. The system uses an asymmetric encryption manager to seal secrets with a public key, ensuring that only the corresponding private key held within the cluster can unseal them. It includes utilities for security key rotation, secret re-encryption, and offline private key recovery to maintain data access during disaster recovery scenarios. The controller manages the automated transformation of encrypted resources into standard Kubernetes secrets. It supports decryption scope control based on resource names and namespaces, as well as encrypted secret validation to verify resources without performing an actual unsealing process. - [tailscale/tailscale](https://awesome-repositories.com/repository/tailscale-tailscale.md) (32,596 ⭐) — Tailscale is a zero-trust networking overlay that connects distributed devices and services into a private, encrypted mesh network. By utilizing a high-performance, user-space implementation of the WireGuard protocol, it establishes secure peer-to-peer tunnels across diverse network topologies without requiring complex firewall configuration. The platform operates on a centralized control plane that manages global network state, authentication, and policy distribution, ensuring that connectivity is governed by identity rather than traditional IP-based rules. What distinguishes Tailscale is its deep integration with existing identity providers, which allows organizations to bind network access to verified user accounts and device posture. It enforces granular security through declarative access control lists and microsegmentation, enabling administrators to define precise permissions for users and services. Beyond standard connectivity, the platform includes a secure AI gateway that proxies and audits language model requests, providing centralized control over API usage, spending limits, and security guardrails. The project offers a comprehensive suite of administrative and developer tools, including infrastructure-as-code support, automated node registration, and identity-based SSH access that eliminates the need for manual key management. It also provides flexible traffic management capabilities, such as exit nodes for egress control, subnet routers for bridging isolated network segments, and public-facing service exposure through encrypted tunnels. The software is distributed as an open-source command-line daemon, supporting a wide range of operating systems and containerized environments to facilitate automated infrastructure deployment. - [cert-manager/cert-manager](https://awesome-repositories.com/repository/cert-manager-cert-manager.md) (13,578 ⭐) — This project is a Kubernetes controller that automates the issuance, renewal, and lifecycle management of TLS certificates. It functions as a native extension to the cluster API, using custom resource definitions and reconciliation loops to maintain the desired state of certificates and trust bundles across distributed services. By integrating directly with the cluster's admission control and secret storage systems, it ensures that cryptographic identities are consistently provisioned and available for application workloads. The project distinguishes itself through its extensive support for automated domain validation and multi-provider integration. It orchestrates complex challenge processes—including those for private or split-horizon networks—to prove domain ownership without manual intervention. Beyond standard certificate management, it provides granular policy enforcement, allowing administrators to restrict issuance permissions, delegate certificate requests to specific service accounts, and enforce security requirements through custom metadata and issuer configurations. The platform covers a broad capability surface for securing network traffic and service communication. It supports diverse issuance workflows, ranging from public certificate authorities and ACME-based automation to private internal PKI infrastructures. The system also includes robust observability tools, such as operational metrics and status inspection, alongside administrative features for managing resource configurations, performing API migrations, and scaling controller components for high-availability environments. Installation and management are facilitated through standard cluster deployment workflows, with comprehensive command-line tools available for troubleshooting, configuration export, and lifecycle verification. - [infisical/infisical](https://awesome-repositories.com/repository/infisical-infisical.md) (27,374 ⭐) — Infisical is a centralized secrets management platform designed to store, synchronize, and control access to sensitive credentials and configuration data across distributed development, staging, and production environments. It employs client-side encryption to ensure that secrets remain unreadable to the underlying storage infrastructure, while providing a hierarchical permission model to govern both user and machine access. The platform distinguishes itself through dynamic credential provisioning, which generates short-lived access tokens that are automatically revoked after use. It supports complex security workflows by integrating with external identity providers for federated authentication and offering a reverse tunneling gateway that allows secure access to private network resources without exposing inbound ports. Additionally, the system includes an event-driven audit engine that maintains an immutable record of all configuration changes and access requests to support compliance requirements. Beyond core secret storage, the platform provides comprehensive orchestration capabilities, including automated secret injection into containerized environments and infrastructure pipelines. It also features integrated public key infrastructure management for the lifecycle of digital certificates and automated scanning to detect hardcoded secrets in source code and CI pipelines. The platform supports flexible deployment models, allowing teams to either utilize managed cloud services or self-host the infrastructure within their own private networks. It provides a broad ecosystem of SDKs and a command-line interface to facilitate integration across various programming languages and deployment workflows. - [zalando-incubator/es-operator](https://awesome-repositories.com/repository/zalando-incubator-es-operator.md) (352 ⭐) — Kubernetes Operator for Elasticsearch - [crossplane/crossplane](https://awesome-repositories.com/repository/crossplane-crossplane.md) (11,791 ⭐) — Crossplane is a Kubernetes-based control plane framework that functions as a cloud resource orchestrator and infrastructure-as-code platform. It enables the management of heterogeneous infrastructure by extending the Kubernetes API to provision and maintain external cloud services through declarative configuration. By utilizing custom resource controllers, it continuously reconciles the state of external infrastructure with defined desired states, ensuring consistent deployment and lifecycle management across multiple cloud providers. The platform distinguishes itself through its composition-based architecture, which allows users to aggregate multiple managed resources into unified, abstract infrastructure APIs. This approach leverages container-native package distribution to bundle infrastructure definitions and logic, enabling versioned deployment via standard registries. Furthermore, it supports external function orchestration, allowing for complex transformations and custom logic to be executed during the resource composition lifecycle, rather than relying solely on static templates. Beyond core orchestration, the project provides a comprehensive suite of operational capabilities, including GitOps workflow integration, automated resource lifecycle management, and granular security controls. It includes diagnostic and observability frameworks for auditing infrastructure changes, monitoring resource health, and troubleshooting reconciliation performance. The system also manages sensitive connection details by aggregating and propagating credentials from managed resources to consuming applications. The project is distributed as a set of containerized packages and includes a command-line interface for local development, validation, and debugging of infrastructure configurations. - [galleybytes/terraform-operator](https://awesome-repositories.com/repository/galleybytes-terraform-operator.md) (381 ⭐) — A Kubernetes CRD to handle terraform operations - [kubernetes/client-go](https://awesome-repositories.com/repository/kubernetes-client-go.md) (9,837 ⭐) — This project is a Go language library that provides a programmatic interface for interacting with the Kubernetes API server. It serves as a client for managing cluster resources, offering both typed interfaces for compile-time safety and dynamic interfaces for unstructured data and custom resource management. The library includes a controller framework designed for building event-driven automation. This framework utilizes informers to maintain local resource caches and rate-limited work queues to decouple event detection from state reconciliation. High availability is supported through a leader election tool that uses shared lease objects to ensure single-writer exclusivity. Beyond core API interaction, the project covers secure authentication via internal service tokens and pluggable external credential providers. It also provides utilities for server-side apply functionality, API capability discovery, and tools for mocking API responses during testing. - [kubernetes/kube-state-metrics](https://awesome-repositories.com/repository/kubernetes-kube-state-metrics.md) (6,141 ⭐) — kube-state-metrics is a Kubernetes metrics exporter that generates Prometheus-compatible metrics from the current state of cluster objects such as pods, deployments, and nodes. It operates by watching the Kubernetes API server and transforming resource snapshots into metric families, which are then exposed over an HTTP endpoint in the Prometheus text-based exposition format for direct scraping. The project distinguishes itself through horizontal scaling capabilities, distributing metric collection across multiple instances using object UID hashing to reduce per-instance memory consumption. It also supports per-node sharding for pod metrics using field selectors, and includes self-monitoring metrics for operational observability, along with health check endpoints for Kubernetes startup, liveness, and readiness probes. The tool provides capabilities for filtering metrics by resource type, querying object state through labels and annotations, and restricting access to specific namespaces. It also includes label-name conflict resolution for Prometheus compatibility and supports configuration of admission webhooks for request filtering and mutation. - [wix/react-native-custom-segmented-control](https://awesome-repositories.com/repository/wix-react-native-custom-segmented-control.md) (166 ⭐) — Custom version of the IOS SegmentedControl component - [0xcert/framework](https://awesome-repositories.com/repository/0xcert-framework.md) (340 ⭐) — 0xcert Framework - JavaScript framework for building decentralized applications - build something unique - [prometheus-operator/kube-prometheus](https://awesome-repositories.com/repository/prometheus-operator-kube-prometheus.md) (7,682 ⭐) — kube-prometheus is a monitoring stack deployment and orchestration framework. It uses an operator pattern to automate the installation and lifecycle management of Prometheus and Alertmanager via custom resource definitions. The project focuses on scaling data collection through hash-based target sharding and topology-aware distribution to reduce cross-zone traffic. It implements a sidecar-based configuration reloading mechanism and utilizes consistent hashing to distribute scrape targets across multiple instances. The system covers broad observability capabilities including metric data collection, distributed alerting rule evaluation, and alert notification routing. It manages data persistence through dynamic storage provisioning and ensures long-term data availability via object storage backups and remote write configurations. The implementation is primarily written in Jsonnet. - [longhorn/longhorn](https://awesome-repositories.com/repository/longhorn-longhorn.md) (7,803 ⭐) — Longhorn is a distributed block storage system and orchestrator for Kubernetes. It provides persistent, replicated block storage volumes that survive pod restarts and node failures by maintaining synchronous copies of data across multiple cluster nodes. The system implements the Container Storage Interface (CSI) for dynamic volume provisioning and attachment. It is distinguished by its support for shared read-write access to a single block volume across multiple pods, as well as the ability to export volume snapshots to external S3 or NFS targets for off-cluster disaster recovery. The platform covers a broad set of storage management capabilities, including point-in-time snapshotting, instant volume cloning, and automated backup scheduling. It includes tools for node-level disk pooling, volume group management, and health monitoring of capacity and performance through a dedicated dashboard. Deployment and management are handled through a Kubernetes-native control plane using custom resource definitions or via a curated application marketplace. - [openfaas/faas](https://awesome-repositories.com/repository/openfaas-faas.md) (26,092 ⭐) — OpenFaaS is a serverless function platform that provides a container-native framework for deploying and managing event-driven code. It functions as an abstraction layer over container orchestrators, allowing developers to package code into scalable functions that run across Kubernetes clusters or edge computing environments. The platform distinguishes itself through a developer-centric runtime that utilizes standardized language templates and automated build pipelines to simplify the creation of container images. It features a central API gateway that manages request routing, authentication, and metrics, while a sidecar-based watchdog process handles the translation of HTTP requests into standard input and output for function code. To support complex workflows, the system includes an asynchronous queue-based execution layer that buffers requests for long-running tasks and provides reliable retries. The project covers a broad capability surface, including event-driven integration through connectors for various message queues and external sources, as well as comprehensive tooling for CLI-based management, secret handling, and CI/CD pipeline integration. It also supports advanced operational requirements such as autoscaling, fine-grained monitoring, and identity management through various single sign-on providers. The platform is designed for deployment on Kubernetes, including managed services and local environments, and provides extensive documentation and tutorials to guide users through the installation and development lifecycle. - [insin/control-panel-for-twitter](https://awesome-repositories.com/repository/insin-control-panel-for-twitter.md) (2,540 ⭐) — Browser extension which gives you more control over your Twitter timeline and adds missing features and UI improvements - for desktop and mobile - [redis/redis](https://awesome-repositories.com/repository/redis-redis.md) (74,906 ⭐) — Redis is an in-memory, key-value database designed to provide sub-millisecond latency for read and write operations. It functions as a versatile data platform, serving as a distributed cache, a message broker, a NoSQL document store, and a vector database. The system utilizes an event-driven, single-threaded loop to process requests efficiently, while maintaining data durability through append-only persistence logs and asynchronous snapshotting mechanisms. What distinguishes Redis is its ability to handle complex data structures—including strings, hashes, lists, sets, and sorted sets—alongside hierarchical JSON documents and high-dimensional vector embeddings. It supports advanced operational patterns such as active-active database deployment for global distribution, real-time data streaming, and probabilistic statistics for large-scale data analysis. These capabilities are complemented by a pluggable indexing engine that enables semantic similarity matching and full-text retrieval. The platform offers a comprehensive ecosystem for managing distributed state, including master-replica replication, automated cluster management, and granular security controls like access control lists and TLS encryption. Developers can interact with the database through language-specific client libraries that support connection multiplexing and object mapping, or via a command-line interface for direct administrative tasks and scripting. Redis is deployed through standard package managers and supports both self-managed clusters and managed cloud instances. Observability is provided through integrated tools for performance analysis, slow log monitoring, and bulk data management. - [nats-io/nats-server](https://awesome-repositories.com/repository/nats-io-nats-server.md) (20,076 ⭐) — NATS Server is a high-performance, lightweight messaging system designed for cloud-native applications, edge computing, and distributed microservices. It functions as a distributed publish-subscribe broker that routes messages using hierarchical, dot-separated subject strings, enabling decoupled communication between services without requiring centralized broker lookups. The system supports core messaging patterns including asynchronous publish-subscribe, request-reply, and load-balanced queue processing. The platform distinguishes itself through a decentralized architecture that eliminates the need for centralized user databases or complex service discovery. It utilizes cryptographically signed JSON Web Tokens for identity and permission management, and maintains a self-healing mesh network through gossip-based cluster discovery. For isolated or edge environments, the server supports leaf-node proxying, which tunnels traffic through persistent connections to bridge local and remote namespaces. Beyond basic messaging, the system provides a robust capability surface for distributed state and data management. This includes log-structured stream persistence for reliable message replay and durable delivery, as well as an integrated, atomic key-value store for managing configuration and state across services. The architecture enforces multi-tenant isolation by segregating traffic into independent accounts, each with granular access control policies that govern cross-account data sharing and service interaction. The server is designed for flexible deployment, ranging from single-process instances embedded within applications to globally distributed superclusters spanning multiple cloud providers. It provides comprehensive observability through real-time metrics, event tracing, and integration with standard monitoring tools. - [kubeflow/mpi-operator](https://awesome-repositories.com/repository/kubeflow-mpi-operator.md) (0 ⭐) — The MPI Operator makes it easy to run allreduce-style distributed training on Kubernetes. Please check out this blog post for an introduction to MPI Operator and its industry adoption. - [netbirdio/netbird](https://awesome-repositories.com/repository/netbirdio-netbird.md) (26,188 ⭐) — NetBird is a zero-trust networking platform that builds secure, encrypted peer-to-peer overlay networks using the WireGuard protocol. It functions as a software-defined perimeter, connecting distributed infrastructure across cloud environments and physical locations while hiding network resources from the public internet. By integrating with external identity providers, the platform enforces granular access control and identity-based segmentation for every user and device. The platform distinguishes itself through extensive automation and programmatic management capabilities. It provides a centralized control plane for orchestrating network resources, automating device enrollment, and managing peer lifecycles at scale. Administrators can define complex routing policies, manage internal DNS resolution, and expose services securely without manual firewall modifications. The system also supports advanced security postures, including post-quantum cryptography, compliance-based access enforcement, and integration with endpoint security platforms to isolate non-compliant devices. Beyond core connectivity, the project offers a comprehensive suite of tools for infrastructure management, including support for hybrid cloud bridging, Kubernetes cluster integration, and multi-tenant administrative scoping. It provides deep observability through traffic event streaming, network topology visualization, and diagnostic utilities. The software is designed for flexible deployment, offering headless agents for servers, containerized sidecars for orchestration environments, and support for mobile and desktop operating systems. - [stakater/reloader](https://awesome-repositories.com/repository/stakater-reloader.md) (10,157 ⭐) — Reloader is a Kubernetes custom controller designed to automate pod restarts and synchronize running workloads with external configuration stores. It functions as a configuration reloader that triggers rolling upgrades for pods whenever referenced ConfigMaps or Secrets are updated. The tool distinguishes itself by integrating with external secret managers, CSI drivers, and GitOps workflows to ensure workloads are restarted when secrets from external stores change. It utilizes targeted filtering via labels and annotations to control which resources or namespaces trigger restarts, and it can pause deployment updates to prevent frequent restart loops. The project covers broad capability areas including configuration change monitoring, workload orchestration for Deployments and StatefulSets, and an alert system that sends notifications to external endpoints via webhooks. Installation and management of the controller are supported via Helm charts. - [armbian/build](https://awesome-repositories.com/repository/armbian-build.md) (5,110 ⭐) — This repository is the Armbian build framework — an embedded Linux build system for generating custom operating system images tailored to single-board computers, primarily targeting ARM and RISC-V architectures. The build process is orchestrated by GNU Makefiles and relies on a chroot-based environment to assemble the root filesystem, manage cross-compilation toolchains, and aggregate binary firmware blobs for hardware compatibility. Kernel and bootloader source trees are fetched via git, with structured patches applied in a controlled sequence, while each supported board is described by a dedicated configuration directory specifying device trees, kernel config fragments, and bootloader parameters. The framework supports multiple build methods — native compilation, cross-compilation, and containerized builds — enabling reproducible OS images from a single host system. Users can select specific kernel versions, device trees, firmware packages, and system optimizations to produce hardware-tuned images that are resource-efficient for low-memory devices. A containerized build pipeline provides isolated, reproducible environments, and the project also includes a dedicated kernel and bootloader builder that compiles and packages these components for each target board. All board-specific and user-customizable settings are processed through modular shell scripts that source configuration files and define build variables, offering fine-grained control over the final image. The repository includes documentation and example configurations to guide users through the build process from cloning the source to producing a bootable SD card image. - [rustfs/rustfs](https://awesome-repositories.com/repository/rustfs-rustfs.md) (28,850 ⭐) — Rustfs is a distributed object storage system designed for high availability and horizontal scalability. It functions as a cluster-based platform that manages data across multiple nodes, providing a self-hosted infrastructure for large-scale storage requirements. The system is built to be container-native, utilizing an operator to automate deployment and management within orchestrated environments. It provides compatibility with standard object storage protocols, allowing existing applications and tools to interact with the storage layer through a translation interface. To ensure long-term reliability, the platform employs erasure-coded redundancy and automated background scrubbing to detect and repair silent data corruption. The architecture supports extensibility through a modular plugin system, enabling custom logic to be integrated into the request pipeline. Security and compliance are prioritized through support for external identity providers, transport layer encryption, and strict data sovereignty controls that operate without external telemetry. - [scikit-build/scikit-build](https://awesome-repositories.com/repository/scikit-build-scikit-build.md) (534 ⭐) — Improved build system generator for CPython C, C++, Cython and Fortran extensions - [microsoft/onnxruntime](https://awesome-repositories.com/repository/microsoft-onnxruntime.md) (19,347 ⭐) — This project is a cross-platform machine learning inference engine designed to execute pre-trained models across diverse operating systems and hardware environments. It functions as a standardized execution framework that manages the entire lifecycle of model inference, from loading and graph optimization to hardware-accelerated execution and generative sequence management. The runtime distinguishes itself through a highly modular architecture that decouples model logic from hardware-specific kernels. By utilizing an execution provider abstraction, it enables developers to offload computations to specialized hardware such as GPUs, NPUs, and dedicated chipsets. It also provides a comprehensive toolkit for model optimization, including quantization, precision conversion, and graph-level transformations, which allow for significant reductions in binary size and latency for both edge and cloud deployments. Beyond core inference, the project includes extensive support for generative AI, offering built-in capabilities for tokenization, chat template formatting, and streaming output generation. It supports complex model architectures through custom operator registration and modular adapter management, ensuring that developers can integrate specialized mathematical operations or fine-tuned model weights into their pipelines. The software is built primarily in C++ and provides language-specific bindings to facilitate integration into various programming environments. It includes robust diagnostic and profiling tools that allow for granular performance analysis, hardware utilization tracking, and debugging of tensor data during the inference process. - [redis/go-redis](https://awesome-repositories.com/repository/redis-go-redis.md) (22,159 ⭐) — This project is a feature-rich Go client library designed for interacting with Redis. It serves as a comprehensive interface for managing remote data stores, enabling developers to execute standard database commands, handle complex data structures, and perform asynchronous operations within Go applications. The library distinguishes itself through its support for advanced Redis capabilities, including connection pooling, pipelining, and transactional integrity. It provides specialized primitives for managing distributed clusters, including automated topology updates and request routing to shards, as well as robust support for stream processing, consumer groups, and publish-subscribe messaging patterns. Beyond core data operations, the client facilitates modern infrastructure patterns such as distributed locking, session management, and real-time event streaming. It also integrates with advanced database modules to support vector similarity search, JSON document manipulation, and geospatial querying, making it suitable for building AI-augmented applications and high-performance caching layers. The library is distributed as a Go module, providing a programmatic interface that integrates directly into the Go ecosystem for managing database connectivity and lifecycle tasks. - [score-spec/spec](https://awesome-repositories.com/repository/score-spec-spec.md) (8,052 ⭐) — Score is a platform-agnostic workload specification standard that defines containerized application deployments and their resource dependencies in a declarative YAML format. It provides a developer-centric specification that separates environment-agnostic workload definitions from environment-specific configuration, enabling consistent deployment across development, testing, and production environments. The specification framework translates a single workload definition into deployable manifests for multiple container orchestration platforms, including Docker Compose and Kubernetes. It includes schema-driven validation to catch configuration errors before deployment, placeholder-based dynamic resolution for referencing workload metadata and resource outputs, and a pluggable provisioner architecture that maps abstract resource declarations to concrete provisioning implementations. Score also supports patch template customization for modifying generated manifests, stateful pipeline persistence to preserve stable values across clean-slate CI environments, and environment-specific overrides that allow the same workload file to work unchanged across targets. Score automatically provisions and connects backing services like databases, caches, and DNS based on workload dependency declarations, and can generate local mock services for testing frontends against simulated APIs. It provides CLI tools for manifest generation, project initialization, provisioner management, and version control, with support for containerized execution in Dev Containers. The project includes community provisioners for common infrastructure components and can extend to new platforms through custom workload translators and provisioners. - [esri/spatial-framework-for-hadoop](https://awesome-repositories.com/repository/esri-spatial-framework-for-hadoop.md) (0 ⭐) — The Spatial Framework for Hadoop allows developers and data scientists to use the Hadoop data processing system for spatial data analysis. - [greptimeteam/greptimedb](https://awesome-repositories.com/repository/greptimeteam-greptimedb.md) (5,968 ⭐) — GreptimeDB is a distributed, open-source time-series database built for unified observability. It stores and queries metrics, logs, and traces together in a single columnar engine, supporting both SQL and PromQL for analysis. The database is designed as a Kubernetes-native operator with a decoupled compute and storage architecture, enabling horizontal scaling and multi-region deployment. What distinguishes GreptimeDB is its role as a multi-protocol ingestion gateway, accepting data through OpenTelemetry, Prometheus Remote Write, InfluxDB, Loki, Elasticsearch, Kafka, and MQTT protocols without requiring a predefined schema. It provides a unified observability data model that processes all three signal types as timestamped wide events, allowing JOIN queries across signals. The system includes a continuous aggregation pipeline with an optional Flownode component for streaming and materialized view computations, plus configurable log pipeline processing that parses and transforms raw log lines during ingestion. The database offers a broad capability surface including automatic schema inference, columnar storage with LSMT, distributed query execution with pushdown, and support for inverted, fulltext, and skipping indexes. It provides multiple query APIs (MySQL, PostgreSQL, HTTP, gRPC, Elasticsearch, Jaeger), BI tool connectivity, and integration with AI assistants through the Model Context Protocol. Deployment options range from standalone binaries to distributed clusters on Kubernetes, with metadata stored in etcd, MySQL, or PostgreSQL. - [gravitl/netmaker](https://awesome-repositories.com/repository/gravitl-netmaker.md) (11,630 ⭐) — Netmaker is a platform for automating and managing virtual mesh networks built on WireGuard. It functions as a centralized control plane that orchestrates encrypted, peer-to-peer tunnels across distributed infrastructure, including cloud environments, on-premise data centers, and containerized clusters. By automating the configuration of routing tables and access policies, the system enables secure, private connectivity between diverse devices and services without requiring manual network administration. The platform distinguishes itself through its focus on zero-trust network access and software-defined perimeters, which hide network resources from the public internet while enforcing granular, identity-based security policies. It supports complex network topologies by providing dynamic relay-based routing for firewall-traversal and gateway-based bridging for isolated subnets. These capabilities allow for the creation of scalable, high-performance overlays that maintain consistent connectivity even when direct peer-to-peer paths are unavailable. Beyond core connectivity, the project provides a comprehensive suite of management tools, including automated node provisioning, private service discovery via integrated DNS, and multi-tenant infrastructure support. It also offers robust observability features, such as administrative audit logging and network health monitoring, to ensure operational visibility. The entire networking stack can be self-hosted to maintain data sovereignty, and the platform integrates with external identity providers to streamline authentication and device onboarding. - [kubescape/kubescape](https://awesome-repositories.com/repository/kubescape-kubescape.md) (11,489 ⭐) — Kubescape is a Kubernetes security posture management platform designed to scan clusters, manifests, and images for misconfigurations, vulnerabilities, and compliance risks. It functions as a comprehensive security suite incorporating a compliance scanner, a container image vulnerability scanner, an admission controller for policy enforcement, and a runtime security monitor. The platform distinguishes itself through runtime-aware vulnerability filtering, which maps libraries loaded in memory to determine if vulnerabilities are actually reachable. It also integrates with AI assistants via a Model Context Protocol server to enable natural language security querying and real-time streaming of findings. The system covers a broad range of security domains, including compliance auditing against industry benchmarks, runtime threat detection using eBPF and system probes, and the automated generation of network policies. It further provides risk quantification for prioritization, infrastructure-as-code auditing, and automated remediation through image patching and manifest fixes. The project is deployed using a Kubernetes operator to automate the lifecycle of its security components and provides specific support for air-gapped environments through offline scanning and manual framework provisioning. - [inlets/inlets-operator](https://awesome-repositories.com/repository/inlets-inlets-operator.md) (0 ⭐) — Get public TCP LoadBalancers for local Kubernetes clusters - [kubernetes/kops](https://awesome-repositories.com/repository/kubernetes-kops.md) (16,631 ⭐) — kops is a Kubernetes cluster provisioner and lifecycle manager designed to automate the creation, maintenance, and destruction of production-grade clusters on cloud infrastructure. It functions as a declarative infrastructure manager, synchronizing the live state of a cluster with versioned manifests stored in remote object storage to ensure idempotent operations. The project distinguishes itself by offering comprehensive automation for the entire cluster lifecycle, including high-availability control plane deployment, incremental rolling updates, and automated version upgrades. It also serves as an infrastructure-as-code exporter, capable of generating Terraform configurations from the current state of a deployed cluster. Beyond provisioning, it covers a broad operational surface including automated node and pod scaling, etcd data store management, and complex networking configurations such as dual-stack IPv6 and CNI integration. It also manages identity and security through OIDC authentication integration, cloud IAM role mapping, and x509 certificate lifecycle management. The tool provides a command-line interface with support for shell autocompletion. - [coroot/coroot](https://awesome-repositories.com/repository/coroot-coroot.md) (7,400 ⭐) — Coroot is an observability platform and Kubernetes performance monitor that utilizes eBPF to automatically collect metrics, logs, and traces without requiring manual code instrumentation. It functions as an OpenTelemetry trace analyzer and an LLM observability gateway, exposing system health data to large language models through the Model Context Protocol. The platform differentiates itself by combining automated root cause analysis and AI-driven diagnostics to investigate performance regressions. It also includes a cloud cost monitoring tool that attributes infrastructure spending to specific applications across major cloud providers to identify optimization opportunities. The system's capabilities cover wide-ranging observability domains, including distributed request tracing, log pattern analysis, and resource profiling for CPU and memory. It provides health monitoring for containerized applications via service level objectives, database query monitoring, and network connectivity analysis across multiple clusters. Installation is managed through a central server and node agents, with support for Kubernetes operator automation and high availability configurations. - [locustio/locust](https://awesome-repositories.com/repository/locustio-locust.md) (27,516 ⭐) — Locust is a distributed performance testing framework that allows users to define complex system stress scenarios using standard Python code. By modeling concurrent users as classes with weighted tasks and lifecycle hooks, it enables the simulation of realistic user behavior across large-scale environments. The tool functions as a scalable load generator capable of orchestrating traffic across multiple worker nodes to measure system stability and responsiveness under heavy, real-world conditions. The framework is distinguished by its protocol-agnostic architecture, which supports diverse communication standards including HTTP, gRPC, and MQTT through modular client abstractions. It provides dynamic runtime traffic shaping, allowing users to adjust load intensity and task weighting programmatically while tests are active. A built-in web interface offers real-time monitoring of throughput, latency, and error rates, while also supporting custom authentication and UI extensions to meet specific operational requirements. Beyond core simulation, the platform includes comprehensive observability features such as granular request logging, automated instrumentation, and the ability to stream telemetry data to external monitoring backends. It integrates into continuous delivery pipelines by supporting automated performance threshold validation and headless execution. The system is designed for flexibility, allowing for containerized deployment, cloud-based scaling, and the ingestion of external datasets to ensure varied and representative load testing scenarios. Locust is distributed as a Python package and can be installed via standard package managers to support both local development and automated infrastructure-as-code environments. - [strangelove-ventures/cosmos-operator](https://awesome-repositories.com/repository/strangelove-ventures-cosmos-operator.md) (0 ⭐) — Cosmos Operator is a Kubernetes Operator primarily for blockchains built with the Cosmos SDK. It also supports Penumbra and other chains which use CometBFT for consensus.