30 open-source projects similar to kubernetes-client/java, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Java alternative.
This project is a Go language library that provides a programmatic interface for interacting with the Kubernetes API server. It serves as a client for managing cluster resources, offering both typed interfaces for compile-time safety and dynamic interfaces for unstructured data and custom resource management. The library includes a controller framework designed for building event-driven automation. This framework utilizes informers to maintain local resource caches and rate-limited work queues to decouple event detection from state reconciliation. High availability is supported through a lead
This project provides a comprehensive guide and set of scripts for deploying and configuring a production-ready Kubernetes cluster from scratch. It centers on establishing a functional environment by installing core management components, storage, and networking across multiple nodes. The implementation emphasizes high availability for the control plane, utilizing layer-4 load balancing and leader election for the API server, scheduler, and controller manager. It further ensures reliability through the deployment of a distributed key-value store for persistent runtime data. The project cover
The Operator SDK is a framework for building, packaging, and managing custom controllers that extend the Kubernetes API. It serves as a toolset for defining new API types and implementing reconcile loops to automate the lifecycles of complex applications. The project provides specialized support for creating operators based on Helm charts or Ansible playbooks, allowing users to maintain a desired cluster state using existing automation tools. It includes a dedicated system for packaging controllers into standardized container image bundles for distribution via the Operator Lifecycle Manager.
The Kubernetes Python Client is a programmatic interface for cluster automation and resource management. It provides a REST-based API client that maps method calls to HTTP verbs and JSON payloads to create, update, delete, and monitor workloads and infrastructure components. The client features dynamic schema mapping and resource mapping, allowing it to control custom objects and unique resource definitions without requiring pre-defined classes or static schemas. It supports YAML manifest parsing to convert structured files into compatible objects for bulk resource deployment. The toolset co
Incus is a unified orchestration platform for managing system containers, OCI application containers, and virtual machines through a single control plane. It brings together cluster infrastructure management, secure multi-tenancy, software-defined networking, and pluggable storage backend orchestration into one cohesive system exposed via a full REST API and command-line interface. What distinguishes Incus is its ability to run multiple instance types side by side—full Linux system containers, OCI application containers, and QEMU virtual machines—all managed with consistent tooling. Networkin
Crossplane is a Kubernetes-based control plane framework that functions as a cloud resource orchestrator and infrastructure-as-code platform. It enables the management of heterogeneous infrastructure by extending the Kubernetes API to provision and maintain external cloud services through declarative configuration. By utilizing custom resource controllers, it continuously reconciles the state of external infrastructure with defined desired states, ensuring consistent deployment and lifecycle management across multiple cloud providers. The platform distinguishes itself through its composition-
Kuboard-press is a visual management interface for Kubernetes clusters that enables the orchestration of workloads and system objects without manual text file editing. It provides a centralized dashboard for importing and monitoring multiple clusters, using a visual interface to manage namespaces and containerized workloads. The project differentiates itself through hierarchical microservices visualization, which maps flat cluster workloads into a layered structure to represent architectural relationships. It also includes dedicated container operation tools for accessing logs, opening intera
Lens is a multi-cluster management platform and desktop application for administering Kubernetes environments. It provides a graphical interface for deploying Helm charts, editing YAML manifests, and managing the lifecycle of pods and deployments. The project features an AI-powered cluster assistant that enables users to query cluster state, perform autonomous troubleshooting, and translate natural language requests into system commands. It also supports collaborative team access through shared spaces, utilizing encrypted cluster sharing and role-based access control to manage credentials and
Talos is a minimal, immutable Linux distribution designed specifically for deploying and managing Kubernetes clusters. It functions as an API-driven infrastructure manager that replaces traditional shell access with a declarative gRPC interface to control operating system state and configuration. The system is distinguished by its use of a read-only root filesystem and a security-hardened kernel, which removes standard GNU utilities to reduce the attack surface. It ensures environment consistency by distributing the operating system as versioned, signed images and utilizes TPM-backed verified
This project is a Kubernetes controller that automates the issuance, renewal, and lifecycle management of TLS certificates. It functions as a native extension to the cluster API, using custom resource definitions and reconciliation loops to maintain the desired state of certificates and trust bundles across distributed services. By integrating directly with the cluster's admission control and secret storage systems, it ensures that cryptographic identities are consistently provisioned and available for application workloads. The project distinguishes itself through its extensive support for a
Sealed Secrets is a Kubernetes secret encryption tool and controller designed for GitOps security. It provides a mechanism to encrypt sensitive data into specialized resources that can be safely stored in public version control systems and decrypted only within a cluster. The system uses an asymmetric encryption manager to seal secrets with a public key, ensuring that only the corresponding private key held within the cluster can unseal them. It includes utilities for security key rotation, secret re-encryption, and offline private key recovery to maintain data access during disaster recovery
Reloader is a Kubernetes custom controller designed to automate pod restarts and synchronize running workloads with external configuration stores. It functions as a configuration reloader that triggers rolling upgrades for pods whenever referenced ConfigMaps or Secrets are updated. The tool distinguishes itself by integrating with external secret managers, CSI drivers, and GitOps workflows to ensure workloads are restarted when secrets from external stores change. It utilizes targeted filtering via labels and annotations to control which resources or namespaces trigger restarts, and it can pa
This project provides a framework for building Kubernetes operators and custom controllers. It offers a set of libraries designed to manage the lifecycle of cluster resources, enabling developers to synchronize the actual state of a cluster with a desired configuration through event-driven reconciliation loops. The framework distinguishes itself by providing a manager-orchestrated environment that coordinates multiple controllers and webhooks within a single process. It includes built-in support for optimistic concurrency control to prevent update conflicts and utilizes in-memory informer cac
Kubebuilder is a framework and set of scaffolding tools used to build Kubernetes APIs and controllers. It functions as an operator framework that provides generators for custom resource definitions, admission webhooks, and RBAC manifests to extend cluster functionality. The project distinguishes itself through marker-based code generation, which parses source code comments to automatically produce Kubernetes manifests and boilerplate logic. It employs a hub-and-spoke versioning model to translate data between multiple API versions and uses a three-way merge strategy to automate project migrat
Bottlerocket is a container-optimized operating system and minimal Linux distribution designed specifically for hosting container workloads. It functions as an immutable infrastructure OS, utilizing a read-only root filesystem and atomic partition swapping to ensure consistent and reversible system updates. The system is distinguished by an API-driven host manager that replaces traditional shell-based configuration with a local REST API for administrative tasks. To maintain security and stability, it employs a dual-runtime isolation model that separates workload runtimes from system operation
Hazelcast is a distributed data platform that combines an in-memory data grid with a stream processing engine to support real-time analytics and event-driven applications. It functions as a partitioned, distributed key-value store that replicates data across cluster nodes to provide low-latency access and high availability. The platform also serves as a distributed SQL query engine, allowing users to execute standard SQL statements against both in-memory datasets and external data sources. What distinguishes Hazelcast is its use of a distributed consensus subsystem to maintain strongly consis
Prefect is a workflow orchestration platform designed to define, schedule, and monitor complex data pipelines as Python code. It functions as a container-native engine that wraps individual tasks in isolated environments, ensuring consistent dependencies and resource allocation across diverse infrastructure. By utilizing a state-machine-based orchestration model, the system tracks execution progress through discrete transitions and persistent event logs to maintain reliable and observable task processing. The platform distinguishes itself through a decoupled worker-API architecture, which sep
Flux is a Kubernetes GitOps delivery tool used to automate application deployments by synchronizing cluster state with configurations stored in Git, OCI, or Helm repositories. It functions as a set of controllers that monitor desired state in external sources and continuously reconcile the live cluster to match those definitions. The system distinguishes itself through a multi-cluster management plane that coordinates application delivery across fleets of remote clusters from a central hub. It provides a dedicated mechanism for automated image updates, which scans container registries for new
LXD is a unified platform for managing both system containers and virtual machines through a single REST API and command-line interface. It provides a programmatic HTTP interface for controlling the full lifecycle of instances, enabling automation and integration with external tools. The system runs unprivileged containers with per-instance UID/GID mappings, seccomp filters, and AppArmor profiles for kernel-level isolation, while supporting multiple storage backends including directory, Btrfs, LVM, ZFS, Ceph, LINSTOR, and TrueNAS through a unified driver interface. The platform distinguishes
proot-distro is a rootless container runtime and Linux distribution manager that allows users to install and run isolated guest environments without requiring administrative root privileges. It utilizes PRoot to simulate root access and filesystem redirection, enabling the deployment of full Linux distributions in a non-root space. The project functions as an OCI container image handler, capable of building, pulling, and pushing OCI-compatible images and manifests. It further serves as a cross-architecture execution layer, utilizing user-mode emulation to run binaries and containers built for
This project is a comprehensive reference guide and cheat sheet for the Docker CLI. It provides a structured collection of commands and documentation to help users manage container lifecycles, build images, and handle registries. The documentation specifically covers the orchestration of multi-container applications using Docker Compose and the management of scalable services across multiple nodes via Docker Swarm. It also includes detailed guides for configuring virtual networks, bridges, and ports to control container communication. The reference surface extends to container image administ
Gatekeeper is a Kubernetes admission control and policy enforcement engine used to ensure cluster resources comply with organizational security and configuration standards. It intercepts API requests to validate or reject non-compliant resources before they are persisted in the cluster. The project uses a parameterized policy library and custom resource definitions to create reusable templates and enforcement rules. It distinguishes itself through a hub-and-spoke management model, allowing a controller in a management cluster to enforce policies across separate target clusters. Beyond admiss
This project is a terminal-based dashboard for managing Kubernetes clusters. It provides a character-based interface that enables real-time monitoring and interactive control of containerized workloads, allowing users to perform administrative tasks such as scaling deployments, viewing logs, and managing port forwarding directly from the command line. The interface is designed for high-speed navigation, utilizing a keyboard-driven command system that maps input sequences to specific operational actions. It maintains an accurate view of the cluster state through asynchronous event polling, ens
Quarkus is a Kubernetes-native Java framework designed for building high-performance, memory-efficient applications. It utilizes ahead-of-time native compilation to transform Java code into standalone, optimized binaries that eliminate the need for a virtual machine, enabling rapid startup and reduced memory consumption. By performing code augmentation during the build phase, it shifts heavy processing tasks away from runtime, ensuring that applications are optimized for cloud-native environments. The framework distinguishes itself through a unified approach to reactive and imperative program
dockertest is a Docker integration testing library and programmatic Go client used to boot and manage ephemeral containers. It functions as a containerized test orchestrator that provides isolated environments for integration tests by managing the lifecycle of dependent services. The library handles ephemeral environment orchestration by provisioning temporary containers and networks. It ensures environment consistency through service readiness checks and automated resource cleanup to prevent leaks after test execution completes. The project covers containerized service validation, including
Finch is a virtual machine-based container runtime and OCI container management CLI used for local container development. It operates by running container workloads inside a background virtual machine to isolate them from the host operating system. The project serves as an OCI image builder and a multi-container service orchestrator for simulating complex production environments on a workstation. The runtime functions as a cross-platform container engine, utilizing emulation layers to execute container images built for foreign CPU architectures. It distinguishes its image distribution through
DDEV is a container-based local development environment and project manager designed to bootstrap consistent web development stacks. It orchestrates Docker containers to provide isolated Linux environments, integrating web servers, databases, and language runtimes. The project distinguishes itself by automating the complexities of local networking and security, featuring a local HTTPS proxy for SSL certificate automation and wildcard DNS for hostname management. It further enables collaboration by exposing local environments to the internet through tunneling for external project sharing. The
kubefwd is a Kubernetes network tunneling and service forwarding utility that maps remote cluster services to local loopback addresses. It synchronizes the local hosts file to resolve Kubernetes service names to local IP addresses, enabling local development environments to use production hostnames. The project implements a Model Context Protocol server, allowing external AI assistants to discover, browse, and control network forwarding through a standardized interface. It also provides a terminal user interface for managing service forwards, monitoring real-time network traffic, and streamin
Testcontainers for .NET is a Docker testing library and integration testing framework designed to manage the lifecycle of throwaway containers. It provides high-level abstractions as a Docker API wrapper to provision ephemeral infrastructure, replacing mocks with real database, messaging, and search engine instances to ensure isolated and reproducible test environments. The project distinguishes itself through a builder-configuration-container pattern and a dynamic port binding mechanism that prevents collisions during concurrent test execution. It enables reliable service-to-service communic
Uncloud is a decentralized container orchestrator designed to deploy and manage applications across multiple servers without a central control plane. It functions as a peer-to-peer system and a Docker Compose cluster deployer, using SSH-based infrastructure management to coordinate operations across remote nodes. The project distinguishes itself by using a secure mesh network overlay to enable direct inter-container communication across different physical machines. It facilitates container image distribution by transferring missing layers directly from local environments to target nodes, bypa