30 open-source projects similar to kubernetes-sigs/controller-runtime, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Controller Runtime alternative.
Kubebuilder is a framework and set of scaffolding tools used to build Kubernetes APIs and controllers. It functions as an operator framework that provides generators for custom resource definitions, admission webhooks, and RBAC manifests to extend cluster functionality. The project distinguishes itself through marker-based code generation, which parses source code comments to automatically produce Kubernetes manifests and boilerplate logic. It employs a hub-and-spoke versioning model to translate data between multiple API versions and uses a three-way merge strategy to automate project migrat
The Operator SDK is a framework for building, packaging, and managing custom controllers that extend the Kubernetes API. It serves as a toolset for defining new API types and implementing reconcile loops to automate the lifecycles of complex applications. The project provides specialized support for creating operators based on Helm charts or Ansible playbooks, allowing users to maintain a desired cluster state using existing automation tools. It includes a dedicated system for packaging controllers into standardized container image bundles for distribution via the Operator Lifecycle Manager.
Flux is a Kubernetes GitOps delivery tool used to automate application deployments by synchronizing cluster state with configurations stored in Git, OCI, or Helm repositories. It functions as a set of controllers that monitor desired state in external sources and continuously reconcile the live cluster to match those definitions. The system distinguishes itself through a multi-cluster management plane that coordinates application delivery across fleets of remote clusters from a central hub. It provides a dedicated mechanism for automated image updates, which scans container registries for new
This project is a Go language library that provides a programmatic interface for interacting with the Kubernetes API server. It serves as a client for managing cluster resources, offering both typed interfaces for compile-time safety and dynamic interfaces for unstructured data and custom resource management. The library includes a controller framework designed for building event-driven automation. This framework utilizes informers to maintain local resource caches and rate-limited work queues to decouple event detection from state reconciliation. High availability is supported through a lead
Gatekeeper is a Kubernetes admission control and policy enforcement engine used to ensure cluster resources comply with organizational security and configuration standards. It intercepts API requests to validate or reject non-compliant resources before they are persisted in the cluster. The project uses a parameterized policy library and custom resource definitions to create reusable templates and enforcement rules. It distinguishes itself through a hub-and-spoke management model, allowing a controller in a management cluster to enforce policies across separate target clusters. Beyond admiss
Kubernetes controller for GitHub Actions self-hosted runners
The Prometheus Operator is a Kubernetes monitoring orchestrator and controller that manages Prometheus clusters and observability components through declarative custom resources. It functions as a custom resource controller that translates high-level Kubernetes resource definitions into the configuration files required by the underlying monitoring software. The project automates the deployment, scaling, and lifecycle of an observability stack, including the integration of components like Thanos and Alertmanager. It distinguishes itself by syncing monitoring targets, alerting rules, and scrape
Argo Workflows is a container-native workflow engine that functions as a Kubernetes custom resource controller. It orchestrates complex sequences of containerized tasks by executing them as directed acyclic graphs, allowing for dependency management and parallel processing within a cluster. The system extends the native Kubernetes control plane to manage the full lifecycle of automated processes, from initial triggering to final resource cleanup. The platform distinguishes itself through its controller-pattern reconciliation, which continuously monitors workflow states to align them with desi
Sealed Secrets is a Kubernetes secret encryption tool and controller designed for GitOps security. It provides a mechanism to encrypt sensitive data into specialized resources that can be safely stored in public version control systems and decrypted only within a cluster. The system uses an asymmetric encryption manager to seal secrets with a public key, ensuring that only the corresponding private key held within the cluster can unseal them. It includes utilities for security key rotation, secret re-encryption, and offline private key recovery to maintain data access during disaster recovery
Strimzi is a Kubernetes operator that automates the deployment, management, and lifecycle of Apache Kafka clusters on Kubernetes or OpenShift. It uses custom resource definitions and declarative YAML configuration to define Kafka cluster topology, broker placement, and security settings, with operator-based controllers that reconcile the desired state with the actual cluster state. The operator handles rolling updates during cluster upgrades or configuration changes to maintain availability and data integrity, and supports rack-aware broker scheduling across Kubernetes nodes and availability
This is a Java client library for interacting with the Kubernetes API server. It provides a programmatic interface and a set of typed models to manage cluster resources, orchestrate state reconciliation, and administer pods and namespaces within a Kubernetes environment. The library enables the development of custom controllers by providing frameworks for implementing automated control loops that reconcile the actual state of resources with a desired target state. It supports the generation of strongly-typed Java classes from OpenAPI specifications and custom resource definitions to ensure ty
This project is a Kubernetes controller that automates the issuance, renewal, and lifecycle management of TLS certificates. It functions as a native extension to the cluster API, using custom resource definitions and reconciliation loops to maintain the desired state of certificates and trust bundles across distributed services. By integrating directly with the cluster's admission control and secret storage systems, it ensures that cryptographic identities are consistently provisioned and available for application workloads. The project distinguishes itself through its extensive support for a
Crossplane is a Kubernetes-based control plane framework that functions as a cloud resource orchestrator and infrastructure-as-code platform. It enables the management of heterogeneous infrastructure by extending the Kubernetes API to provision and maintain external cloud services through declarative configuration. By utilizing custom resource controllers, it continuously reconciles the state of external infrastructure with defined desired states, ensuring consistent deployment and lifecycle management across multiple cloud providers. The platform distinguishes itself through its composition-
KubeVela is a cloud native application orchestrator and delivery engine for Kubernetes. It serves as an Open Application Model compliant platform designed to decouple application definitions from the underlying infrastructure and operations. The system acts as a multi-cluster delivery controller that coordinates progressive rollouts, including canary and blue-green strategies, across hybrid and multi-cloud environments. It provides a standardized model for managing complex deployment workflows and infrastructure provisioning. The platform covers broad capability areas including cloud infrast
kro is a Kubernetes resource orchestrator and API abstraction layer that enables the definition of simplified custom API surfaces. It allows users to map high-level inputs to complex templates of underlying Kubernetes objects, effectively grouping interdependent resources into single, manageable units. The project differentiates itself by automating the generation of custom resource definitions and dedicated controllers from resource graph specifications without requiring manual Go code. It employs a dependency manager that uses directed acyclic graphs to coordinate the creation, readiness, a
Agones is a Kubernetes game server orchestrator designed for hosting, scaling, and managing dedicated multiplayer game servers. It extends the Kubernetes control plane using custom resource definitions to define game server and fleet objects, utilizing a dedicated fleet manager to maintain pools of warm server instances. The system provides a game server SDK and language-specific client libraries that allow server processes to signal readiness, health, and shutdown states directly to the controller. It distinguishes itself through specialized scaling logic, including the use of WebAssembly mo
VictoriaMetrics is a high-performance, scalable time series database and observability platform designed for long-term storage and analysis of metric, log, and trace data. It functions as a unified backend for monitoring ecosystems, offering full compatibility with industry-standard protocols and query languages. The system is built to handle massive data volumes through a distributed architecture that supports horizontal scaling and efficient data lifecycle management. The platform distinguishes itself through a storage engine that utilizes consistent hashing for data sharding and log-struct
Agones is a Kubernetes game server orchestrator designed for deploying, scaling, and managing dedicated multiplayer game server processes across a distributed cluster. It provides the core infrastructure needed to provision individual or grouped server processes to support real-time multiplayer gaming sessions. The system includes a fleet manager to automate the lifecycle of server groups based on player demand and a health monitor to track the connectivity and operational status of active processes. It integrates with cluster autoscalers to synchronize server resource requirements with cloud
The AWS Load Balancer Controller is a Kubernetes controller that automates the provisioning and lifecycle management of cloud-native load balancing resources. It functions as an infrastructure orchestrator, translating declarative cluster configurations into specific requests for external cloud services to route traffic into containerized workloads. By implementing standard ingress and gateway specifications, the system ensures that cluster networking adheres to official industry standards for HTTP, HTTPS, and transport-layer traffic. The controller distinguishes itself through its deep integ
Argo is a cloud native CI/CD platform and Kubernetes workflow engine. It functions as a container pipeline orchestrator and job scheduler, managing multi-step sequences of containers as jobs using directed acyclic graphs within a cluster. The system acts as a progressive delivery controller, reducing release risk through automated Canary and Blue-Green deployment strategies. It provides declarative GitOps synchronization to mirror the state of a git repository directly into the cluster environment for continuous delivery automation. The platform covers a broad range of capabilities including
TiDB is a horizontally scalable, distributed SQL database designed to provide consistent transactional storage and high-performance analytical processing within a single unified architecture. It utilizes a decoupled compute-storage design and a distributed key-value storage layer to ensure horizontal scalability and efficient range-based queries. By employing a consensus-based replication algorithm, the system maintains high availability and automatic failover across multiple nodes and geographical regions. The platform distinguishes itself through its hybrid transactional and analytical proc
The Kubernetes Python Client is a programmatic interface for cluster automation and resource management. It provides a REST-based API client that maps method calls to HTTP verbs and JSON payloads to create, update, delete, and monitor workloads and infrastructure components. The client features dynamic schema mapping and resource mapping, allowing it to control custom objects and unique resource definitions without requiring pre-defined classes or static schemas. It supports YAML manifest parsing to convert structured files into compatible objects for bulk resource deployment. The toolset co
Quarkus is a Kubernetes-native Java framework designed for building high-performance, memory-efficient applications. It utilizes ahead-of-time native compilation to transform Java code into standalone, optimized binaries that eliminate the need for a virtual machine, enabling rapid startup and reduced memory consumption. By performing code augmentation during the build phase, it shifts heavy processing tasks away from runtime, ensuring that applications are optimized for cloud-native environments. The framework distinguishes itself through a unified approach to reactive and imperative program
Reloader is a Kubernetes custom controller designed to automate pod restarts and synchronize running workloads with external configuration stores. It functions as a configuration reloader that triggers rolling upgrades for pods whenever referenced ConfigMaps or Secrets are updated. The tool distinguishes itself by integrating with external secret managers, CSI drivers, and GitOps workflows to ensure workloads are restarted when secrets from external stores change. It utilizes targeted filtering via labels and annotations to control which resources or namespaces trigger restarts, and it can pa
CloudNativePG is a Kubernetes operator designed for the administration, lifecycle management, and high availability of PostgreSQL database clusters. It functions as a declarative orchestrator that manages database instances through custom resources and manifests. The project distinguishes itself by automating complex operational tasks, including primary election and failover management via streaming physical replication. It provides specialized tools for database version migrations, supporting both offline in-place upgrades and online migrations through logical replication. The operator cove
Rustfs is a distributed object storage system designed for high availability and horizontal scalability. It functions as a cluster-based platform that manages data across multiple nodes, providing a self-hosted infrastructure for large-scale storage requirements. The system is built to be container-native, utilizing an operator to automate deployment and management within orchestrated environments. It provides compatibility with standard object storage protocols, allowing existing applications and tools to interact with the storage layer through a translation interface. To ensure long-term re
This project is a Kubernetes controller that automates the retrieval and injection of secrets from HashiCorp Vault into containerized workloads. By operating as a control loop, it monitors cluster state to deliver sensitive configuration data and authentication tokens directly into application environments, removing the requirement for static credentials. The system distinguishes itself through a sidecar-based injection mechanism that intercepts pod lifecycle events to mount secrets at runtime. It supports dynamic credential provisioning, generating short-lived tokens on demand to reduce the
This project is a Kubernetes ingress controller that manages external traffic by dynamically configuring the HAProxy load balancer. It functions as a bridge between cluster resources and the network data plane, translating high-level ingress definitions into active proxy configurations to route HTTP, TCP, and UDP traffic into containerized environments. The controller distinguishes itself through a decoupled architecture that separates control plane logic from the proxy process, allowing for independent lifecycle management and versioning. It utilizes template-based configuration generation a
GreptimeDB is a distributed, open-source time-series database built for unified observability. It stores and queries metrics, logs, and traces together in a single columnar engine, supporting both SQL and PromQL for analysis. The database is designed as a Kubernetes-native operator with a decoupled compute and storage architecture, enabling horizontal scaling and multi-region deployment. What distinguishes GreptimeDB is its role as a multi-protocol ingestion gateway, accepting data through OpenTelemetry, Prometheus Remote Write, InfluxDB, Loki, Elasticsearch, Kafka, and MQTT protocols without
Flagger is a Kubernetes progressive delivery operator that automates the gradual release of new software versions. It functions as a canary release manager and traffic shifter, integrating with service meshes and ingress controllers to control request distribution between application versions. The project focuses on reducing production risk by implementing canary releases, blue-green deployments, and A/B testing. It utilizes a metric-driven analysis loop to monitor request success rates and durations, automatically promoting a release or triggering a state-based rollback if health criteria ar