18 个仓库
Automated deployment pipelines that synchronize infrastructure state with version control.
Distinguishing note: Focuses on the synchronization of infrastructure definitions from Git.
Explore 18 awesome GitHub repositories matching devops & infrastructure · GitOps Workflows. Refine with filters or upvote what's useful.
Portainer is a unified infrastructure management platform that provides a centralized control plane for deploying, monitoring, and managing containerized applications. It functions as an orchestration-abstraction layer, translating user actions into platform-specific API calls to maintain consistency across diverse container runtimes and cluster technologies. By organizing users, teams, and resources into a single interface, it enables granular role-based access control and lifecycle management for containerized services and stacks. The platform distinguishes itself through its support for di
Automates the synchronization of containerized services by linking infrastructure definitions directly to version-controlled repositories.
Pulumi is an infrastructure-as-code framework that enables the definition, deployment, and management of cloud resources using general-purpose programming languages. It functions as a cloud resource orchestrator that coordinates the lifecycle of heterogeneous infrastructure by executing code to construct dependency graphs and reconciling the desired state against actual cloud environments. The platform distinguishes itself through a language-host runtime bridge that allows developers to use standard programming languages to define infrastructure, rather than relying solely on domain-specific
Synchronizes infrastructure state directly from version control repositories to automate deployment workflows.
Renovate is a GitOps-driven dependency management engine designed to automate the maintenance of software projects. It functions as an automated update tool that scans repository files to identify outdated dependencies, fetches the latest compatible versions from external sources, and generates pull requests to apply those updates. By integrating directly with code hosting platforms, it synchronizes project dependencies through declarative configuration files, ensuring that software components remain current and secure. The project distinguishes itself through its platform-agnostic architectu
Synchronizes repository dependencies through declarative configuration files using GitOps principles.
This project is a Ruby-based package definition repository that functions as a cross-platform package manager and software dependency resolver for macOS and Linux. It provides a centralized system for installing, updating, and managing software through a Git-based distribution model. The system distinguishes itself through a binary package distribution network that produces pre-compiled bottles to avoid local compilation from source. It utilizes a Ruby-based domain specific language to define installation recipes and employs a distributed version control architecture to synchronize these defi
Synchronizes a collection of dependencies across multiple managers using a single declarative configuration file.
Crossplane is a Kubernetes-based control plane framework that functions as a cloud resource orchestrator and infrastructure-as-code platform. It enables the management of heterogeneous infrastructure by extending the Kubernetes API to provision and maintain external cloud services through declarative configuration. By utilizing custom resource controllers, it continuously reconciles the state of external infrastructure with defined desired states, ensuring consistent deployment and lifecycle management across multiple cloud providers. The platform distinguishes itself through its composition-
Integrates with continuous delivery tools to synchronize infrastructure definitions using version-controlled repositories.
Meshery is a cloud native management plane used for the orchestration and administration of service meshes and Kubernetes clusters across multiple cloud providers. It provides a centralized interface to configure cloud native components and manage infrastructure through a unified abstraction layer. The platform features a visual infrastructure modeler that translates diagrams into manifests and a simulation engine for dry-running configuration changes. It synchronizes infrastructure state with version control via GitOps workflows, providing visual previews of pull request changes to evaluate
Coordinates multi-cluster deployments through visual workflows that synchronize infrastructure state with version control.
This project is a GitOps infrastructure framework designed for managing bare metal servers, container clusters, and networking. It serves as a declarative system for orchestrating the deployment and lifecycle of self-hosted services, using Git as the source of truth to synchronize the desired state of the environment. The framework differentiates itself through a comprehensive automation suite that covers the entire hardware-to-service pipeline. It includes a PXE-based bare metal provisioner for network booting and operating system installation, alongside a lightweight container orchestration
Synchronizes the total state of infrastructure and services based on Git configurations using a root application.
Flux is a Kubernetes GitOps delivery tool used to automate application deployments by synchronizing cluster state with configurations stored in Git, OCI, or Helm repositories. It functions as a set of controllers that monitor desired state in external sources and continuously reconcile the live cluster to match those definitions. The system distinguishes itself through a multi-cluster management plane that coordinates application delivery across fleets of remote clusters from a central hub. It provides a dedicated mechanism for automated image updates, which scans container registries for new
Implements automated pipelines that synchronize cluster infrastructure state with version control repositories.
The CNCF Curriculum is an open-source repository that organizes exam domains and learning paths for CNCF certification courses covering Kubernetes and cloud-native technologies. It structures certification content into weighted domains that reflect exam question distribution, providing a structured study guide for candidates preparing for CNCF certifications. The curriculum is organized around multiple cloud-native domains including networking, security, GitOps, platform engineering, and certification preparation. It teaches cloud-native concepts through the lens of building and operating int
Structures learning content around declarative configuration and version-controlled deployment workflows.
该项目是一个全面的 Kubernetes 教育资源和操作手册。它作为一个技术参考,用于在不同环境中安装、管理和扩展容器编排集群,涵盖了维护容器化应用程序所需的核心架构原则和系统组件。 该资源提供了结构化的集群管理指南,包括高可用性设置、资源控制和数据备份操作。它还作为一个安全审计和故障排除手册,提供使用行业标准基准识别节点漏洞以及解决网络、存储和 Pod 环境中故障的说明。 该文档涵盖了广泛的功能领域,包括跨不同操作系统的集群部署、通过网络策略和服务治理进行的流量管理,以及访问控制和身份机制的实施。它还解决了工作负载管理、资源分配和 API 功能扩展的问题。 该内容作为一个基于 Markdown 的系统进行管理,使用静态站点生成将结构化的技术指南转换为预渲染的 HTML 页面。
Implements automated deployment pipelines that synchronize infrastructure state with version control.
Litmus 是一个云原生混沌工程平台和故障注入工具,用于在 Kubernetes 环境中设计和执行受控的基础设施故障模拟。它作为一个弹性测试框架,用于分析诱发中断期间的系统行为,以识别弱点和潜在故障。 该项目作为 GitOps 混沌编排器,使用声明式版本控制来自动化弹性测试的部署和调度。它提供了混沌工作流管理工具和实验序列编排功能,以可视化和测试基础设施的稳定性。 该平台涵盖了通过基于指标的监控进行的稳态验证,并提供了导出实验结果以进行性能分析的功能。它包括对多租户访问管理和命名空间隔离的支持,以及用于集成第三方故障注入工具和自定义模板的桥接器。
Automates the deployment and synchronization of chaos experiment configurations using version control as the source of truth.
Flagger is a Kubernetes operator designed to automate the lifecycle of application deployments through progressive delivery. It functions as a controller that monitors custom resource definitions to orchestrate complex release strategies, including canary, blue/green, and A/B testing. By continuously reconciling the desired cluster state with the actual environment, it ensures that deployments adhere to defined specifications while managing the underlying infrastructure required for traffic routing. The project distinguishes itself through a sophisticated metric-driven analysis loop that eval
Reacts to cluster events and declarative configuration to automate delivery within continuous deployment workflows.
Terrascan is a static analysis tool designed to evaluate infrastructure-as-code configuration files for security vulnerabilities and compliance violations. By parsing these files into an intermediate representation, it identifies risks before cloud resources are provisioned, serving as a compliance auditor for cloud-native environments. The tool functions as a policy-as-code engine, allowing users to define and enforce custom security rules and industry benchmarks using a specialized query language. It distinguishes itself through its ability to integrate directly into development and deploym
Connects code repositories and build processes to automated scanning tools within GitOps workflows.
Digger 是一个 GitOps 基础设施自动化系统和 Terraform 编排器。它支持直接从版本控制拉取请求(Pull Request)和 CI 流水线执行基础设施计划并应用。 该项目提供了一个用于基于策略的治理和状态管理的框架。它对基础设施变更强制执行基于角色的访问控制和自定义安全策略,同时集中存储带有版本历史和访问控制的状态文件。 该系统通过拉取请求评论触发器和远程执行来管理基础设施工作流。它包括用于识别实际云状态与期望云状态之间差异的漂移检测功能、用于防止竞争条件的并发执行锁定,以及用于确保批准的版本应用于生产的计划持久化功能。
Synchronizes infrastructure state with version control using automated deployment pipelines triggered by pull requests.
Flipt 是一个 Git 原生功能管理平台和企业级功能开关服务器。它使用 Git 存储库作为功能标志配置的单一事实来源,实现了通过版本控制来控制应用程序功能的 GitOps 工作流。 该系统通过利用拉取请求和代码审查进行配置更改,并提供供应商中立的评估协议以确保不同管理工具之间的一致行为,从而脱颖而出。它支持气隙操作,并为安全的互联网隔离环境提供离线许可证验证。 该平台涵盖了广泛的功能领域,包括声明式功能标志定义、具有百分比发布功能的用户和细分市场定位,以及通过服务器发送事件(SSE)进行的实时配置流。安全性通过加密提交签名、外部密钥管理器集成和企业身份提供商连接进行管理。其他操作工具包括配置审计日志记录和可观测性指标导出。
Implements automated delivery of configuration changes through Git pull requests and code reviews.
这是一个关于 Docker CLI 的综合参考指南和速查表。它提供了一个结构化的命令集合和文档,帮助用户管理容器生命周期、构建镜像和处理注册表。 该文档专门涵盖了使用 Docker Compose 编排多容器应用程序,以及通过 Docker Swarm 管理跨多个节点的扩展服务。它还包括用于配置虚拟网络、网桥和端口以控制容器通信的详细指南。 参考范围扩展到容器镜像管理(包括标记和分发)以及用于通过清理未使用的卷和悬空镜像来回收磁盘空间的资源维护。它还提供了检查容器元数据和监控性能的说明。 内容以一系列基于 Markdown 的技术文档形式提供,作为版本控制仓库中的静态文件托管。
Documents automated deployment pipelines that synchronize infrastructure state with version control.
Dockhand is a multi-host Docker manager and container management interface used to control the lifecycle of containers, images, volumes, and networks. It functions as a Docker Compose orchestrator and GitOps deployment tool, enabling the synchronization of application stacks directly from remote Git repositories. The project distinguishes itself as an enterprise Docker access controller, providing role-based access control and identity verification through OIDC, LDAP, and multi-factor authentication. It secures sensitive data using AES-256-GCM encryption for credentials at rest and handles na
Automates the deployment of Docker Compose stacks by synchronizing application configurations directly from Git repositories.
该项目是一个教育平台和课程,旨在教授云原生工程、基础设施自动化和软件交付实践。它提供了一个掌握核心能力的结构化路线图,包括容器编排、GitOps 工作流以及持续集成和交付。 该平台通过将技术培训与职业发展相结合而脱颖而出。它提供镜像真实工程环境的实践项目、导师指导的模拟和技术能力评估。用户可以按照顺序学习路径进行学习,涵盖整个软件交付生命周期,从最初的应用容器化到生产级基础设施的管理。 除了技术指导外,该项目还包括职业晋升资源,如简历优化和面试准备。它还提供关于实施行业标准实践(如策略即代码验证、系统可观测性和声明式基础设施管理)的指导,以确保满足操作标准。
Implements GitOps workflows to synchronize production environments with version-controlled infrastructure definitions.