Component Overview
This document provides an overview of the tools included in the kubara framework, along with their functionality and key features. More tools will be added in future releases of the kubara framework.
1. Application Management
| Tool | Description | Functionality | Key Features |
|---|---|---|---|
 |
Argo CD. GitOps-based tool for continuous deployment and synchronization of Kubernetes applications. | GitOps-based deployment and sync | - Git integration - Rollbacks - Real-time status monitoring - Multi-cluster support |
 |
Homer. Simple static dashboard to manage service links via YAML. | Static link collection | - Grouped links - Easy configuration - Quick navigation |
2. Observability
| Tool | Description | Functionality | Key Features |
|---|---|---|---|
 |
Kube-Prometheus-Stack. Monitoring and alerting toolkit using Prometheus, Grafana, and Alertmanager. | Monitoring for Kubernetes | - Prometheus metrics - Grafana dashboards - Alertmanager notifications - Pre-configured alerts |
 |
Grafana Loki. Log aggregation system for Kubernetes logs. | Log collection and analysis | - Grafana integration - Label-based filtering - Efficient log storage - Scalable architecture |
 |
Metrics Server. Collects resource metrics from Kubernetes nodes and pods. | Resource metric collection | - Integrates with Horizontal Pod Autoscaler - Lightweight - Kubelet-based collection |
3. Security
| Tool | Description | Functionality | Key Features |
|---|---|---|---|
 |
Cert Manager. Automates TLS certificate creation and management. | TLS certificate automation | - ACME support - Auto renewal - Ingress integration |
 |
External Secrets Operator. Sync secrets from external backends into Kubernetes. | Secret synchronization | - Vault, AWS, GCP support - Auto updates - Encryption |
 |
Kyverno. Kubernetes-native policy engine for governance and security. | Policy management | - Validation and mutation - Custom policies - GitOps friendly |
 |
OAuth2 Proxy for authenticating web applications. | Auth via OAuth2/OIDC | - Google, GitHub, OIDC support - Easy integration - Access control via tokens |
4. Storage
| Tool | Description | Functionality | Key Features |
|---|---|---|---|
 |
Longhorn. Distributed block storage system for Kubernetes. | Persistent storage | - Replication - Snapshots - Backups - Dynamic provisioning |
5. Network
| Tool | Description | Functionality | Key Features |
|---|---|---|---|
 |
External DNS. Sync DNS records from Kubernetes to external DNS providers. | DNS automation | - AWS Route53, Google DNS support - Auto DNS updates - Label-based mapping |
 |
Traefik ingress controller and API gateway for HTTP/HTTPS routing in Kubernetes. | Web traffic routing / API gateway | - Ingress and IngressRoute support - Gateway API support - Middleware support - Path/host-based routing |
 |
MetallLB. Load balancer for bare-metal Kubernetes clusters. | Load balancing | - Layer 2 and BGP modes - IP address pool management - Simple configuration |
6. CI/CD
| Tool | Description | Functionality | Key Features |
|---|---|---|---|
 |
Forgejo. Managed Git service with CI/CD integration from STACKIT. | Git repo management | - Web UI - User management - Repos - Pipelines |
Custom Resource Dependencies
If you deactivate or replace applications (Y-axis) with others not part of the kubara framework, be sure to resolve custom resource dependencies such as ServiceMonitors, Certificates, and Secrets accordingly.
| ↓ | argo-cd | homer-dashboard | kube-prometheus-stack | loki | metrics-server | cert-manager | external-secrets | kyverno | kyverno-policies | kyverno-policy-reporter | oauth2-proxy | longhorn | external-dns | traefik | metallb |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| argo-cd | |||||||||||||||
| homer-dashboard | |||||||||||||||
| kube-prometheus-stack | X | X | X | X | X | X | |||||||||
| loki | |||||||||||||||
| metric-server | |||||||||||||||
| cert-manager | X | X | X | ||||||||||||
| external-secrets | X | X | X | X | X | ||||||||||
| kyverno | X | ||||||||||||||
| kyverno-policies | X | ||||||||||||||
| kyverno-policy-reporter | |||||||||||||||
| oauth2-proxy | X | X | X | X | |||||||||||
| longhorn | X | X | X | ||||||||||||
| external-dns | |||||||||||||||
| traefik | |||||||||||||||
| metalLB | X | X | X | X | X |
Not enough?
If the current toolset doesn't meet your needs or is missing key features, you can propose new tools here.