KubeCube is an open source enterprise-level container platform

Overview

KubeCube

License build

logo

English | 中文文档

KubeCube is an open source enterprise-level container platform that provides enterprises with visualized management of Kubernetes resources and unified multi-cluster-multi-tenant management functions. KubeCube can simplify application deployment, manage application life cycles and provide rich monitoring and log auditing functions, helping companies quickly build a powerful and feature-rich container cloud platform.

dashboard

Features

  • Out of the box

    • The learning curve is gentle, integrating functions such as unified authentication, multi-cluster management, monitoring, logs, and alarms to release productivity
    • Operation friendly, providing visual management and unified operation of Kubernetes resources, with comprehensive self-monitoring capabilities
    • Quick deployment, providing All in One Minimized deployment mode and providing High Availability Deployment for production
  • Multi-tenant

    • Provide multi-level models of tenants, projects, and spaces to meet the needs of enterprise resource isolation and software project management
    • Based on the multi-tenant model, provide permissions control, resource sharing/isolation and other capabilities
  • Unified Multi Kubernetes Cluster Management

    • Provides a central management panel for multiple Kubernetes clusters and supports cluster import
    • Provide unified identity authentication and expand Kubernetes native RBAC capabilities in multiple Kubernetes clusters Access Control
    • Quickly manage cluster resources through WebConsole and CloudShell
  • Cluster autonomy

    • When the KubeCube service is down for maintenance, each business cluster can service well, still support access control, and transparent to business Pods
  • Hot Plug

    • Provide minimal installation, users can switch functions at any time according to their needs
    • There is not need to restart the KubeCube service, while switching the function.
  • Multi-access

    • Support Open API: It is convenient to connect to users’ existing systems
    • Compatible with Kubernetes native API: seamlessly compatible with existing Kubernetes tool chains, such as kubectl
  • No vendor lock-in

    • Any standard Kubernetes cluster can be imported to better support multi-cloud and hybrid-cloud
  • Others

What it does

  • Helping enterprise build the container platform

    Simplify the learning curve, help companies complete the construction of container platforms at a relatively low cost, realize the needs of rapid application deployment, and assist companies in promoting applications to the cloud.

  • Resource isolation, quota, and RBAC

    Multi-tenant management provides three levels of resource isolation, quota management, and RBAC for tenants, projects, and spaces, fully adapting to the resource and RBAC requirements of enterprise-level private cloud construction.

  • Cluster horizontal expansion

    A unified container cloud management platform can manage multiple business Kubernetes clusters, and there is no upper limit on the number. It can not only solve the limitation of the size of a single Kubernetes cluster by adding a new Kubernetes cluster through horizontal expansion, but also meet the requirements of different business lines to monopolize the cluster.

  • Rich observability

    Supports monitoring alarms and log collection in the cluster dimension and application dimension, provides a rich workload monitoring indicator interface and a cluster dimension monitoring interface, and provides flexible log query capabilities.

Architecture

The KubeCube is composed of components such as KubeCube Service, Warden, CloudShell, and AuditLog Server. Except for Warden, which is deployed in each Kubernetes cluster as an authentication agent, the rest of the components are deployed in the management cluster.

The architecture of KubeCube described in the figure below includes interaction with users, interaction with Kubernetes API Server, Prometheus monitoring and self-developed log collection components.

architecture

Quick Start

1、Environment Requirements

2、All In One

3、Quick Experience

For Developers

Contribution

Feedback & Contact

FAQ

License

Copyright 2021 KubeCube Authors

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Issues
  • [Bug] When add cluster, If my kubeconfig is wrong. kubecube container will panic.

    [Bug] When add cluster, If my kubeconfig is wrong. kubecube container will panic.

    Describe the bug A clear and concise description of what the bug is. 可以使用中文。 construct a kind cluster without sign outside ip. when visit this kind cluster will get error Get "https://192.168.4.124:57300/api?timeout=32s": x509: certificate is valid for 10.96.0.1, 172.18.0.3, not xxxx Of course, this is a problem with my configuration, but the kubecube program should not panic

    To Reproduce Steps to reproduce the behavior:

    1. Go to '...'
    2. Click on '....'
    3. Scroll down to '....'
    4. See error

    Expected behavior A clear and concise description of what you expected to happen.

    Screenshots If applicable, add screenshots to help explain your problem.

    Desktop (please complete the following information):

    • OS: [e.g. iOS]
    • Browser [e.g. chrome, safari]
    • Version [e.g. 22]

    Smartphone (please complete the following information):

    • Device: [e.g. iPhone6]
    • OS: [e.g. iOS8.1]
    • Browser [e.g. stock browser, safari]
    • Version [e.g. 22]

    Additional context Add any other context about the problem here.

    opened by Abirdcfly 5
  • [Bug]节点添加脚本错误相关问题

    [Bug]节点添加脚本错误相关问题

    问题一:向集群添加工作节点时执行脚本install.sh报错 2021-08-18 15:45:41 INFO get docker binary from local /bin/mv: cannot stat ‘/etc/kubecube/packages/docker-ce/linux/static/stable/x86_64/docker-19.03.8.tgz’: No such file or directory 2021-08-18 15:45:41 ERROR install kubernetes failed

    真正packages目录是在packages-master中: [[email protected] x86_64]# pwd /etc/kubecube/packages-master/docker-ce/linux/static/stable/x86_64 [[email protected] x86_64]# ls docker-19.03.8.tgz

    问题二:添加新节点时,给的步骤链接404 链接:https://www.kubecube.io/docs/部署指南/添加节点/#向集群添加工作节点

    问题三: 创建新集群时,过程与文档:https://www.kubecube.io/docs/installation-guide/add-member-k8s 完全不符! 这个问题新手遇到容易发狂!

    documentation good first issue kubecube-installer kubecube-front 
    opened by daixh302 5
  • centos7.4安装失败

    centos7.4安装失败

    centos7.4, all in one安装脚本时报错,拉不到镜像

    2021-07-13 14:27:52 DEBUG enable and start docker
    Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /etc/systemd/system/docker.service.
    2021-07-13 14:27:57 INFO downloading images
    I0713 14:27:59.066899   15693 version.go:252] remote version is much newer: v1.21.2; falling back to: stable-1.19
    W0713 14:27:59.839835   15693 configset.go:348] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
    
     2021-07-13 14:27:59 DEBUG spin pid: 15728                                                                                                                                                                -Error response from daemon: Get https://registry.cn-hangzhou.aliyuncs.com/v2/google_containers/kube-apiserver/manifests/v1.19.12: Get https://dockerauth.cn-hangzhou.aliyuncs.com/auth?scope=repository%3Agoogle_containers%2Fkube-apiserver%3Apull&service=registry.aliyuncs.com%3Acn-hangzhou%3A26842: dial tcp: lookup dockerauth.cn-hangzhou.aliyuncs.com on 10.198.141.241:53: no answer from DNS server
    2021-07-13 14:32:41 ERROR install kubernetes failed
    
    opened by Aragorn1026 3
  • Feature: add debug script and makefile

    Feature: add debug script and makefile

    Ⅰ. Describe what this PR does add debug script and makefile Ⅱ. Does this pull request fix one issue? Resolves #1
    Ⅲ. List the added test cases (unit test/integration test) if any, please explain if no tests are needed.

    Ⅳ. Describe how to verify it follow the steps on https://www.kubecube.io/docs/developer-guide/debug/ Ⅴ. Special notes for reviews

    ready to merge 
    opened by weilaaa 3
  • [Bug] Deployments 部署时环境变量无法输入下划线

    [Bug] Deployments 部署时环境变量无法输入下划线

    Deployments 部署,环境变量填写的时候,输入下划线报错。系统提示是可以输入下划线的,但是输入下划线报错,应该是判断出现了问题,如下图。

    image

    bug kubecube-front 
    opened by mfuuzy 2
  • [Feature] add debug script and makefile

    [Feature] add debug script and makefile

    I'd like to deploy and debug kubecube in local. I want an easier way to make deploy environment and debug. Something like install script and makefile is needed. manifests needed below:

    1. dependence manifests(crds, svc, rbac and so on) install and uninstall script
    2. local running makefile
    3. image build makefile
    good first issue help wanted 
    opened by weilaaa 1
  • [Bug] All-in-one 安装文档执行错误

    [Bug] All-in-one 安装文档执行错误

    执行按All-in-one安装文档执行有如下错误:

    image

    使用文档地址:https://www.kubecube.io/docs/installation-guide/all-in-one/#%E5%9C%A8-linux-%E4%B8%8A%E9%83%A8%E7%BD%B2-kubecube

    opened by LronDC 1
  • add change log for release v1.0.0

    add change log for release v1.0.0

    Ⅰ. Describe what this PR does

    add change log for release v1.0.0

    Ⅱ. Does this pull request fix one issue?

    Ⅲ. List the added test cases (unit test/integration test) if any, please explain if no tests are needed.

    Ⅳ. Describe how to verify it

    Ⅴ. Special notes for reviews

    ready to merge 
    opened by weilaaa 1
  • Merge Release v1.0 into main

    Merge Release v1.0 into main

    merge relase-v1.0 into main

    ready to merge 
    opened by zhujf1989 1
  • modify log delete token

    modify log delete token

    Ⅰ. Describe what this PR does delete sensitive infromation in logs Ⅱ. Does this pull request fix one issue? yes Ⅲ. List the added test cases (unit test/integration test) if any, please explain if no tests are needed. no need case Ⅳ. Describe how to verify it delete sensitive infromation, only verify token is empty Ⅴ. Special notes for reviews

    ready to merge 
    opened by JiahuiZhao11 1
  • [Feature]  non-k8s resource authz expansion

    [Feature] non-k8s resource authz expansion

    Why do we need non-k8s resource authz expansion?

    Assumed that we have a bookinfo server and we want to make a decision who can access bookinfo and by how?

    How to expand authz of non-k8s resource?

    Introduce new crd ExternalResource for mapping non-k8s resource so that we can use it as general k8s resource to rbac

    apiVersion: extension.kubecube.io/v1
    kind: ExternalResource
    metadata:
      name: bookinfo
    spec:
      namespaced: false
    ---
    apiVersion: rbac.authorization.k8s.io/v1
    kind: ClusterRole
    metadata:
      name: platform-admin
    rules:
      ...
      - apiGroups:
          - "extension.kubecube.io/v1"
        resources:
          - externalresources
        resourceNames:
          - bookinfo
        verbs:
          - get
          - list
          - watch
          - create
          - delete
          - deletecollection
          - patch
          - update
    
    opened by weilaaa 0
  • [Feature]KubeCube适配接入用户自有监控后端

    [Feature]KubeCube适配接入用户自有监控后端

    Is your feature request related to a problem? Please describe.

    1. 目前用户可以修改hotplug关掉监控,但是关闭后重新登录显示401;
    2. 用户无法接入自有监控后端。

    Describe the solution you'd like

    1. 修改hotplug,不允许关闭监控功能;
    2. 或修改代码后添加文档,指导用户接入自有监控后端。

    Describe alternatives you've considered

    Additional context

    enhancement 
    opened by JiahuiZhao11 3
  • [Feature] 文档中建议添加如何移除kubecube相关文档

    [Feature] 文档中建议添加如何移除kubecube相关文档

    目前使用中发现有如下问题: 1、文档中只有安装介绍,没有如何移除kubecube的介绍 2、 在已有kubernetes集群中安装的文档中,应该补充说明如何预先使用可插拔忽略某些组件的安装,比如ingress-nginx以及monintor等,避免在不知情情况下与集群中已经安装的产生冲突

    help wanted 
    opened by 912988434 1
  • [Feature] CubeOptions need validation

    [Feature] CubeOptions need validation

    Why CubeOptions need validation? Before running KubeCube, we are supposed to doing options validate, quick exit if validate failed.

    	Start = func(c *cli.Context) error {
    		if errs := flags.CubeOpts.Validate(); len(errs) > 0 {
    			return utilerrors.NewAggregate(errs)
    		}
    
    		run(flags.CubeOpts, signals.SetupSignalHandler())
    
    		return nil
    	}
    

    How to do it? We had validate method but in fact doing nothing in each validate func, we need complete it.

    // Validate verify options for every component
    // todo(weilaaa): complete it
    func (s *CubeOptions) Validate() []error {
    	var errs []error
    
    	errs = append(errs, s.APIServerOpts.Validate()...)
    	errs = append(errs, s.ClientMgrOpts.Validate()...)
    	errs = append(errs, s.CtrlMgrOpts.Validate()...)
    
    	return errs
    }
    
    func (c *Config) Validate() []error {
    	return nil
    }
    
    good first issue 
    opened by weilaaa 0
  • [Bug] member cluster connect failed cause to kubecube startup failure

    [Bug] member cluster connect failed cause to kubecube startup failure

    Describe the bug

    member cluster connect failed cause to kubecube startup failure

    2021-08-09T10:34:48.179+0800	error	kubernetes/kubernetes.go:81	problem new k8s client: Get "https://10.173.32.130:6443/api?timeout=32s": dial tcp 10.173.32.130:6443: connect: no route to host
    
    panic: runtime error: invalid memory address or nil pointer dereference
    [signal SIGSEGV: segmentation violation code=0x1 addr=0x40 pc=0x160106e]
    
    goroutine 1034 [running]:
    github.com/kubecube-io/kubecube/pkg/clients/kubernetes.NewClientFor.func1(0xc000df1280, 0x1ea3930, 0xc001c9e1c0)
    	/workspace/pkg/clients/kubernetes/kubernetes.go:102 +0x2e
    created by github.com/kubecube-io/kubecube/pkg/clients/kubernetes.NewClientFor
    	/workspace/pkg/clients/kubernetes/kubernetes.go:101 +0x252
    

    To Reproduce Steps to reproduce the behavior:

    1. teardown the member cluster
    2. restart kubecube pod

    Expected behavior It's supposed to setting the status of cluster to abnormal until member cluster reconnect kubecube meanwhile refresh InternalCluster

    Screenshots If applicable, add screenshots to help explain your problem.

    Desktop (please complete the following information):

    • OS: [e.g. iOS]
    • Browser [e.g. chrome, safari]
    • Version [e.g. 22]

    Smartphone (please complete the following information):

    • Device: [e.g. iPhone6]
    • OS: [e.g. iOS8.1]
    • Browser [e.g. stock browser, safari]
    • Version [e.g. 22]

    Additional context Add any other context about the problem here.

    bug 
    opened by weilaaa 1
Releases(v1.0.2)
🐻 The Universal Service Mesh. CNCF Sandbox Project.

Kuma is a modern Envoy-based service mesh that can run on every cloud, in a single or multi-zone capacity, across both Kubernetes and VMs. Thanks to i

Kuma 2.3k Aug 10, 2021
🐻 The Universal Service Mesh. CNCF Sandbox Project.

Kuma is a modern Envoy-based service mesh that can run on every cloud, in a single or multi-zone capacity, across both Kubernetes and VMs. Thanks to i

Kuma 2.4k Sep 24, 2021
Prometheus exporter for Amazon Elastic Container Service (ECS)

ecs_exporter ?? ?? ?? This repo is still work in progress and is subject to change. This repo contains a Prometheus exporter for Amazon Elastic Contai

Prometheus Monitoring Community 17 Sep 25, 2021
GitHub中文排行榜,帮助你发现高分优秀中文项目、更高效地吸收国人的优秀经验成果;榜单每周更新一次,敬请关注!

榜单设立目的 ???? GitHub中文排行榜,帮助你发现高分优秀中文项目; 各位开发者伙伴可以更高效地吸收国人的优秀经验、成果; 中文项目只能满足阶段性的需求,想要有进一步提升,还请多花时间学习高分神级英文项目; 榜单设立范围 设立1个总榜(所有语言项目汇总排名)、18个分榜(单个语言项目排名);

kon9chunkit 38.7k Sep 23, 2021
A curated list of awesome Kubernetes tools and resources.

Awesome Kubernetes Resources A curated list of awesome Kubernetes tools and resources. Inspired by awesome list and donnemartin/awesome-aws. The Fiery

Tom Huang 881 Sep 22, 2021
Learning about containers and how they work by creating them the hard way

Containers the hard way: Gocker: A mini Docker written in Go It is a set of Linux's operating system primitives that provide the illusion of a contain

Shuveb Hussain 1.3k Sep 19, 2021
Enterprise-grade container platform tailored for multicloud and multi-cluster management

KubeSphere Container Platform What is KubeSphere English | 中文 KubeSphere is a distributed operating system providing cloud native stack with Kubernete

KubeSphere 6.8k Sep 19, 2021
A tool to dump and restore Prometheus data blocks.

promdump promdump dumps the head and persistent blocks of Prometheus. It supports filtering the persistent blocks by time range. Why This Tool When de

Ivan Sim 72 Aug 24, 2021
A k8s vault webhook is a Kubernetes webhook that can inject secrets into Kubernetes resources by connecting to multiple secret managers

k8s-vault-webhook is a Kubernetes admission webhook which listen for the events related to Kubernetes resources for injecting secret directly from sec

Opstree Container Kit 88 Sep 17, 2021
A toolbox for debugging docker container and kubernetes with web UI.

A toolbox for debugging Docker container and Kubernetes with visual web UI. You can start the debugging journey on any docker container host! You can

CloudNativer 7 May 18, 2021
Sign Container Images with cosign and Verify signature by using Open Policy Agent (OPA)

Sign Container Images with cosign and Verify signature by using Open Policy Agent (OPA) In the beginning, I believe it is worth saying that this proje

Batuhan Apaydın 46 Aug 24, 2021
👀 A Kubernetes cluster resource sanitizer

Popeye - A Kubernetes Cluster Sanitizer Popeye is a utility that scans live Kubernetes cluster and reports potential issues with deployed resources an

Fernand Galiana 3.1k Sep 15, 2021
Kubedock is a minimal implementation of the docker api that will orchestrate containers on a Kubernetes cluster, rather than running containers locally.

Kubedock Kubedock is an minimal implementation of the docker api that will orchestrate containers on a kubernetes cluster, rather than running contain

Vincent van Dam 18 Sep 8, 2021
Sample multi docker compose environment setup

Instructions This is a demonstration of a Multi Docker Compose. The purpose of this repositoy is ongoing research on "Docker compose" architecture des

Damjan Dimitrioski 3 May 3, 2021
Build and deploy Go applications on Kubernetes

ko: Easy Go Containers ko is a simple, fast container image builder for Go applications. It's ideal for use cases where your image contains a single G

Google 3.2k Sep 20, 2021
Supporting your devops by shortening your strings using common abbreviations and clever guesswork

abbreviate Shorten your strings using common abbreviations. Supported by Tidelift Motivation This tool comes out of a frustration of the name of resou

Pascal Dennerly 170 Sep 14, 2021
A tool to restart a Docker container with a newer version of the image

repull A tool to restart a Docker container with a newer version of an image used by the container Often you may need to pull a newer version of an im

Eugene 19 Aug 30, 2021
Fast docker image distribution plugin for containerd, based on CRFS/stargz

[ ⬇️ Download] [ ?? Browse images] [ ☸ Quick Start (Kubernetes)] [ ?? Quick Start (nerdctl)] Stargz Snapshotter Read also introductory blog: Startup C

containerd 403 Sep 23, 2021
🐶 Kubernetes CLI To Manage Your Clusters In Style!

K9s - Kubernetes CLI To Manage Your Clusters In Style! K9s provides a terminal UI to interact with your Kubernetes clusters. The aim of this project i

Fernand Galiana 13.5k Sep 20, 2021