Layotto is an application runtime developed using Golang, which provides various distributed capabilities for applications

Related tags

DevOps Tools layotto
Overview

Layotto (L8):To be the next layer of OSI layer 7

查看中文版本

Layotto is an application runtime developed using Golang, which provides various distributed capabilities for applications, such as state management, configuration management, and event pub/sub capabilities to simplify application development.

Layotto uses the open source MOSN as the base, in addition to providing distributed capabilities, it also provides Service Mesh's ability to control traffic.

Features

  • Service Communication
  • Service Governance.Such as traffic hijacking and observation, service rate limiting, etc
  • Configuration management
  • State management
  • Event publish and subscribe
  • Health check, query runtime metadata
  • Multilingual programming based on WASM

Project Architecture

As shown in the architecture diagram below, Layotto uses the open source MOSN as the base to provide network layer management capabilities while providing distributed capabilities. The business logic can directly interact with Layotto through a lightweight SDK without paying attention to the specific back-end infrastructure.

Layotto provides sdk in various languages. The sdk interacts with Layotto through grpc. Application developers only need to specify their own infrastructure type through the configuration file configure file provided by Layotto. No coding changes are required, which greatly improves the portability of the program.

Architecture

Quickstarts and Samples

Get started with Layotto

See the quick start guide configuration demo with apollo that can help you get started with Layotto.

Use Pub/Sub API

Implementing Pub/Sub Pattern using Layotto and Redis

Use State API to manage state

State management demo with redis

Traffic intervention on the 4th layer network

Dump TCP Traffic

Flow Control on the 7th layer network

Method Level Flow Control

Health check and metadata query

Use Layotto Actuator for health check and metadata query

Service Invocation

Hello World

Dubbo JSON RPC

Multilingual programming based on WASM

WASM on Layotto

Community

Contact Us

Platform Link
💬 DingTalk (preferred) Search the group number: 31912621 or scan the QR code below

Contributing to Layotto

See the Development Guide contributing to get started with building and developing.

Comments
  • 配置下发通道与配置热加载

    配置下发通道与配置热加载

    希望提供一个通用的配置下发的grpc协议通道,用于layotto与控制面的交互(可以参考go-control-plane), 可以随意定义用户可以,随意的定义下发配置的策略内容

    用途: 1.redis、kafka客户端流量管理控制,可能需要容灾切换、灰度发布策略切换 2.redis连接参数调整、安全弱密码自动切换

    enhancement community meeting topic wip 
    opened by unionhu 60
  • [Proposal] OSS api design

    [Proposal] OSS api design

    Dapr现状

    dapr现在在bindings里面支持了aliyun OSS的实现,具体实现可以参照oss。 ​

    dapr的Binding的分为Input和Out前者就是个类似于sub的能力,收到事件,调用回调函数。后者就是对后端的组件进行一些CRUD操作,如下: ​

    const (
    	GetOperation    OperationKind = "get"
    	CreateOperation OperationKind = "create"
    	DeleteOperation OperationKind = "delete"
    	ListOperation   OperationKind = "list"
    )
    

      // Invokes binding data to specific output bindings
      rpc InvokeBinding(InvokeBindingRequest) returns (InvokeBindingResponse) {}
    
    
    // InvokeBindingRequest is the message to send data to output bindings
    message InvokeBindingRequest {
      // The name of the output binding to invoke.
      string name = 1;
    
      // The data which will be sent to output binding.
      bytes data = 2;  //对象数据
    
      // The metadata passing to output binding components
      // 
      // Common metadata property:
      // - ttlInSeconds : the time to live in seconds for the message. 
      // If set in the binding definition will cause all messages to 
      // have a default time to live. The message ttl overrides any value
      // in the binding definition.
      map<string,string> metadata = 3;  //OSS的key存在这里面
    
      // The name of the operation type for the binding to invoke
      string operation = 4;  //增删改查
    }
    
    // InvokeBindingResponse is the message returned from an output binding invocation
    message InvokeBindingResponse {
      // The data which will be sent to output binding.
      bytes data = 1;
    
      // The metadata returned from an external system
      map<string,string> metadata = 2;
    }
    

    InvokeBinding是一个Unary的rpc调用,这对于OSS这种支持大文件需要流式传输的功能肯定是没法支持的。 ​

    方案

    方案一:

    增加InvokeService为stream的rpc调用: ​

      // InvokeService do rpc calls
      rpc InvokeService(InvokeServiceRequest) returns (InvokeResponse) {}
    
    	改为:
    
    	// InvokeService do rpc calls
      rpc InvokeService(stream InvokeServiceRequest) returns (stream InvokeResponse) {}
    

    先给Dapr提了个Issue来跟踪: https://github.com/dapr/dapr/issues/3338

    方案二:

    本身dapr的binding的概念就不是一个很好的抽象,感觉就是什么都可以做。但又不知道应该用来做哪些东西。对于OSS这种流式传输的,我们也可以在pb中单独抽象出一类接口:

      // Get file with stream.
      rpc GetFile(GetFileRequest) returns (stream GetFileResponse) {}
    
      // Put file with stream.
      rpc PutFile(stream PutFileRequest) returns (google.protobuf.Empty) {}
    
    message GetFileRequest {
      //
      string store_name = 1;
      // The name of the file or object want to get.
      string name = 2;
      // The metadata for user set.
      map<string,string> metadata = 3;
    }
    
    message GetFileResp {
      bytes data = 1;
    }
    
    message PutFileRequest {
      string store_name = 1;
      // The name of the file or object want to put.
      string name = 2;
      // The data which will be store.
      bytes data = 3;
      // The metadata for user set.
      map<string,string> metadata = 4;
    }
    
    

    enhancement stale 
    opened by wenxuwan 36
  • feature: Decoupled type

    feature: Decoupled type

    What this PR does:

    Which issue(s) this PR fixes:

    Fixes #513

    Special notes for your reviewer:

    Does this PR introduce a user-facing change?:

    将COMPONENT NAME与具体的中间件类型解藕,在COMPONENT NAME块中KEY:VAKLUE对新增type:name (name为中间件类型)
    
    image cla:yes size/XXL incompatible community meeting topic 
    opened by akkw 27
  • Double buffer for sequencer catch

    Double buffer for sequencer catch

    What this PR does:

    Using double buffer to solve the problem of sequencer local cache.

    Which issue(s) this PR fixes:

    Fixes #158

    Special notes for your reviewer:

    Does this PR introduce a user-facing change?:

    
    
    cla:yes size/XL 
    opened by ZLBer 24
  • Zookeeper lock

    Zookeeper lock

    What this PR does:

    add zookeeper lock

    Which issue(s) this PR fixes:

    Fixes #104

    Special notes for your reviewer:

    @seeflood

    Does this PR introduce a user-facing change?:

    
    
    cla:yes size/XL First-time contributor 
    opened by ZLBer 24
  • implement distributied lock with redis cluster

    implement distributied lock with redis cluster

    What this PR does:

    add redis cluster lock(red lock implement)

    Which issue(s) this PR fixes:

    Fixes #249

    cla:yes size/XXL First-time contributor 
    opened by whalesongAndLittleFish 22
  • feat:add hdfs support

    feat:add hdfs support

    Signed-off-by: bokket [email protected]

    What this PR does: add Hdfs oss support for Layotto file system interface.

    Which issue(s) this PR fixes:

    Fixes #236

    Special notes for your reviewer:

    Does this PR introduce a user-facing change?:

    
    
    cla:yes size/XL First-time contributor 
    opened by bokket 18
  • [Proposal]Secret API design

    [Proposal]Secret API design

    Add Layotto secret API. To generate key dependent interface definitions, similar to dapr

    English explanation will be added later

    Secret API设计文档

    本文档讨论"密钥相关"的API

    1. 需求

    1.1. 密钥管理

    Q: 为何需要密钥管理?

    A: 应用程序在执行过程中大多数会使用专门的密钥去访问外部服务,通常需要建议一个对应的密钥存储来管理。

    Q: Layotto Secret API充当的角色?

    A: 提供管理密钥以及允许开发人员通过API获得密钥的功能,充当密钥管理者角色。

    2. 产品调研

    | 平台方 | 提供功能 | |--|--| |dapr|访问权限(可依赖各自云产品支持),密钥管理,检索密钥| |云密钥产品相关|访问权限,密钥管理,检索密钥|

    3. grpc API设计

    在制定对应API时,需要考虑每个密钥的唯一资源定位因素有哪些?

    • 存放空间地址
    • 密钥对应名称
    • 密钥对应版本
    • 密钥对应状态

      其中最为主要的则是前两个。版本默认latest,而状态则默认取生效,如没有生效的密钥,则需要业务去判断下一步操作。

    3.1. proto定义

      // Gets secrets from secret stores.
      rpc GetSecret(GetSecretRequest) returns (GetSecretResponse) {}
    
      // Gets a bulk of secrets
      rpc GetBulkSecret(GetBulkSecretRequest) returns (GetBulkSecretResponse) {}
      
      // GetSecretRequest is the message to get secret from secret store.   
    message GetSecretRequest {
      // The name of secret store.
      string store_name = 1;
    
      // The name of secret key.
      string key = 2;
    
      // The metadata which will be sent to secret store components.
      // Contains version, status, and so on...
      map<string,string> metadata = 3;
    }
    
    // GetSecretResponse is the response message to convey the requested secret.
    message GetSecretResponse {
      // data is the secret value. Some secret store, such as kubernetes secret
      // store, can save multiple secrets for single secret key.
      map<string, string> data = 1;
    }
    
    
    // GetBulkSecretRequest is the message to get the secrets from secret store.
    message GetBulkSecretRequest {
      // The name of secret store.
      string store_name = 1;
    
      // The metadata which will be sent to secret store components.
      map<string,string> metadata = 2;
    }
    
    
    // GetBulkSecretResponse is the response message to convey the requested secrets.
    message GetBulkSecretResponse {
      // data hold the secret values. Some secret store, such as kubernetes secret
      // store, can save multiple secrets for single secret key.
      map<string, SecretResponse> data = 1;
    }
    
    
    // SecretResponse is a map of decrypted string/string values
    message SecretResponse {
      map<string, string> secrets = 1;
    }
    

    Q: 是否由Layotto帮用户实现对应密钥获取实现?

    A: API和Layotto运行时不管这事,由sdk或者用户自己处理,或者某个特殊组件想实现这个feature也可以。

    4. 组件API

    package secretstores
    
    type SecretStore interface {
    		// Init authenticates with the actual secret store and performs other init operation
    	Init(metadata Metadata) error
    	// GetSecret retrieves a secret using a key and returns a map of decrypted string/string values
    	GetSecret(req GetSecretRequest) (GetSecretResponse, error)
    	// BulkGetSecrets retrieves all secrets in the store and returns a map of decrypted string/string values
    	BulkGetSecret(req BulkGetSecretRequest) (BulkGetSecretResponse, error)
    }
    
    // GetSecretRequest describes a get secret request from a secret store.
    type GetSecretRequest struct {
    	Name     string            `json:"name"`
    	Metadata map[string]string `json:"metadata"`
    }
    
    // BulkGetSecretRequest describes a bulk get secret request from a secret store.
    type BulkGetSecretRequest struct {
    	Metadata map[string]string `json:"metadata"`
    }
    
    // GetSecretResponse describes the response object for a secret returned from a secret store.
    type GetSecretResponse struct {
    	Data map[string]string `json:"data"`
    }
    
    // BulkGetSecretResponse describes the response object for all the secrets returned from a secret store.
    type BulkGetSecretResponse struct {
    	Data map[string]map[string]string `json:"data"`
    }
    
    // DefaultSecretRefKeyName is the default key if secretKeyRef.key is not given.
    const DefaultSecretRefKeyName = "_value"
    
    // Metadata contains a secretstore specific set of metadata properties.
    type Metadata struct {
    	Properties map[string]string `json:"properties,omitempty"`
    }
    

    参考资料

    dapr密钥管理概览

    AWS Secrets Manager

    Microsoft Key Vault

    Azure Key Vault

    阿里云密钥管理服务

    enhancement pinned 
    opened by MentosL 18
  • proposal: Adding integration tests when submitting a PR

    proposal: Adding integration tests when submitting a PR

    What problem does this proposal solve

    Our code review process is slow, and hard. I want to make PR review faster. We added some linters in CI, but that's far not enough. PR review is still hard 😢 and still slow

    Analyze

    Model

    We can model "PR review" into different phases:

    • Triage

    • Design review Review the design docs (if any) or API definition.

    • Test case review Review there are enough test cases covering different corner cases.

    • Test

      • pass existing test cases
      • add new UT
      • add new integration test
    • Code review Finally, we start to review code details.

    Pain points

    • Some PR has no detailed design documentation. A good design doc makes PR review much much easier, e.g. https://github.com/dapr/dapr/issues/2988
    • Some PR don't have integration tests, which means it might not pass self-tests. It will take reviewers much time to review when a PR didn't do a self-test. They might have UT, but as we all know, UT can't find out bugs :)

    Solutions

    We add new PR specification. PR with new features should:

    1. add new integration test cases We can take the "quickstart" markdown docs as "integration tests" For example, to review and test #669 , I submitted https://github.com/mosn/layotto/pull/698 as the integration tests

    2. add those tests into CI. After writing the quickstart docs, a PR should add it into the CI. image

    For more details, see https://mosn.io/layotto/#/zh/development/test-quickstart?id=step-5-%e4%bf%ae%e6%94%b9-ci%e8%87%aa%e5%8a%a8%e6%b5%8b%e8%af%95%e6%96%b0%e5%86%99%e7%9a%84-quickstart-%e6%96%87%e6%a1%a3

    1. After new tests added into CI and all tests passed (which means this PR has been fully self-tested ), reviewers start to review
    stale 
    opened by seeflood 17
  • consul lock

    consul lock

    What this PR does: add consul lock Which issue(s) this PR fixes:

    Fixes #129

    Special notes for your reviewer: @seeflood
    Does this PR introduce a user-facing change?:

    
    
    cla:yes size/XL 
    opened by ZLBer 16
  • proposal: IM notify API [SaaS API]

    proposal: IM notify API [SaaS API]

    Hi, This is IM notify API proposal.

    What would you like to be added:

    saas api: IM notify api

    Why is this needed:

    https://github.com/mosn/layotto/issues/712

    Support situation:

    |IM|Docs| |---|---| |Dingtalk| https://open.dingtalk.com/document/group/send-a-dingtalk-robot-message | |Dingtalk dapr| https://docs.dapr.io/zh-hans/reference/components-reference/supported-bindings/alicloud-dingtalk/ |

    API spec:

    // Saas API
    // Send the message to IM.
    rpc SendIM(SendIMRequest) returns (SendIMResponse) {}
    
    ------
    
    // SendIMRequest is the message send to im.
    message SendIMRequest {
    
      // The invoke Id.
      string id = 1;
    
      // The saas service name, like 'dingtalk'/'wechat'/'...'
      string saas_name = 2;
    
      // The api access token.
      string secret = 3;
    
      // The IM sender tag.
      string sender_id = 4;
    
      // The IM receivers tag.
      repeated string receivers = 5;
    
      // The IM message type, like 'text'/'table'/'...'
      string message_type = 6;
    
      // The IM message data.
      bytes message_data = 7;
    
      // The metadata which will be sent to IM components.
      map<string, string> metadata = 8;
    }
    
    message SendIMResponse {
      // The saas requestId.
      string request_id = 1;
    
      // The data response from IM service.
      bytes data = 2;
    
      // The metadata returned from IM service.
      map<string, string> metadata = 3;
    }
    

    字段设计考虑:

    1. IM原生API非常复杂,难取交集

    无论是dingtalk,还是wechat等IM工具。在原生API设计上都有很多自己独特的请求参数,这取决于IM自身的一些设计。

    例如:

    • 消息模板ID:有的IM具有模板,有的IM不需要模板即可发送。
    • 收件人格式:有的IM发送给自生成的ID,有的则使用 用户名/手机号 等进行发送。

    2. IM具有绑定性,弱移植性

    一个公司,哪怕部署到混合云,大概率也只会使用一种IM工具,很少听说不同云的消息要发送给不同IM。

    所以本身IM代码就不需要很强的可移植性,那么对于一些特有的字段,可以接受放在metadata中。

    3. Runtime API取核心字段,其他字段放metadata

    尽可能取多种IM都有的一些概念,将这些字段放在API中,其他字段放metadata。

    对于一次IM发送,有几个字段是必需的:

    1. sender_id:发送账号的id/tag
    2. receivers:接收账号的id/tag
    3. message_type:如今的IM都支持多媒体,所以使用该字段标识消息类型
    4. message_data:对应message_type的消息体

    以及,设计两个基础字段:

    1. id:用于进行一定的标识,从而可以实现基于id获取配置的功能。往往IM的配置相对静态,可以通过id获取IM的相关配置,减少在metadata中的字段
    2. saas_name:多IM场景时使用,保留这样的可拓展性,但一般用不到该场景。当用到该场景时,由于不同IM的发送参数有巨大差异,如果在代码中传递metadata等字段,则可能无法移植,这时候就需要上述的 id 功能。

    一个密钥字段:

    1. secret:往往是accessToken,但也可通过上述 id 功能,由id获取对应的配置,在配置中获取accessToken。所以该字段往往不需要显式传入,但仍然在API中进行保留,以便于直接调用。

    stale 
    opened by kevinten10 15
  • feat(api): encrypt/decrypt api

    feat(api): encrypt/decrypt api

    Signed-off-by: seeflood [email protected]

    What this PR does: encrypt/decrypt api

    Which issue(s) this PR fixes:

    Fixes #

    Special notes for your reviewer:

    Does this PR introduce a user-facing change?:

    
    
    cla:yes size/XXL 
    opened by seeflood 1
  • feat(api): add DelayQueue API

    feat(api): add DelayQueue API

    Signed-off-by: seeflood [email protected]

    What this PR does: add DelayQueue API

    todo:

    • [ ] add a research report for different kinds of delay queue.

    Which issue(s) this PR fixes:

    Fixes #617

    Special notes for your reviewer: Please focus on reviewing the delay_queue.proto first. All the other files are generated by generator

    Does this PR introduce a user-facing change?:

    
    
    cla:yes size/XXL 
    opened by seeflood 3
  • feat(generator): generate new methods for existing APIs

    feat(generator): generate new methods for existing APIs

    Signed-off-by: seeflood [email protected]

    What this PR does: generate new methods for existing APIs.

    docs: https://github.com/seeflood/protoc-gen-p6#masters-commands

    https://seeflood.github.io/layotto/#/zh/start/api_plugin/generate

    Which issue(s) this PR fixes:

    Fixes #

    Special notes for your reviewer:

    Does this PR introduce a user-facing change?:

    
    
    cla:yes size/L 
    opened by seeflood 1
  • docs: lock demo

    docs: lock demo

    What this PR does:

    Which issue(s) this PR fixes:

    Fixes #

    Special notes for your reviewer:

    Does this PR introduce a user-facing change?:

    
    
    cla:yes size/M 
    opened by akkw 0
  • lifecycle for dynamic configuration

    lifecycle for dynamic configuration

    What would you like to be added: There's a problem when implementing the dynamic configuration feature. After agent got all the configuration via XDS, it tried to invoke the Layotto Lifecycle API but got an error: image

    To solve this problem, we need to use the health check hooks. The agent should invoke Lifecycle API after Layotto get started, but before the sidecar passes the readiness check

    Why is this needed:

    opened by seeflood 0
Releases(v0.4.0)
Owner
MOSN
The Cloud Native Proxy for Edge or Service Mesh
MOSN
PolarDB Stack is a DBaaS implementation for PolarDB-for-Postgres, as an operator creates and manages PolarDB/PostgreSQL clusters running in Kubernetes. It provides re-construct, failover swtich-over, scale up/out, high-available capabilities for each clusters.

PolarDB Stack开源版生命周期 1 系统概述 PolarDB是阿里云自研的云原生关系型数据库,采用了基于Shared-Storage的存储计算分离架构。数据库由传统的Share-Nothing,转变成了Shared-Storage架构。由原来的N份计算+N份存储,转变成了N份计算+1份存储

null 22 Jul 18, 2022
Metrics go: CudgX indicator management tool, which integrates monitoring and data analysis indicator capabilities

Metrics-Go metrics-go 是cudgx指标打点工具,它集成了监控和数据分析指标能力。 数据流程 指标数据流程为: 用户代码调用打点 SDK指标

Galaxy-Future 10 Mar 1, 2022
Open Source runtime tool which help to detect malware code execution and run time mis-configuration change on a kubernetes cluster

Kube-Knark Project Trace your kubernetes runtime !! Kube-Knark is an open source tracer uses pcap & ebpf technology to perform runtime tracing on a de

Chen Keinan 32 Sep 19, 2022
Frisbee is a Kubernetes-native platform for exploring, testing, and benchmarking distributed applications.

Why Frisbee ? Frisbee is a next generation platform designed to unify chaos testing and perfomance benchmarking. We address the key pain points develo

Computer Architecture and VLSI Systems (CARV) Laboratory 37 Sep 13, 2022
Leapfrog - Apis Developed In Lambdas

leapfrog - APIs DEVELOPED IN LAMBDAS ## Environment Details 1.Branch Name : Dev-Migration 2.URL : https://dev.cclproducts.com 3.Database Used : CCLDE

null 0 Mar 23, 2022
Testcontainers is a Golang library that providing a friendly API to run Docker container. It is designed to create runtime environment to use during your automatic tests.

When I was working on a Zipkin PR I discovered a nice Java library called Testcontainers. It provides an easy and clean API over the go docker sdk to

null 1.6k Sep 19, 2022
Using the Golang search the Marvel Characters. This project is a web based golang application that shows the information of superheroes using Marvel api.

marvel-universe-web using the Golang search the Marvel Universe Characters About The Project This project is a web based golang application that shows

Burak KÖSE 2 Oct 10, 2021
An open-source, distributed, cloud-native CD (Continuous Delivery) product designed for developersAn open-source, distributed, cloud-native CD (Continuous Delivery) product designed for developers

Developer-oriented Continuous Delivery Product ⁣ English | 简体中文 Table of Contents Zadig Table of Contents What is Zadig Quick start How to use? How to

null 0 Oct 19, 2021
A simple project (which is visitor counter) on kubernetesA simple project (which is visitor counter) on kubernetes

k8s playground This project aims to deploy a simple project (which is visitor counter) on kubernetes. Deploy steps kubectl apply -f secret.yaml kubect

null 12 Sep 5, 2022
Tool which gathers basic info from apk, which can be used for Android penetration testing.

APKSEC Tool which gathers basic info from apk, which can be used for Android penetration testing. REQUIREMENTS AND INSTALLATION Build APKSEC: git clon

Jayateertha Guruprasad 3 Sep 2, 2022
An operator which complements grafana-operator for custom features which are not feasible to be merged into core operator

Grafana Complementary Operator A grafana which complements grafana-operator for custom features which are not feasible to be merged into core operator

Snapp Cab Incubators 6 Aug 16, 2022
OpenAPI Terraform Provider that configures itself at runtime with the resources exposed by the service provider (defined in a swagger file)

Terraform Provider OpenAPI This terraform provider aims to minimise as much as possible the efforts needed from service providers to create and mainta

Daniel I. Khan Ramiro 218 Sep 14, 2022
Kubernetes Virtualization API and runtime in order to define and manage virtual machines.

Kubernetes Virtualization API and runtime in order to define and manage virtual machines.

KubeVirt 3.5k Sep 19, 2022
Kubei is a flexible Kubernetes runtime scanner, scanning images of worker and Kubernetes nodes providing accurate vulnerabilities assessment, for more information checkout:

Kubei is a vulnerabilities scanning and CIS Docker benchmark tool that allows users to get an accurate and immediate risk assessment of their kubernet

Portshift 733 Sep 21, 2022
Open Source runtime scanner for Linux containers (LXD), It performs security audit checks based on CIS Linux containers Benchmark specification

lxd-probe Scan your Linux container runtime !! Lxd-Probe is an open source audit scanner who perform audit check on a linux container manager and outp

Chen Keinan 14 May 16, 2022
Write controller-runtime based k8s controllers that read/write to git, not k8s

Git Backed Controller The basic idea is to write a k8s controller that runs against git and not k8s apiserver. So the controller is reading and writin

Darren Shepherd 50 Dec 10, 2021
The k8s-generic-webhook is a library to simplify the implementation of webhooks for arbitrary customer resources (CR) in the operator-sdk or controller-runtime.

k8s-generic-webhook The k8s-generic-webhook is a library to simplify the implementation of webhooks for arbitrary customer resources (CR) in the opera

Norwin Schnyder 6 Jul 12, 2022
runtime - an abstraction library on top of the Open Policy Agent (OPA)

runtime - an abstraction library on top of the Open Policy Agent (OPA) Introduction The "runtime" project is a library that sits on top of OPA. The go

 Aserto Inc 19 Jul 2, 2022
Open Source runtime scanner for OpenShift cluster and perform security audit checks based on CIS RedHat OpenShift Benchmark specification

OpenShift-Ordeal Scan your Openshift cluster !! OpenShift-Ordeal is an open source audit scanner who perform audit check on OpenShift Cluster and outp

chenk 5 Sep 6, 2022