{"id":18309430,"url":"https://github.com/electrocucaracha/krd","last_synced_at":"2025-10-27T23:10:10.401Z","repository":{"id":38040116,"uuid":"133465430","full_name":"electrocucaracha/krd","owner":"electrocucaracha","description":"Kubernetes Reference Deployment","archived":false,"fork":false,"pushed_at":"2024-10-23T16:41:35.000Z","size":3094,"stargazers_count":39,"open_issues_count":3,"forks_count":10,"subscribers_count":6,"default_branch":"master","last_synced_at":"2024-10-23T23:22:45.960Z","etag":null,"topics":["ansible","istio","knative","kubernetes","kubespray","kubevirt","multus","nfd","pmem","qat","sr-iov","vagrant","virtlet"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/electrocucaracha.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-05-15T05:49:33.000Z","updated_at":"2024-10-23T16:41:38.000Z","dependencies_parsed_at":"2023-02-12T07:00:28.987Z","dependency_job_id":"4b0d2383-ceaa-4633-83ca-5eb9af24ca29","html_url":"https://github.com/electrocucaracha/krd","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/electrocucaracha%2Fkrd","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/electrocucaracha%2Fkrd/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/electrocucaracha%2Fkrd/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/electrocucaracha%2Fkrd/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/electrocucaracha","download_url":"https://codeload.github.com/electrocucaracha/krd/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247375412,"owners_count":20929021,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","istio","knative","kubernetes","kubespray","kubevirt","multus","nfd","pmem","qat","sr-iov","vagrant","virtlet"],"created_at":"2024-11-05T16:11:24.222Z","updated_at":"2025-10-27T23:10:10.396Z","avatar_url":"https://github.com/electrocucaracha.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Kubernetes Reference Deployment\n\n\u003c!-- markdown-link-check-disable-next-line --\u003e\n\n[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)\n[![GitHub Super-Linter](https://github.com/electrocucaracha/krd/workflows/Lint%20Code%20Base/badge.svg)](https://github.com/marketplace/actions/super-linter)\n[![Ruby Style Guide](https://img.shields.io/badge/code_style-rubocop-brightgreen.svg)](https://github.com/rubocop/rubocop)\n\n\u003c!-- markdown-link-check-disable-next-line --\u003e\n\n![visitors](https://visitor-badge.laobi.icu/badge?page_id=electrocucaracha.krd)\n[![Scc Code Badge](https://sloc.xyz/github/electrocucaracha/krd?category=code)](https://github.com/boyter/scc/)\n[![Scc COCOMO Badge](https://sloc.xyz/github/electrocucaracha/krd?category=cocomo)](https://github.com/boyter/scc/)\n\n## Summary\n\nKRD (Kubernetes Reference Deployment) is a framework for easily deploying Kubernetes clusters on bare-metal or virtual machines using Ansible.\nIt provides a configurable and extensible platform for validating Cloud Native technologies across various Linux distributions.\n\nA central concept in KRD is the use of the POD Descriptor File (PDF)—a YAML file that defines your cluster configuration.\nYou can start with the [default configuration](config/default.yml) or explore [the sample setups](config/samples) for advanced scenarios.\n\n## Supported Linux Distributions\n\n| Distribution | Version |\n| :----------- | :---------: |\n| Ubuntu | 20.04/22.04 |\n| openSUSE | Leap |\n| Fedora | 37/38/39/40 |\n\n## Included Components\n\nKRD integrates a wide range of Kubernetes-related components for testing, benchmarking, or production experimentation:\n\n| Component | Description | Source | Status |\n| :------------: | :---------------------------------- | :------------------------- | :------------: |\n| Kubernetes | Base Kubernetes deployment | [kubespray][1] | ✅ Done |\n| Virtlet | Run VMs as Kubernetes pods | [configure-virtlet.yml][3] | ✅ Tested |\n| Kubevirt | VM workloads on Kubernetes | | ✅ Tested |\n| Virtink | VM workloads on Kubernetes | | ✅ Tested |\n| Multus | Multi-network pod support | | ✅ Tested |\n| NFD | Node Feature Discovery | [nfd role][4] | ✅ Tested |\n| Istio | Service Mesh | | ✅ Tested |\n| PMEM | Persistent Memory CSI | [pmem role][6] | 🚧 Implemented |\n| QAT | Intel QuickAssist support | [qat_plugin role][8] | ✅ Tested |\n| SR-IOV | SR-IOV Plugin | [sriov_plugin role][9] | 🚧 Implemented |\n| Knative | Serverless platform | | ✅ Tested |\n| Kong | Ingress Controller | | ✅ Tested |\n| HAProxy | Ingress Controller | | ✅ Tested |\n| MetalLB | Network load balancer | | ✅ Tested |\n| Falco | Security runtime monitoring | | ✅ Tested |\n| Rook | Storage Operator | | ✅ Tested |\n| OPA Gatekeeper | Policy Enforcement | | ✅ Tested |\n| Kyverno | Policy Enforcement | | ✅ Tested |\n| Kubewarden | Policy Enforcement | | ✅ Tested |\n| kube-monkey | Chaos engineering for Kubernetes | | 🚧 Implemented |\n| Nephio | Telco-native orchestration | | 🚧 Implemented |\n| LocalAI | Local LLM inference support | | 🚧 Implemented |\n| K8SGPT | Kubernetes diagnostics | | 🚧 Implemented |\n| ArgoCD | GitOps \u0026 CI/CD workflows | | 🚧 Implemented |\n| Tekton | GitOps \u0026 CI/CD workflows | | 🚧 Implemented |\n| Longhorn | Storage Operator | | ✅ Tested |\n| TopoLVM | CSI storage with topology awareness | | ✅ Tested |\n| Fluent | Logging agent | | ✅ Tested |\n| CloudNativePG | PostgreSQL operator | | ✅ Tested |\n| LiteLLM | Local LLM inference support | | 🚧 Implemented |\n| kagent | KRM-native agentic AI platform | | 🚧 Implemented |\n\n## Quick Deployment\n\nUse the [All-in-One script](aio.sh) for a streamlined, unattended deployment:\n\n curl -fsSL http://bit.ly/KRDaio | bash\n\nThis will clone the repository, install dependencies, and provision a default cluster setup.\n\n![Provisioning](docs/src/img/provisioning.png)\n\n## Customizing your Cluster\n\nKRD supports custom cluster definitions using the PDF (YAML) format. Vagrant uses the [default configuration](config/default.yml), but this can be overridden via a `config/pdf.yml` file.\n\nYou can also visualize your cluster topology using:\n\n tox -e diagram\n\n![Sample diagram](docs/src/img/sample_tox_diagram.png)\n\n## Installing Add-Ons\n\nUse [KRD command script](krd_command.sh) to install optional components on an existing cluster.\n\n ./krd_command.sh -h\n\nTo install Kubernetes add-ons (e.g., Virtlet):\n\n KRD_ADDONS_LIST=virtlet ./krd_command.sh -a install_k8s_addons\n\n\u003e _Note_: Some add-ons include validation scripts in the [tests](tests) directory.\n\n## Day-2 Operations\n\nKRD supports full lifecycle operations, including upgrades, node addition, and service removal.\n\nExample: Upgrade your Kubernetes cluster to version `v1.18.10` using Kubespray `v2.14.2`:\n\n KRD_KUBE_VERSION=v1.18.10 KRD_KUBESPRAY_VERSION=v2.14.2 ./krd_command.sh -a upgrade_k8s\n\n## Environment Configuration\n\nKRD relies on environment variables to control behavior and customization. Below are some of the most relevant variables.\n\n### Global Variables\n\n| Name | Default | Description |\n| :------------------------------------ | :--------------------------------------------- | :------------------------------------------------------------------------------ |\n| KRD_DEBUG | false | Enables verbose execution |\n| KRD_ANSIBLE_DEBUG | false | Enables Ansible verbose execution |\n| PKG_DEBUG | false | Enables cURL package installer verbose execution |\n| KRD_KUBE_VERSION | v1.32.8 | Specifies the Kubernetes version to be upgraded |\n| KRD_KUBESPRAY_VERSION | v2.28.1 | Specifies the Kubespray version to be used during the upgrade process |\n| KRD_KUBESPRAY_REPO | `https://github.com/kubernetes-sigs/kubespray` | Specifies the Git repository to fetch the Kubespray's source code |\n| KRD_ENABLE_TESTS | false | Enables the functional tests during the deployment process |\n| KRD_HELM_CHART | | Specifies the Helm chart to be installed |\n| KRD_FOLDER | /opt/krd | KRD source code destination folder |\n| KRD_ACTIONS_LIST | install_k8s | Specifies a list of KRD actions to be installed during the All-in-One execution |\n| KRD_ADDONS_LIST | addons | Specifies the Kubernetes AddOns to be installed by install_k8s_addons |\n| KRD_HUGEPAGES_ENABLED | true | Enable/Disable [HugeTLB Pages][17] on cluster nodes |\n| KRD_QAT_PLUGIN_MODE | dpdk | Specifies the deployment mode for Intel QuickAssist Plugin |\n| KRD_KUBESPHERE_DEVOPS_ENABLED | true | Enable/Disable KubeSphere DevOps System |\n| KRD_KUBESPHERE_METRICS_SERVER_ENABLED | false | Enable/Disable [Horizontal Pod Autoscaler][15] on KubeSphere |\n| KRD_KUBESPHERE_SERVICEMESH_ENABLED | false | Enable/Disable KubeSphere Service Mesh |\n| KRD_ENABLE_ISTIO_ADDONS | false | Enable/Disable Istio AddOns(Grafana, Kiali and Prometheus) |\n| KRD_METALLB_ADDRESS_POOLS_LIST | | Specifies a list of L2 address pools for [MetalLB configuration][19] |\n\n### Kubespray\n\n| Name | Default | Description |\n| :----------------------------------- | :--------- | :------------------------------------------------------------------------------ |\n| KRD_NETWORK_PLUGIN | flannel | Choose network plugin (calico, canal, cilium, contiv, flannel, weave) |\n| KRD_FLANNEL_BACKEND_TYPE | host-gw | Type of flannel backend to use (vxlan, host-gw, udp) |\n| KRD_CILIUM_TUNNEL_MODE | disabled | Encapsulation mode for communication between nodes (disabled, vxlan, geneve) |\n| KRD_CILIUM_KUBE_PROXY_REPLACEMENT | probe | Specifies the type of kube-proxy replacement. |\n| KRD_CILIUM_ENABLE_BPF_MASQUERADE | true | Enable/Disable native IP masquerade support in eBPF |\n| KRD_CALICO_IPIP_MODE | Never | Configures Calico IP in IP encapsulation (Always, Never, CrossSubnet) |\n| KRD_CALICO_VXLAN_MODE | Never | Configures Calico VXLAN encapsulation (Always, Never, CrossSubnet) |\n| KRD_CALICO_NETWORK_BACKEND | bird | Configures Calico Network backend (bird, vxlan, none) |\n| KRD_KUBE_PROXY_MODE | ipvs | Choose kube-proxy mode (iptables, ipvs) |\n| KRD_DOWNLOAD_RUN_ONCE | true | Download images and binaries only once and then push them to the cluster nodes |\n| KRD_DOWNLOAD_LOCALHOST | true | Make localhost the download delegate |\n| KRD_MULTUS_ENABLED | false | Enable/Disable [Kubernetes Multus CNI][2] |\n| KRD_CONTAINER_RUNTIME | containerd | Specifies the Container Runtime to be used for deploying kubernetes |\n| KRD_DASHBOARD_ENABLED | false | Enable/Disable [Kubernetes Dashboard][12] |\n| KRD_CERT_MANAGER_ENABLED | true | Enable/Disable [Kubernetes Cert-Manager][10] |\n| KRD_INGRESS_NGINX_ENABLED | true | Enable/Disable [NGINX Ingress Controller][11] |\n| KRD_KATA_CONTAINERS_ENABLED | false | Enable/Disable [Kata Containers Runtime][13] |\n| KRD_CRUN_ENABLED | false | Enable/Disable [crun][18] |\n| KRD_YOUKI_ENABLED | false | Enable/Disable [youki][26] |\n| KRD_GVISOR_ENABLED | false | Enable/Disable [gVisor][25] |\n| KRD_MANUAL_DNS_SERVER | | Set to use a custom cluster DNS |\n| KRD_REGISTRY_MIRRORS_LIST | | Specifies a list of additional registry mirrors |\n| KRD_INSECURE_REGISTRIES_LIST | | Specifies a list of insecure-registries (IP address or domain name) |\n| KRD_LOCAL_VOLUME_PROVISIONER_ENABLED | true | Enable/Disable [Local volume provisioner][20] |\n| KRD_DOCKER_VERSION | latest | Specifies the Docker version to be used for deploying Kubernetes |\n| KRD_CONTAINERD_VERSION | 1.7.11 | Specifies the ContainerD version to be used for deploying Kubernetes |\n| KRD_ENABLE_NODELOCALDNS | true | Enable/Disable [NodeLocal DNSCache][5] |\n| KRD_NDOTS | 1 | Threshold for the number of dots which must appear in name resolution |\n| KRD_RESOLVCONF_MODE | none | Specifies the DNS setup for non-k8s containers. |\n| KRD_KUBE_PROXY_SCHEDULER | sh | Specifies the [IPVS scheduling algorithm][7] for allocating connections |\n| KRD_METALLB_ENABLED | false | Enable/Disable [MetalLB load-balancer][22] |\n| KRD_METALLB_ADDRESS_POOLS_LIST | | Specifies a lists of Layer 2 Address pools for MetalLB |\n| KRD_KUBERNETES_AUDIT | false | Enable/Disable [Auditing][23] |\n| KRD_KUBERNETES_AUDIT_WEBHOOK | false | Enable/Disable [Audit Webhook][23] |\n| KRD_AUDIT_WEBHOOK_SERVER_URL | | Audit Webhook server URL |\n| KRD_KUBELET_LOGFILES_MAX_NR | 5 | Maximum number of [container log][24] files that can be present for a container |\n| KRD_KUBELET_LOGFILES_MAX_SIZE | 10Mi | Maximum size of the [container log][24] file before it is rotated |\n| KRD_CONTAINER_CHECKPOINT_ENABLED | false | Enable/Disable [Containers checkpoints creation][21] |\n\n## Contribution\n\nKRD is an open-source initiative with contributions from developers, testers, and documenters across the community.\n\nWe welcome all forms of collaboration. Please see our [CONTRIBUTING](CONTRIBUTING.md) guide for details.\n\nThanks to everyone who has contributed so far!\n\n\u003ca href=\"https://github.com/electrocucaracha/krd/graphs/contributors\"\u003e\n \u003cimg src=\"https://contrib.rocks/image?repo=electrocucaracha/krd\" alt=\"contributors\" /\u003e\n\u003c/a\u003e\n\n![Visualization of the codebase](./codebase-structure.svg)\n\n[1]: https://github.com/kubernetes-sigs/kubespray\n[2]: https://github.com/k8snetworkplumbingwg/multus-cni\n[3]: playbooks/configure-virtlet.yml\n[4]: playbooks/roles/nfd\n[5]: https://kubernetes.io/docs/tasks/administer-cluster/nodelocaldns/\n[6]: playbooks/roles/pmem\n[7]: https://man.cx/?page=ipvsadm(8)\n[8]: playbooks/roles/qat_plugin\n[9]: playbooks/roles/sriov_plugin\n[10]: https://cert-manager.io/\n[11]: https://kubernetes.github.io/ingress-nginx/\n[12]: https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/\n[13]: https://katacontainers.io/\n[15]: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/\n[17]: https://www.kernel.org/doc/html/latest/admin-guide/mm/hugetlbpage.html\n[18]: https://github.com/containers/crun\n[19]: https://metallb.universe.tf/\n[20]: https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner\n[21]: https://kubernetes.io/blog/2022/12/05/forensic-container-checkpointing-alpha/\n[22]: https://metallb.universe.tf/\n[23]: https://kubernetes.io/docs/tasks/debug-application-cluster/audit/\n[24]: https://kubernetes.io/docs/concepts/cluster-administration/logging/\n[25]: https://gvisor.dev/docs/\n[26]: https://youki-dev.github.io/youki/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Felectrocucaracha%2Fkrd","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Felectrocucaracha%2Fkrd","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Felectrocucaracha%2Fkrd/lists"}