Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/stakater/Whitelister
A tool to white list node and developer IPs for kubernetes.
https://github.com/stakater/Whitelister
k8s kubernetes security-group stakater whitelister
Last synced: 2 months ago
JSON representation
A tool to white list node and developer IPs for kubernetes.
- Host: GitHub
- URL: https://github.com/stakater/Whitelister
- Owner: stakater
- License: apache-2.0
- Created: 2019-01-02T13:22:35.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2023-12-15T02:45:06.000Z (6 months ago)
- Last Synced: 2024-01-20T21:51:09.435Z (5 months ago)
- Topics: k8s, kubernetes, security-group, stakater, whitelister
- Language: Go
- Homepage: https://stakater.com/opensource
- Size: 158 KB
- Stars: 14
- Watchers: 6
- Forks: 6
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Lists
- awesome-cloud-native - Whitelister - A tool to white list node and developer IPs for kubernetes. (NetWork)
README
#  Whitelister
[](https://goreportcard.com/report/github.com/stakater/whitelister)
[](http://godoc.org/github.com/stakater/whitelister)
[](https://github.com/stakater/whitelister/releases/latest)
[](https://github.com/stakater/whitelister/releases/latest)
[](https://hub.docker.com/r/stakater/whitelister/)
[](https://hub.docker.com/r/stakater/whitelister/)
[](https://microbadger.com/images/stakater/whitelister)
[](https://microbadger.com/images/stakater/whitelister)
[](LICENSE)
[](http://stakater.com/?utm_source=whitelister&utm_medium=github)
## Problem
We would like to restrict access to servers to specific addresses only and keep audit trail of IP addresses allowed.
A tool to manage access to servers based on IP addresses and ports.
## Solution
Whitelister can be used to manage security group rules that control access to servers on different ports.
At the moment it supports Kubernetes as an IP Provider and Aws as the cloud provider.
You can read more about the configuration options [here](docs/config.md)
## Deploying to Kubernetes
You can deploy Whitelister by following methods
### Vanilla Manifests
You can apply vanilla manifests by running the following command
```bash
kubectl apply -f https://raw.githubusercontent.com/stakater/Whitelister/master/deployments/kubernetes/whitelister.yaml
```
Whitelister gets deployed in `default` namespace and searches for ingresses in all namespaces with label name `whitelister` and label value `true`. You will have to modify this file and add your credentials to access the cloud provider.
### Helm Charts
Alternatively if you have configured helm on your cluster, you can add Whitelister to helm from our public chart repository and deploy it via helm using below mentioned commands
```bash
helm repo add stakater https://stakater.github.io/stakater-charts
helm repo update
helm install stakater/whitelister
```
**Note:** By default whitelister is installed in default namespace. To run in a specific namespace, please run following command. It will install Whitelister in `test` namespace.
```bash
helm install stakater/whitelister --namespace test
```
## Use Case
- Let's say that using [Scaler](https://github.com/stakater/scaler), you stop/destroy your dev severs at night and start/create them again in the morning for cost saving. This can cause your servers to have new IP addresses every day and it can be a tedious job to add IP addresses of multiple Servers to multiple Security Groups everyday.
This is where Whitelister comes to the rescue. It can automatically detect new server creation by fetching nodes from Kubernetes and then modify security group of selected Ingress to add Ip addresses of new servers and optionally delete IP Addresses for old servers.
- Let's say you have a large team and you don't want to share cloud access with everyone. Now in order to still allow them to be able to access IP restricted servers, you can use a GIT repo which maintains a list of allowed IP addresses and users can add and remove the IP addresses there.
## Help
### Documentation
You can find more documentation [here](docs)
### Have a question?
File a GitHub [issue](https://github.com/stakater/Whitelister/issues), or send us an [email](mailto:[email protected]).
### Talk to us on Slack
Join and talk to us on Slack for discussing Whitelister
[](https://slack.stakater.com/)
[](https://stakater-community.slack.com/messages/C018GBSABM3)
## Contributing
### Bug Reports & Feature Requests
Please use the [issue tracker](https://github.com/stakater/Whitelister/issues) to report any bugs or file feature requests.
### Developing
PRs are welcome. In general, we follow the "fork-and-pull" Git workflow.
1. **Fork** the repo on GitHub
2. **Clone** the project to your own machine
3. **Commit** changes to your own branch
4. **Push** your work back up to your fork
5. Submit a **Pull request** so that we can review your changes
NOTE: Be sure to merge the latest from "upstream" before making a pull request!
## Changelog
View our closed [Pull Requests](https://github.com/stakater/Whitelister/pulls?q=is%3Apr+is%3Aclosed).
## License
Apache2 © [Stakater](http://stakater.com)
## About
`Whitelister` is maintained by [Stakater][website]. Like it? Please let us know at
See [our other projects][community]
or contact us in case of professional services and queries on
[website]: http://stakater.com/
[community]: https://github.com/stakater/