Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/timonback/zephykus

Visualize Kubernetes Ingress Rules
https://github.com/timonback/zephykus

ingress kubernetes visualization

Last synced: 2 months ago
JSON representation

Visualize Kubernetes Ingress Rules

Host: GitHub
URL: https://github.com/timonback/zephykus
Owner: timonback
Created: 2019-11-10T17:25:35.000Z (about 5 years ago)
Default Branch: master
Last Pushed: 2023-01-07T12:50:23.000Z (almost 2 years ago)
Last Synced: 2024-10-10T05:38:06.276Z (3 months ago)
Topics: ingress, kubernetes, visualization
Language: TypeScript
Homepage:
Size: 1.19 MB
Stars: 3
Watchers: 2
Forks: 1
Open Issues: 13
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# Zephykus ![](https://github.com/timonback/zephykus/workflows/docker/badge.svg)

Zephykus is a tool to visualize ingress rules and flow of network traffic in Kubernetes.

![README_demo.png](README_demo.png)

Entrypoint is the *Kubernetes CNI Ingress* node. Two ingress rules are defined (`zephykus` and `nginx`) that redirect traffic to the corresponding services. Based on the kubernetes label selectors, two pods each do match the service description and will receive the traffic.

By clicking on each entity additional information like ingress annotations, port configuration and service types are revealed on the left hand side info box.

Color legend:

- Dark border: Search matches
- Orange: Selected item
- Green:
- Light: Upstream resources
- Dark: Downstream resources
- Red: Publicly exposes services (LoadBalancer, NodePort)

## Usage

Install zephykus to your cluster.
```
kubectl apply -f https://raw.githubusercontent.com/timonback/zephykus/master/zephykus.yaml
```

Access the web-interface locally at http://localhost:3000/
```
kubectl -n default port-forward svc/zephykus-service 3000:80
```

## Security

Running this image, will expose the kubernetes raw objects of type pod, service and ingress to the outside world. While manipulation is not possible, many details are reveals to everyone who has access to the service.

As part of installing, also a default ingress resource is created. This rule may allow attackers to access this service even without using the `kubectl port-forward` command.

## Future Improvements

- [x] Faster graph handling with Cytograph
- [ ] Indicate via icons the service resource and additional information like healthiness
- [x] Load new cluster state only on request (including caching) instead of pre-fetching
- [x] Add pod/service/ingress filter
- [x] Add interactive search suggestions