Product
Introducing License Enforcement in Socket
Ensure open-source compliance with Socket’s License Enforcement Beta. Set up your License Policy and secure your software!
github.com/replicatedhq/kurl
kURL is a Kubernetes installer for airgapped and online clusters.
kURL relies on kubeadm
to bring up the Kubernetes control plane, but there are a variety of tasks a system administrator must perform both before and after running kubeadm init in order to have a production-ready Kubernetes cluster, such as installing Docker, configuring Pod networking, or installing kubeadm itself.
The purpose of this installer is to automate those tasks so that any user can deploy a Kubernetes cluster with a single script.
For more information please see kurl.sh/docs/
For questions about using kURL, there's a Replicated Community forum, and a #kurl channel in Kubernetes Slack.
kURL offers several optional add-ons for Kubernetes cluster creation. These open-source technology add-ons are distributed under various open-source licenses.
One optional add-on available for object storage is MinIO. Use of MinIO is governed by the GNU AGPLv3 license that can be found in their License file.
One optional add-on available for Metrics & Monitoring is Prometheus via the Prometheus Operator, which includes Grafana. Use of Grafana is currently governed by the GNU AGPL v3 license that can be found in their License file.
Contributions are greatly appreciated. See CONTRIBUTING.md or more details. Before starting any work, please either comment on an existing issue, or file a new one.
For details on each release, see the changelog. For Replicated vendors, detailed release notes are available at Kubernetes Installer Release Notes on the Replicated documentation site.
Release assets and changelog are available on the GitHub Releases page.
Releases are created by a GitHub Workflow when a tag is pushed.
The tag should follow the date format vYYYY.MM.DD-#
.
A new release, from HEAD, can be tagged by running the following command:
make tag-and-release
To tag and release a specific commit:
make COMMIT_ID=<GITHUB_SHA> tag-and-release
The tag-and-release
Make task enforces the git tree to be clean and a tag to be created against
the main
branch. To override this behavior call the underlying script directly:
./bin/tag-and-release.sh --commit-id=<GITHUB_SHA> --no-main --outdated
Signed SBOMs for kURL Go and Javascript dependencies are combined into a tar file and are included with each release.
The following example illustrates using cosign to verify that kurl-sbom.tgz has not been tampered with.
$ cosign verify-blob --key key.pub --signature kurl-sbom.tgz.sig kurl-sbom.tgz
Verified OK
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Ensure open-source compliance with Socket’s License Enforcement Beta. Set up your License Policy and secure your software!
Product
We're launching a new set of license analysis and compliance features for analyzing, managing, and complying with licenses across a range of supported languages and ecosystems.
Product
We're excited to introduce Socket Optimize, a powerful CLI command to secure open source dependencies with tested, optimized package overrides.