Kubernetes Tools

Source: Dev.to

kubectl

You run everything with kubectl: get pods, describe, logs, exec, delete, apply—often dozens of times a day across multiple namespaces. It works, but repeatedly typing -n can be slow and painful.

K9s / Lens

A terminal UI that shows your entire cluster in one view. It lets you switch namespaces and clusters, tail logs, exec into pods, and perform most kubectl actions without the repetitive flags.

Argo CD

Git becomes the single source of truth. Every change syncs to the cluster automatically, and if anyone modifies a deployment manually, Argo CD overrides it to keep the live state aligned with Git, preventing drift.

KEDA

Scales pods based on external metrics such as queue depth, SQS message count, or Prometheus metrics—not just CPU. This clears backlogs when a Kafka consumer (or similar) is overwhelmed.

Karpenter

Automatically provisions new nodes in seconds when pods are stuck in Pending due to insufficient capacity, and removes them when the load drops, ensuring you only pay for what you use.

Network Policies

By default every pod can talk to every other pod. Network Policies restrict traffic so, for example, only the payment service can reach the database, reducing the blast radius of a compromised pod.

Service Mesh (Istio / Linkerd)

Injects a sidecar proxy next to every pod, providing mTLS, retries, circuit breaking, and traffic metrics without changing application code. This gives visibility into cascading failures across microservices.

Secrets Store CSI Driver

Mounts secrets directly from external stores like Vault or AWS Secrets Manager into pods as files. The secret never resides in Kubernetes etcd, keeping it out of kubectl‑accessible storage.

Kyverno

Enforces policies at admission time: blocks root containers, requires image digests, and ensures deployments have resource limits, preventing insecure or poorly configured workloads from entering the cluster.

Prometheus & Grafana

Prometheus scrapes metrics from every pod, node, and component. Grafana visualizes these metrics in dashboards, letting you pinpoint spikes, their start times, and the services responsible.

Jaeger

Provides distributed tracing: follows a single request across all services, showing latency per hop and the exact failure point. It turns fragmented logs and aggregate metrics into a complete, actionable story.