Addons

Hostman Kubernetes clusters support various add-ons that can be used to extend functionality. Add-ons help manage traffic, monitor services, work with storage, and ensure security.

Some add-ons, such as Nginx Ingress, Kubernetes Dashboard, and CSI S3, can be installed both during cluster creation and later. You can manage the installation and removal of add-ons in the Addons tab of the cluster management panel.

Add-ons that are not available in the control panel can be installed manually using Helm.

Capsule

Capsule is an add-on that implements the concept of multi-tenancy in Kubernetes, ensuring resource isolation and consumption control between different user groups.

How it Works

Capsule allows the creation of logical tenants based on namespaces with annotations and policies, giving users the ability to manage their resources without affecting others.

Key Features

• Resource isolation between users.
• Management of quotas and limits.
• Security policy configuration for different users.

cert-manager

cert-manager is a Kubernetes add-on that automates the issuance, renewal, and management of TLS certificates.

How it Works

cert-manager automatically requests and renews certificates, managing their lifecycle using CRD objects (CertificateRequest, Issuer, ClusterIssuer). It supports integration with various certificate providers, such as Let's Encrypt, HashiCorp Vault, and internal certificate authorities.

Key Features

• Automatic certificate issuance.
• Certificate renewal upon expiration.
• Support for multiple providers (ACME, Vault, self-signed).

CSI S3

CSI S3 is a plugin for the Container Storage Interface (CSI) that allows the use of S3-compatible storage with Kubernetes.

How It Works

CSI S3 enables the dynamic attachment of object storage compatible with S3 (such as Ceph, MinIO, AWS S3) as standard persistent volumes for use in Kubernetes. This is particularly useful for storing large amounts of data in containerized applications.

Key Features

• Connecting S3 storage as persistent volumes
• Support for dynamic volume creation and deletion
• Flexibility in using various S3-compatible storage systems

ExternalDNS

ExternalDNS is a tool for automatic DNS record management based on Kubernetes resources. It creates and updates records in DNS providers according to annotations specified in service and Ingress manifests.

How it Works

ExternalDNS monitors changes in Kubernetes objects and creates or updates DNS records according to the external IP addresses of services. This enables automatic domain name assignment to services in the cluster without manual DNS management.

Key Features

• Automatic creation and updating of DNS records.
• Simplified domain name management in Kubernetes.

Fluent Operator

Fluent Operator is a Kubernetes operator for managing Fluentd and Fluent Bit, automating log collection, routing, and processing within a cluster.

How it Works

Fluent Operator uses CRDs to manage Fluentd and Fluent Bit configurations, enabling container and system logs to be directed to various storage solutions such as Elasticsearch, Loki, Kafka, and others.

Key Features

• Centralized log collection and management.
• Flexible log routing to different storage systems.
• Configuration of log filtering, aggregation, and processing.

Istio

Istio is a Service Mesh that provides traffic management, security, and monitoring for services in Kubernetes.

How it Works

Istio injects sidecar proxies (Envoy) into each pod, enabling request routing, authentication, and monitoring within the service mesh.

Key Features

• Traffic routing.
• Flexible security policy management.
• Request monitoring and tracing.

Istio Ingress

Istio Ingress is an Istio component that manages external traffic into the service mesh.

How it Works

Istio Ingress acts as an entry point to the Service Mesh, handling external HTTP, HTTPS, and TCP requests and directing them to internal services via Istio.

Key Features

• External traffic management.
• Request routing.
• Support for TLS and mTLS.

Jaeger

Jaeger is a distributed tracing tool used for monitoring microservice interactions and analyzing their performance.

How it Works

Jaeger collects data on service-to-service requests, recording timestamps and dependencies. This allows for request chain tracking, latency analysis, and identifying bottlenecks in the system.

Key Features

• Distributed request tracing.
• Service response time analysis.
• Identifying bottlenecks in architecture.

Kiali

Kiali is a tool for managing and visualizing the Istio Service Mesh in Kubernetes.

How it Works

Kiali provides a graphical representation of service network interactions, displaying dependencies, metrics, and potential issues. It integrates with Prometheus to collect traffic, error, and performance data and simplifies Istio configuration management.

Key Features

• Service mesh visualization.
• Traffic and error monitoring.
• Istio configuration management.

Kube Prometheus Stack

Kube Prometheus Stack is a Kubernetes monitoring toolset that includes Prometheus for metrics collection, Alertmanager for alerting, and Grafana for data visualization.

How it Works

The system automatically collects metrics from Kubernetes components, pods, nodes, and services that support Prometheus metric export. Data is stored in Prometheus, visualized in Grafana, and Alertmanager sends notifications when predefined thresholds are exceeded.

Key Features

• Metric collection and storage.
• Data visualization in Grafana.
• Alert configuration.

Kubernetes Dashboard

Kubernetes Dashboard is a web interface for managing and monitoring a Kubernetes cluster.

The Nginx Ingress add-on is required for the Dashboard to function. When enabling Kubernetes Dashboard, Nginx Ingress will be automatically selected.

How It Works

The Dashboard provides users with a graphical interface to interact with the cluster. It allows users to view the status of pods, nodes, services, and other Kubernetes resources. The interface also supports creating, modifying, and deleting resources.

Key Features

• Cluster status overview (pods, nodes, services, configurations)
• Cluster resource management
• Instant access to pod logs and running application information
• Management of secrets and configurations

Accessing Kubernetes Dashboard

If you enable the Kubernetes Dashboard option for your cluster, you can access it from the management panel. You will need a token to log in, which can be copied from the Information tab on the cluster Dashboard.

Nginx Ingress

Nginx Ingress is an Ingress controller that manages external traffic access to services within a Kubernetes cluster via HTTP and HTTPS. It routes traffic based on rules defined in Ingress resources.

How It Works

The Ingress controller monitors Ingress objects in Kubernetes and configures the Nginx reverse proxy to route traffic to the appropriate services. This allows access to various microservices through a single IP address, as well as setting up load balancing and routing based on domain names.

Key Features

• HTTP/HTTPS request routing
• SSL/TLS support
• Load balancing
• Managing external access to services in the cluster

Traefik

Traefik is an Ingress controller and load balancer for Kubernetes, providing dynamic traffic routing and automatic SSL certificate management.

How it Works

Traefik automatically discovers services in the cluster and configures HTTP/HTTPS traffic routing.

Key Features

• Traffic routing.
• Integration with Let's Encrypt.

Velero

Velero is a tool for backup, restore, and data migration in Kubernetes.

How it Works

Velero allows backups and restores at the namespace, resource, and PersistentVolume levels.

Key Features

• Kubernetes resource backup and restoration.ъ
• Data and application migration between clusters.
• Support for local and cloud storage for backups.