-
Products
-
Kubernetes Platform
Creating identical Kubernetes clusters and managing them
-
Virtualization Platform
Managing virtual machines
-
Observability Platform
Infrastructure and application monitoring and logging
-
Stronghold
Securely managing lifecycle of secrets
-
Delivery Kit
Building and delivering containerized software
-
Commander
Cluster control center
-
Prom++
Open Source monitoring system
-
Kubernetes Platform
- Solutions
- Success stories
- Community
- Modules documentation
- Deckhouse modules
Category
Deckhouse modules
Library of modules available for use in Deckhouse.
Use the filter by categories on the left to search for modules by their functionality.
admission-policy-engine
Enforces the security policies in the cluster according to the Kubernetes Pod Security Standards using the Gatekeeper solution.
cert-manager
Manages TLS certificates in the cluster. Supports automatic certificate provisioning from various CAs, certificate renewal, and monitoring of certificate validity.
chrony
Provides time synchronization on all cluster nodes using chrony. Ensures consistent time across all nodes for proper cluster operation.
cilium-hubble
Provides visualization of the cluster network stack when Cilium CNI is enabled. Requires Linux kernel version 5.8 or higher with eBPF support.
cloud-provider-aws
Manages interaction with AWS cloud resources. Allows to use AWS resources for provisioning nodes.
cloud-provider-azure
Manages interaction with Azure cloud resources. Allows to use Azure resources for provisioning nodes.
cloud-provider-dvp
ExperimentalManages interaction with Deckhouse Virtualization Platform resources. Allows to use DVP resources for provisioning nodes.
cloud-provider-dynamix
ExperimentalManages interaction with Dynamix resources. Allows to use Dynamix resources for provisioning nodes.
cloud-provider-gcp
Manages interaction with Google cloud resources. Allows to use GCP resources for provisioning nodes.
cloud-provider-huaweicloud
ExperimentalManages interaction with Huawei Cloud resources. Allows to use Huawei Cloud resources for provisioning nodes.
cloud-provider-openstack
Manages interaction with OpenStack-based cloud resources. Allows to use OpenStack resources for provisioning nodes.
cloud-provider-vcd
ExperimentalManages interaction with VMware Cloud Director resources. Allows to use VMware Cloud Director resources for provisioning nodes.
cloud-provider-vsphere
Manages interaction with VMware vSphere-based cloud resources. Allows to use vSphere resources for provisioning nodes.
cloud-provider-yandex
Manages interaction with Yandex Cloud resources. Allows to use Yandex Cloud resources for provisioning nodes.
cloud-provider-zvirt
ExperimentalManages interaction with zVirt resources. Allows to use zVirt resources for provisioning nodes.
cni-cilium
Provides networking in a Kubernetes cluster using the Cilium CNI with eBPF-based networking and security.
cni-flannel
Provides a network between multiple nodes in a cluster using the flannel module.
cni-simple-bridge
Provides networking with limited functionality in Kubernetes clusters.
code
Code module
commander
Deckhouse Commander is a web application that allows you to create similar clusters based on the Deckhouse Kubernetes Platform, manage their configuration and lifecycle.
commander-agent
Agent for communication with Deckhouse Commander
console
Deckhouse Kubernetes Platform Web Interface aiming the simplicity of control and the transparency of the state of the system
control-plane-manager
Manages the cluster's control plane components including certificates, configurations, and versions.
csi-ceph
CSI Ceph
csi-hpe
CSI HPE module
csi-huawei
CSI Huawei module
csi-netapp
CSI NetApp module
csi-nfs
CSI NFS module
csi-s3
CSI S3 module
csi-scsi-generic
ExperimentalCSI scsi generic module
csi-yadro-tatlin-unified
CSI Yadro Tatlin Unified module
dashboard
DeprecatedInstalls Kubernetes Dashboard Web UI for managing applications in the cluster. Integrated with user authentication and authorization modules.
deckhouse
Configures main Deckhouse parameters: logging level, set of modules enabled by default, and release channel.
deckhouse-tools
Creates a web UI with links to download Deckhouse CLI tool for various operating systems.
descheduler
Analyzes the cluster state every 15 minutes and performs pod eviction according to conditions described in active strategies. Evicted pods are rescheduled considering the current cluster state.
development-platform
PreviewDeckhouse Development Platform module
documentation
Creates a documentation web UI for the Deckhouse version currently used in a cluster.
extended-monitoring
Extends cluster monitoring capabilities with additional metrics exporters, which allow you to identify potential problems before they affect the operation of services.
ingress-nginx
Installs and manages Ingress NGINX Controller using Custom Resources. Supports multiple controllers and high availability mode for traffic routing and load balancing.
istio
Implements Service Mesh for centralized management of network traffic in the cluster. Provides mutual TLS, authorization, traffic routing, load balancing, and observability.
keepalived
Configures keepalived clusters on nodes via custom resources. Does not work with the cilium module.
kube-dns
Installs CoreDNS components for managing DNS in the Kubernetes cluster. Deletes all previously installed kubeadm Deployments, ConfigMaps and RBAC for CoreDNS.
kube-proxy
Manages kube-proxy components for service networking and load balancing in the cluster. Replaces kubeadm's kube-proxy with a custom implementation.
local-path-provisioner
Provides local storage on Kubernetes nodes using HostPath volumes. Creates StorageClass resources for managing local storage provisioning.
log-shipper
Simplifies the configuration of log collection in Kubernetes. Allows organization of log collection from applications running in the cluster and from nodes themselves.
loki
PreviewDeploys operational log storage based on Grafana Loki in the cluster. Provides centralized log collection and access via Grafana for short-term log retention.
managed-memcached
PreviewAn operator to manage Memcached instances in Deckhouse Kubernetes Platform.
managed-postgres
PreviewAn operator to manage PG clusters in Kubernetes-native way.
metallb
Implements LoadBalancer mechanism for services in bare metal clusters. Supports Layer 2 mode with improved load balancing and BGP mode based on MetalLB solution.
monitoring-custom
Simplifies monitoring setup for custom applications by requiring only a specific label on Service or Pod. Enables collection of application metrics without manual Prometheus configuration.
monitoring-kubernetes
Provides transparent and timely monitoring of the status of all cluster nodes and key infrastructure components.
monitoring-kubernetes-control-plane
Monitors the Kubernetes control plane components. Safely scrapes metrics and provides basic monitoring rules for kube-apiserver, kube-controller-manager, kube-scheduler, and etcd.
monitoring-ping
Monitors network connectivity between all cluster nodes using ICMP ping. Exports metrics and provides monitoring dashboards.
multitenancy-manager
PreviewEnables creation of isolated projects in a cluster. Projects provide resource quotas, network isolation, and security features beyond standard namespaces.
namespace-configurator
Automatically assigns annotations and labels to namespaces based on configuration patterns. Monitors namespaces and applies labels and annotations from configuration to matching namespaces.
network-gateway
Creates a network gateway using Kubernetes nodes. It contains a DHCP server and a SNAT manager.
network-policy-engine
Manages network policies in the cluster. Do not use if the cilium module is enabled because it already has network policy management.
neuvector
ExperimentalDescription of the NeuVector module of the Deckhouse Kubernetes Platform, including the tasks it solves, architecture, as well as features of configuration and management.
node-local-dns
Deploys a caching DNS server on each cluster node and exports data to the monitoring system for analysis.
node-manager
Manages nodes in the Kubernetes cluster as a related group. Configures and updates cluster nodes, manages cluster scaling in the cloud, and manages local users on nodes.
observability
ExperimentalCluster observability module
observability-platform
observability-platform module
okmeter
Installs the Okmeter agent in the cluster.
openvpn
Provides access to cluster resources via OpenVPN with certificate-based authentication. Includes a web interface for managing certificates and generating configuration files.
operator-argo
operator-argo is a module of the Deckhouse Kubernetes Platform for deploying ArgoCD installations.
operator-prometheus
Installs the Prometheus Operator, which automates the deployment and management of Prometheus installations.
operator-trivy
Periodic vulnerability scanning of Deckhouse Kubernetes Platform cluster.
payload-registry
PreviewPayload Registry implements a custom container image registry within the Deckhouse Kubernetes platform.
pod-reloader
The module utilizes Reloader. It provides the ability for automatic rollout on ConfigMap or Secret changes. The module uses annotations for operating. The module is running on **system** nodes.
prometheus
Deploys monitoring stack with preset configuration for platform and applications. Includes ready-made alerts and dashboards.
prometheus-metrics-adapter
Enables HPA and VPA autoscalers to use monitoring metrics for scaling decisions. Implements Kubernetes resource metrics API, custom metrics API, and external metrics API.
prometheus-pushgateway
Installs Prometheus Pushgateway into the cluster, designed to receive metrics from an application and pushes them to Prometheus.
registry
PreviewManages the configuration of the registry of Deckhouse components and provides an internal container registry.
runtime-audit-engine
The runtime-audit-engine module implements a runtime threats detection engine.
sdn
PreviewThe module is used to manage networking subsystem on cluster nodes
sds-local-volume
SDS local volume
sds-node-configurator
sds node configurator module
sds-replicated-volume
PreviewSDS Replicated Volume module
secret-copier
Automatically copies Secrets to all namespaces in the cluster. Simplifies distribution of shared secrets.
secrets-store-integration
Secrets store integration module is designed to add secrets from a Vault-compatible store to containers
service-with-healthchecks
Provides an internal LoadBalancer with per-port healthchecks. Allows independent health checks for different ports, unlike the standard Kubernetes Service load balancer.
snapshot-controller
This module enables snapshot support for compatible CSI-drivers in the Kubernetes cluster.
state-snapshotter
PreviewState snapshotter module
static-routing-manager
The module is used to manage static routes and ip rule on cluster nodes.
storage-volume-data-manager
Data exporter module
stronghold
The Stronghold module provides secure storage and lifecycle management of confidential data. The storage of protected information is implemented in the key-value format and is compatible with the Hashicorp Vault API.
terraform-manager
Provides tools for working with Terraform state in the Kubernetes cluster. Consists of two parts that check Terraform state and apply non-destructive changes or export cluster metrics.
upmeter
Monitors platform availability and cluster component status in real time. Provides dashboards and metrics for SLA monitoring and component health tracking.
user-authn
Provides unified authentication system integrated with Kubernetes and web interfaces. Supports static users and external identity providers.
user-authz
Implements role-based access control. Creates cluster roles for managing user and group access to cluster resources.
vertical-pod-autoscaler
Automatically calculates and sets resource request parameters for pods based on actual consumption. Can recommend resource values or automatically adjust CPU and memory reservations.
virtualization
The Virtualization module allows you to run and manage virtual machines within the Deckhouse platform.