[HN Gopher] Ask HN: Are there any open source forks of nomad and...
___________________________________________________________________
Ask HN: Are there any open source forks of nomad and consul?
Considering hashicorp has moved away from open source, does anyone
know if there are any community forks of nomad and consul like
there is now OpenTofu for terraform?
Author : dev_by_day
Score : 47 points
Date : 2024-05-02 17:30 UTC (5 hours ago)
| vvoruganti wrote:
| There is https://www.serf.io/ which is a Hashicorp project as
| well, but the license doesn't seem as bad as nomad and from what
| I understand it's the basis for things like nomad and consul.
|
| Learned about it in this blog post: https://fly.io/blog/building-
| clusters-with-serf/
| jsiepkes wrote:
| > Serf is a decentralized solution for service discovery and
| orchestration that is lightweight, highly available, and fault
| tolerant.
|
| I'm confused. Isn't that what consul originally was?
| oarmstrong wrote:
| Consul is built upon the Serf library.
| https://www.serf.io/intro/vs-consul.html
| stryan wrote:
| IIRC Serf is mostly a library; I think the product around it
| is more for demonstration than actual expected use. Consul
| uses libserf for it's gossip protocol.
| chucky_z wrote:
| Serf is used within Consul for agent to agent checks (and
| some communication). There's an entire subsystem called the
| 'serf check' that shows up within every single Consul agent.
| It's one component of the entire 'Consul' system.
| nikisweeting wrote:
| It's not at all what you're asking for, but when I last
| transferred away from Vault I ended up landing on 1Password.
|
| There are still some rough edges but it's been a decent secret
| store for my small team doing mostly Docker Compose/bare metal
| stuff.
|
| I'm curious to hear if any other people have managed to use open
| OR closed-source source password managers as Vault/Consul
| replacements.
| vaishnavsm wrote:
| OpenBao[0] is a fork of Vault under the Linux Foundation
|
| [0] https://openbao.org/
| ComputerGuru wrote:
| We use and maintain this cross-platform/cross-lang secrets
| management option: https://github.com/neosmart/securestore-rs
|
| It keeps secrets out of your environment variables and lets you
| manage secrets the same way you do code (in lock-step with the
| code that uses it and as easy to update a secret just by
| pushing to git), but it's definitely for smaller teams or
| projects. It also has significantly fewer moving parts or
| dependencies.
| BillFranklin wrote:
| Doesn't look like it.
|
| * https://github.com/hashicorp/nomad/forks
|
| * https://github.com/search?q=nomad%20fork&type=repositories
|
| * https://www.google.com/search?q=hashicorp+nomad+forks
|
| There are products that do similar things of course.
| stackskipton wrote:
| Not that I've found and it would make sense there isn't really.
| Kubernetes with all it's warts is clear Nomad equivalent and
| insert _random Kubernetes service mesh_ here.
|
| I know neither of them are as nicely opinioned at those two
| services but there is starting to be plenty of more opinioned
| Kubernetes deployments.
| andix wrote:
| Could you maybe elaborate on what you consider an opinionated
| kubernetes deployment? Are there some open source projects you
| find promising?
| stackskipton wrote:
| Opinionated meaning it picks, install, patches your
| CNI/Ingress/Load Balancer/DNS Server/Metrics
| Server/Monitoring Setup.
|
| k3s is probably most well known as it ships with bunch of
| preinstall software: https://github.com/k3s-io/k3s so you can
| just start throwing yaml files at cluster and handling
| workloads. It's what I use for my homelab.
|
| Paid things I've heard of include OpenStack and SideroLabs.
| Haven't used personally by SRE coworkers say good things
| about them.
| ekimekim wrote:
| Most hosted options like GKE also fall into this category -
| networking, load balancers, and to a certain extent
| monitoring is all set up for you.
| stackskipton wrote:
| Yea, biggest thing I see missing in EKS/GKE/AKS is they
| don't come with Ingress Controller out of the box which
| is really frustrating. By default, they really should
| install Ingress-Nginx unless administrator asks for not
| to be installed.
|
| It's pretty minor problem overall though.
| andix wrote:
| This startled me too in the beginning. I was expecting
| something built in, pre-wired to one of the commercial
| cdn/reverse proxy offerings (like cloudfront or Azure
| CDN).
|
| But honestly I think the big cloud providers don't want
| their kubernetes offerings to be too easy to use, they
| try to nudge inexperienced people to use their
| proprietary serverless products. Kubernetes does make
| switching to another cloud provider far too easy ;)
| GauntletWizard wrote:
| AWS used to have an integrated Ingress Controller - It
| just sucked (At least partially because it was built by
| Google, not AWS). That AWS didn't take over hosting of it
| (it's not even available as an add-on!) when Kubernetes
| the Project removed the first-party support of it is...
| Well, it's a statement by AWS. They were dragged kicking
| and screaming into Kubernetes at all, because they see it
| as hurting their moat, and have stalled the Ingress
| project quite a bit.
| ahmedtd wrote:
| GKE does ship with both Ingress and Gateway controllers
| integrated, they set up GCP load balancers with optional
| automatic TLS certificates.
|
| I think you need to flip a flag on the cluster object to
| enable the Gateway controller.
| andix wrote:
| Thanks, now I get what you mean. I've always called that a
| kubernetes distribution.
|
| Plain kubernetes is as useless as a plain Linux kernel
| without a userland around it, and normally you don't want
| to build a kubernetes or Linux distribution from scratch.
| markhahn wrote:
| Really weird to see "opinionated" used as a good thing.
| stackskipton wrote:
| Most people, including Tech people, with software just want a
| list of sensible defaults out of the box. You are installing
| Calico, Ingress-Nginx, CoreDNS, MetalLB, cert-manager and
| ArgoCD out of the box? Cool, some deployment/service/ingress
| YAML later and my workloads are cooking.
|
| As SRE who deals with a ton of Kubernetes clusters, I find a
| ton of needlessly complex clusters because rookies setting up
| the clusters didn't understand the implications of their
| actions and grabbed whatever a blog post said was good idea.
| trilobyte wrote:
| OpenBao is a fork of Vault. I'm not sure how well-supported the
| project is, but there is a decent amount of enthusiasm.
| mise_en_place wrote:
| You can use etcd for service discovery...that's how k8s does it,
| no? As for nomad I never used it much, but did like that you
| could run things locally and have unified environments. I would
| recommend Nix but we all know what's going on there, sadly FOSS
| has been consumed by political infighting as well.
| voakbasda wrote:
| For those who were unaware of the Nix situation (like me):
|
| https://news.ycombinator.com/item?id=40199153
| klooney wrote:
| I think etcd is basically a k8s only project now- Consul has a
| ton of quality of life stuff added on.
|
| There's always Zookeeper.
| mdaniel wrote:
| I actually wouldn't get really worked up about it since new owner
| introduces opportunities for new rules, doubly so given that IBM
| was one of the participants in OpenTofu so it seems they are more
| open source fans than not
|
| I've also heard that the fuck-you license change was actually a
| negotiation tactic for the acquisition
| dev_by_day wrote:
| If you look at what IBM did to centos and redhat, its
| definitely worth getting worked up about.
| iamawacko wrote:
| It doesn't seem so.
|
| I really love Nomad's UX, so I hope we get one sometime soon-ish.
| dev_by_day wrote:
| I will start one if there is community interest, which it seems
| like there is.
___________________________________________________________________
(page generated 2024-05-02 23:01 UTC)