Keywhiz vs Kubernetes

Need advice about which tool to choose?Ask the StackShare community!

Keywhiz

12
47
+ 1
3
Kubernetes

50.8K
44.3K
+ 1
640
Add tool

Keywhiz vs Kubernetes: What are the differences?

What is Keywhiz? A system for distributing and managing secrets. Keywhiz is a secret management and distribution service that is now available for everyone. Keywhiz helps us with infrastructure secrets, including TLS certificates and keys, GPG keyrings, symmetric keys, database credentials, API tokens, and SSH keys for external services — and even some non-secrets like TLS trust stores. Automation with Keywhiz allows us to seamlessly distribute and generate the necessary secrets for our services, which provides a consistent and secure environment, and ultimately helps us ship faster.

What is Kubernetes? Manage a cluster of Linux containers as a single system to accelerate Dev and simplify Ops. Kubernetes is an open source orchestration system for Docker containers. It handles scheduling onto nodes in a compute cluster and actively manages workloads to ensure that their state matches the users declared intentions.

Keywhiz can be classified as a tool in the "Secrets Management" category, while Kubernetes is grouped under "Container Tools".

Some of the features offered by Keywhiz are:

  • Keywhiz Server provides JSON APIs for accessing and managing secrets. It is written in Java and based on Dropwizard.
  • KeywhizFs is a FUSE-based file system, providing secrets as if they are files in a directory. Transparently, secrets are retrieved from a Keywhiz Server using mTLS with a client certificate.
  • Presenting secrets as files makes Keywhiz compatible with nearly all software. Outside of Keywhiz administration, consumers of secrets only have to know how to read a file.

On the other hand, Kubernetes provides the following key features:

  • Lightweight, simple and accessible
  • Built for a multi-cloud world, public, private or hybrid
  • Highly modular, designed so that all of its components are easily swappable

Keywhiz and Kubernetes are both open source tools. It seems that Kubernetes with 55.1K GitHub stars and 19.1K forks on GitHub has more adoption than Keywhiz with 2.09K GitHub stars and 166 GitHub forks.

Decisions about Keywhiz and Kubernetes
Simon Reymann
Senior Fullstack Developer at QUANTUSflow Software GmbH · | 29 upvotes · 5.2M views

Our whole DevOps stack consists of the following tools:

  • GitHub (incl. GitHub Pages/Markdown for Documentation, GettingStarted and HowTo's) for collaborative review and code management tool
  • Respectively Git as revision control system
  • SourceTree as Git GUI
  • Visual Studio Code as IDE
  • CircleCI for continuous integration (automatize development process)
  • Prettier / TSLint / ESLint as code linter
  • SonarQube as quality gate
  • Docker as container management (incl. Docker Compose for multi-container application management)
  • VirtualBox for operating system simulation tests
  • Kubernetes as cluster management for docker containers
  • Heroku for deploying in test environments
  • nginx as web server (preferably used as facade server in production environment)
  • SSLMate (using OpenSSL) for certificate management
  • Amazon EC2 (incl. Amazon S3) for deploying in stage (production-like) and production environments
  • PostgreSQL as preferred database system
  • Redis as preferred in-memory database/store (great for caching)

The main reason we have chosen Kubernetes over Docker Swarm is related to the following artifacts:

  • Key features: Easy and flexible installation, Clear dashboard, Great scaling operations, Monitoring is an integral part, Great load balancing concepts, Monitors the condition and ensures compensation in the event of failure.
  • Applications: An application can be deployed using a combination of pods, deployments, and services (or micro-services).
  • Functionality: Kubernetes as a complex installation and setup process, but it not as limited as Docker Swarm.
  • Monitoring: It supports multiple versions of logging and monitoring when the services are deployed within the cluster (Elasticsearch/Kibana (ELK), Heapster/Grafana, Sysdig cloud integration).
  • Scalability: All-in-one framework for distributed systems.
  • Other Benefits: Kubernetes is backed by the Cloud Native Computing Foundation (CNCF), huge community among container orchestration tools, it is an open source and modular tool that works with any OS.
See more
Get Advice from developers at your company using StackShare Enterprise. Sign up for StackShare Enterprise.
Learn More
Pros of Keywhiz
Pros of Kubernetes
  • 3
    Fuse FS
  • 162
    Leading docker container management solution
  • 126
    Simple and powerful
  • 104
    Open source
  • 75
    Backed by google
  • 56
    The right abstractions
  • 24
    Scale services
  • 19
    Replication controller
  • 10
    Permission managment
  • 7
    Cheap
  • 7
    Supports autoscaling
  • 7
    Simple
  • 4
    Reliable
  • 4
    Self-healing
  • 4
    No cloud platform lock-in
  • 3
    Quick cloud setup
  • 3
    Open, powerful, stable
  • 3
    Scalable
  • 3
    Promotes modern/good infrascture practice
  • 2
    Captain of Container Ship
  • 2
    A self healing environment with rich metadata
  • 2
    Cloud Agnostic
  • 2
    Runs on azure
  • 2
    Backed by Red Hat
  • 2
    Custom and extensibility
  • 1
    Golang
  • 1
    Expandable
  • 1
    Gke
  • 1
    Easy setup
  • 1
    Sfg
  • 1
    Everything of CaaS

Sign up to add or upvote prosMake informed product decisions

Cons of Keywhiz
Cons of Kubernetes
    Be the first to leave a con
    • 15
      Poor workflow for development
    • 15
      Steep learning curve
    • 8
      Orchestrates only infrastructure
    • 4
      High resource requirements for on-prem clusters
    • 2
      Too heavy for simple systems
    • 1
      Additional vendor lock-in (Docker)
    • 1
      More moving parts to secure
    • 1
      Additional Technology Overhead

    Sign up to add or upvote consMake informed product decisions

    - No public GitHub repository available -

    What is Keywhiz?

    Keywhiz is a secret management and distribution service that is now available for everyone. Keywhiz helps us with infrastructure secrets, including TLS certificates and keys, GPG keyrings, symmetric keys, database credentials, API tokens, and SSH keys for external services — and even some non-secrets like TLS trust stores. Automation with Keywhiz allows us to seamlessly distribute and generate the necessary secrets for our services, which provides a consistent and secure environment, and ultimately helps us ship faster.

    What is Kubernetes?

    Kubernetes is an open source orchestration system for Docker containers. It handles scheduling onto nodes in a compute cluster and actively manages workloads to ensure that their state matches the users declared intentions.

    Need advice about which tool to choose?Ask the StackShare community!

    Jobs that mention Keywhiz and Kubernetes as a desired skillset
    What companies use Keywhiz?
    What companies use Kubernetes?
      No companies found
      See which teams inside your own company are using Keywhiz or Kubernetes.
      Sign up for StackShare EnterpriseLearn More

      Sign up to get full access to all the companiesMake informed product decisions

      What tools integrate with Keywhiz?
      What tools integrate with Kubernetes?
        No integrations found

        Sign up to get full access to all the tool integrationsMake informed product decisions

        Blog Posts

        Kubernetesetcd+2
        2
        1083
        Dec 8 2020 at 5:50PM

        DigitalOcean

        GitHubMySQLPostgreSQL+11
        2
        2178
        PythonDockerKubernetes+7
        3
        775
        May 21 2020 at 12:02AM

        Rancher Labs

        KubernetesAmazon EC2Grafana+12
        5
        1376
        Apr 16 2020 at 5:34AM

        Rancher Labs

        KubernetesRancher+2
        2
        846
        What are some alternatives to Keywhiz and Kubernetes?
        Vault
        Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log.
        AWS Secrets Manager
        AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.
        Docker Secrets
        A container native solution that strengthens the Trusted Delivery component of container security by integrating secret distribution directly into the container platform.
        Doppler
        Stop struggling with scattered environment variables, hacking together home-brewed tools, and avoiding access controls. Keep your team and servers in sync with Doppler.
        Torus CLI
        Torus simplifies the modern development workflow enabling you to store, share, and organize secrets across services and environments. With Torus, you can standardize on one tool across all environments. Map Torus to your workflows using projects, environments, services, teams, and machines.
        See all alternatives