cleanstart/kube-vip

Verified Publisher

By CleanStart

Updated 5 minutes ago

Secure by Design, Built for Speed, Hardened Container Images on a minimal base CleanStart OS.

Image
Developer tools
0

50K+

cleanstart/kube-vip repository overview

Container Documentation for Kube-Vip

Kube-vip is a Kubernetes-native load balancer and Virtual IP manager designed to provide high availability for Kubernetes control plane and application services. It enables dynamic Virtual IP allocation, ARP/NDP management, load balancing, and leader election capabilities for both cloud and bare metal environments.

📌 Base Foundation: Security-hardened, minimal base OS designed for enterprise containerized environments from cleanstart Registry.

Image Path: cleanstart/kube-vip Registry: cleanstart Registry

Key Features Core capabilities and strengths of this container

  • Dynamic Virtual IP management and allocation
  • Layer 2 and Layer 3 load balancing support
  • ARP/NDP management for network discovery
  • Leader election for high availability

Common Use Cases Typical scenarios where this container excels

  • Kubernetes control plane high availability
  • Load balancing for application services
  • Virtual IP management in bare metal environments
  • Cloud-native load balancing solutions

Pull Latest Image Download the container image from the registry

docker pull cleanstart/kube-vip:latest
docker pull cleanstart/kube-vip:latest-dev

Basic Run Run the container with basic configuration


docker run -it --name kube-vip-test \
  --cap-add=NET_ADMIN \
  --entrypoint /usr/bin/kube-vip \
  cleanstart/kube-vip:latest-dev \
  version

Production Deployment Deploy with production security settings

docker run -d --name kube-vip-prod \
  --cap-add=NET_ADMIN \
  --network=host \
  --security-opt=no-new-privileges \
  --user 1000:1000 \
  --entrypoint /usr/bin/kube-vip \
  cleanstart/kube-vip:latest

Environment Variables Configuration options available through environment variables

VariableDefaultDescription
vip_interfaceeth0Network interface for VIP
vip_addressnoneVirtual IP address
vip_port6443Port for VIP service
cp_enablefalseEnable control plane mode
lb_enablefalseEnable load balancer mode

Security Best Practices Recommended security configurations and practices

  • Limit network access to required interfaces only
  • Use specific image tags for production deployments
  • Implement proper RBAC policies in Kubernetes
  • Regular security updates and patch management
  • Monitor VIP allocation and network activities
  • Secure configuration file permissions

Kubernetes Security Context Recommended security context for Kubernetes deployments

securityContext:
  runAsNonRoot: true
  runAsUser: 1000
  runAsGroup: 1000
  capabilities:
    add: ["NET_ADMIN"]
    drop: ["ALL"]
  allowPrivilegeEscalation: false

Documentation Resources Essential links and resources for further information


Vulnerability Disclaimer

CleanStart offers Docker images that include third-party open-source libraries and packages maintained by independent contributors. While CleanStart maintains these images and applies industry-standard security practices, it cannot guarantee the security or integrity of upstream components beyond its control.

Users acknowledge and agree that open-source software may contain undiscovered vulnerabilities or introduce new risks through updates. CleanStart shall not be liable for security issues originating from third-party libraries, including but not limited to zero-day exploits, supply chain attacks, or contributor-introduced risks.

Security remains a shared responsibility: CleanStart provides updated images and guidance where possible, while users are responsible for evaluating deployments and implementing appropriate controls.

Tag summary

Content type

Image

Digest

sha256:9605729fe

Size

38.4 MB

Last updated

5 minutes ago

docker pull cleanstart/kube-vip:1.2.1-arm64