KubeVela
Application delivery platform implementing the Open Application Model on Kubernetes.
About
KubeVela is a CNCF project that implements the Open Application Model (OAM), providing a higher-level abstraction layer over raw Kubernetes resources. It lets platform teams define reusable ComponentDefinition and TraitDefinition building blocks, and lets app teams deploy via Application CRDs without dealing with raw Deployments, Services, or Ingresses. It is used in this cluster to provide a standardized application delivery API across multiple workloads, including the VelaUX web dashboard for visual application management.
AlternativeTo
Self Hosted
| Tool | Open Source | Full Features | Notes |
|---|---|---|---|
| Argo CD ApplicationSet | Yes | Yes | GitOps-only; no OAM abstraction layer |
| Kratix | Yes | Yes | Platform-as-a-product approach via Promises |
| Kustomize + Flux | Yes | Yes | No higher-level app abstraction; used alongside KubeVela here |
Installation
Architecture
HelmRelease kubevela in namespace kubevela-system, chart vela-core version 1.10.8 from https://charts.kubevela.net/core. Admission webhook enabled with cert-manager integration. VelaUX dashboard enabled (1 replica, ClusterIP service, ingress disabled). Leader election enabled. Built-in component definitions (webservice, k8s-objects, etc.) enabled. Webhook caBundle drift is ignored via driftDetection.ignore for multiple webhook paths.
Security
Pod securityContext: runAsNonRoot: true, runAsUser/Group/fsGroup: 1000, seccompProfile: RuntimeDefault. Container securityContext: allowPrivilegeEscalation: false, capabilities: drop: ALL. Admission webhook uses cert-manager for TLS. RBAC is cluster-wide (OAM controller needs to manage resources in any namespace).
Updates
Managed by Renovate. Chart version is semver-pinned (1.10.8).
Administration
Usage
Platform operators define ComponentDefinition and TraitDefinition resources to encapsulate Kubernetes patterns. Application owners create Application resources referencing those definitions to deploy workloads. The VelaUX dashboard provides a web UI for visualizing and managing applications. Traits such as ingress, scaling, and resource policies can be applied declaratively to components.
Metadata
- HelmRelease:
vela-core@1.10.8