Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Configuration options #152

Open
fpaparoni opened this issue Jun 14, 2024 · 4 comments
Open

Configuration options #152

fpaparoni opened this issue Jun 14, 2024 · 4 comments

Comments

@fpaparoni
Copy link
Contributor

I would like to know if configuration options are available in the project. I'm trying to see in the github repo but don't find much documentation.

Mainly I have three things to modify related to the standard setup:

  1. Fixed namespace: is there the possibility to have a default namespace configured so the user won't the namespace selection?
  2. Resource panel: is it possible to remove from the main view by default config?
  3. Installing it in a cluster gives me free access to the console. Is there a possibility to link some sort of authentication (OIDC or something similar?)

Regards,

Federico

@astefanutti
Copy link
Owner

Hi Federico,

  1. Fixed namespace: is there the possibility to have a default namespace configured so the user won't the namespace selection?

The namespace selection is always available, but if there is a default namespace configured in your kubeconfig file, then Kubebox uses that and won't display the namespace selection when started.

  1. Resource panel: is it possible to remove from the main view by default config?

No, it's not configurable at the moment.

  1. Installing it in a cluster gives me free access to the console. Is there a possibility to link some sort of authentication (OIDC or something similar?)

Provided you have a cluster with OIDC enabled, and you've configured it on the kubeconfig file, then Kubebox should use that to authenticate.

@fpaparoni
Copy link
Contributor Author

fpaparoni commented Jun 15, 2024

Thank you for your answers. For the Resource panel I'm trying to understand how to modify the source code to toggle on/off.

Related to the other questions there is something I don't understand. You are talking about a kubeconfig, but if I install kubebox in my remote k8s cluster, so using web version I'm not providing a kubeconfig and I have direct access to the cluster where I installed it, also using a computer/browser where I haven't a k8s configuration. Is there a sort of config I can add to the kubebox k8s yamls to define, for example, the namespace?

@astefanutti
Copy link
Owner

astefanutti commented Jun 17, 2024

Thank you for your answers. For the Resource panel I'm trying to understand how to modify the source code to toggle on/off.

The resources box is created there:

const resources = blessed.box({
label : 'Resources',
parent : screen,
left : '50%',
top : 1,
right : 0,
height : '50%-1',
tags : true,
border : 'line',
style : {
label : { bold: true },
},
});

Related to the other questions there is something I don't understand. You are talking about a kubeconfig, but if I install kubebox in my remote k8s cluster, so using web version I'm not providing a kubeconfig and I have direct access to the cluster where I installed it, also using a computer/browser where I haven't a k8s configuration. Is there a sort of config I can add to the kubebox k8s yamls to define, for example, the namespace?

You're right, the kubeconfig file is used when running Kubebox locally. When running in-cluster that's the service account associated to the Pod that's used at the moment, so Kubebox "inherits" the permissions granted to that service account via RBAC.

With OpenShift, it's possible to use OAuth (see https://github.com/astefanutti/kubebox/blob/0448a18e9e6acabba004d44fd1d0625027ba48ed/openshift.yaml#L77C19-L77C39).

It might be possible to deactivate the ServiceAccount for authentication and use OpenID, but I'm not sure we've tested it and there might be some limitations, as custom CA for the IDP: https://github.com/astefanutti/kubebox/blob/master/README.adoc#authentication.

@fpaparoni
Copy link
Contributor Author

Thank you for the hints ;)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants