IMPORTANT: This is not production-ready software. This project is in active development.
Flightdeck is a web-based interactive diagram UI for Kubernetes clusters. It allows users to observe and troubleshoot applications running in the cluster.
- Search cluster resources
- Resource dependencies graph
- Pod logs, description, yaml
- Container file browser
- Login with service account token
- Uses K8s RBAC
IMPORTANT: The default flightdeck deployment contains a minimal set of RBAC privileges needed to run. flightdeck acts as a proxy and only users with a valid bearer token can access the UI and see the Kubernetes resoures.
The basic installation creates the flightdeck
namespace with all resources needed to run the application.
kubectl apply -f https://raw.githubusercontent.com/autovia/flightdeck/main/deploy/flightdeck.latest.yaml
To access the flightdeck UI from your local workstation you must create a bearer token and a port-forward. Run the following commands:
kubectl -n flightdeck create token admin-user
kubectl -n flightdeck port-forward pod/<flightdeck-podname> 3000:3000
Note: The token expires after one hour. Use e.g. --duration=12h
to change the expiration time to 12 hours.
Now open your browser localhost:3000
and copy the bearer token and paste it into the Bearer token
field on the login screen.
Click the Sign in
button and that's it. You are now logged in as an admin.
Remove the admin-user ServiceAccount
and ClusterRoleBinding
.
kubectl -n flightdeck delete serviceaccount admin-user
kubectl -n flightdeck delete clusterrolebinding admin-user
Delete the flightdeck
namespace.
kubectl delete namespace flightdeck
Copyright Autovia GmbH