Description

When I try to access the following URL through the README.md file: (https://github.com/kinvolk/headlamp/blob/master/docs/installation/desktop/mac-installation) to install a desktop app, it gives me 404 page not gound error. Has this been moved somewhere and the links in the README file not updated?

Even though having the dashboard on phone screens is not a priority, we want to make sure that the UI adapts well to smaller screens (at least for tablets).

Accetance Criteria:

• TBD

I don't know why because I was able to create the namespace. In screenshot below I am applying labels incorrectly, but even applying correctly, it has the same effect

Right now, even if plugins are self-contained in their own folder and not importing project's modules directly, they're still being built together with the project.

In order to make the plugins really powerful, we should have them built outside of the project (out-of-tree), and imported in a different way (likely sent from the backend according to how it is configured).
We should check out Mattermost's approach for inspiration: https://github.com/mattermost/mattermost-plugins

Acceptance Criteria:

• Plugins are built out-of-tree
• The dashboard can import them dynamically according to what the backend indicates (details TBD)

I tried to use the headlamp for my cluster. it was showing that I need to add the metrics to get the usage details of each node. But I didn't find any documentation regarding how to add the metics

We should add a view for the Pod Security Policies, under the security tab, using the link
/apis/policy/v1beta1/podsecuritypolicies .

As much as it is possible, the URLs used in the dashboard should reflect what users see in the view.
i.e. if a table is sorted by some column, then the URL should reflect that.

The reason is that e.g. this way users can share URLs within a team, and everybody is expected to see exactly what the user was seeing without having to change some aspects in the view.

Acceptance Criteria:

• All columns in a table displayed affect the URL when its sorting is changed
• When using a URL that has some sorting params, etc. the view should reflect that

More details TBD.

Since we support multiple clusters, a nice way to quickly identify them (besides the name) is to assign them a different color. We shall call this the cluster's accent color as it will be reflected in a few parts of the dashboard.

We understand this is not an accessible option for color-blind users, but that should be covered by #14 .

This feature also requires having a settings view (#16).

Acceptance Criteria:

• Allow the user to select a color for each configured cluster
• Use this color in the cluster's icon (if not custom) and other elements in the UI (TBD)

https://github.com/kinvolk/headlamp/blob/e68b7f9aa4bb1836001712933b0ba096634b58fe/kubernetes-headlamp.yaml#L21

using this file to deploy in my cluster but failed with flag provided but not defined: -plugin-dir。

according to the logs, it should be -plugins-dir。

We should allow sorting by any column of the SimpleTable (maybe that requires a sorting function per column), and have the arrow up/down small icon next to the column title for ascending/descending orders.

We need a way to configure the dashboard to allow users to authenticate through OIDC.

Details TBD.

When creating a new resource, if the kind is not set up yet (or is the wrong kind), the documentation tab should show an error message instead of keeping the spinner showing forever.

Acceptance Criteria:

• When the resource has a kind and documentation is found, the documentation is shown
• If there is an error fetching the documentation, it should be shown in red with a message like: Cannot load documentation: CAUSE HERE.

Hi,

I'm trying to run Headlamp in my local minikube cluster. This is my first time doing so. However, I can't get the resources in the dashboard, eventhough I'm using the default serviceaccount token. I verify that I can use this token to access API, e.g.

kubectl --token=$TOKEN get pods

gives me the list of pods running on my minikube.

In the browser, I can see that I have the following 403 error when opening the cluster page, e.g. http://localhost:3000/c/minikube

apiProxy.ts:48 GET http://localhost:4654/clusters/minikube/apis/metrics.k8s.io/v1beta1/nodes 403 (Forbidden)
request @ apiProxy.ts:48
getMetrics @ api.ts:178
index.js:1 No metrics {err: Error: Api request error: Forbidden - nodes.metrics.k8s.io is forbidden: User "system:anonymous" ca…, url: "/apis/metrics.k8s.io/v1beta1/nodes"}

So my question is, is there any additional step that I should do to test Headlamp, either in minikube or other running k8 cluster?

Thank you :)

The metrics server shouldn't be a requirement for running Headlamp, but currently the code just assumes we have metrics server installed.

We should make sure that if the metrics server is not installed then we simply don't show the charts/info we generate from the metrics, and instead we should display a message suggesting to install the metrics server. This message should be non-intrusive and small at the moment (later we can add a link to how to install it, etc.).

Some users prefer to use a dashboard from their machines instead of having it running in a cluster or hosted somewhere else.

To support this use-case, we should have a desktop application (Electron) for the most used platforms: Linux, Mac, Windows.

Acceptance Criteria:

• A Headlamp desktop app exists for Linux
• A Headlamp desktop app exists for Mac
• A Headlamp desktop app exists for Windows

When performing cluster actions such as edit/delete/create, apparently the exceptions aren't being handled.
I have fixed this locally but I'm filing this issue to track it as I cannot finish it now.

Like we have in lokomotive. You can add this for writing a clean go code. I think currently, only 2 linters are used and more should be enabled. For more information https://github.com/kinvolk/lokomotive/blob/master/.golangci.yml

What do you think @joaquimrocha @ashu8912?

We should add the charts for memory/CPU requested/actual/limit used by pods.

If a cluster cannot be reached (either the cluster is down, or the user's network is down), the user should be informed about that.
Design for this is TDB.

There should be a settings view to allow the user to configre several aspects of the dashboard / clusters.

Acceptance Criteria:

• There is a settings button and view available
• At first, the settings should allow to see the details of all the clusters configured and change their accent color (#15)

Design:

TBD

We should publish official Headlamp images on quay.io/kinvolk. We can set up a CI job to build and push images from master as well as from Git tags when we start doing official releases.

Having keyboard shortcuts for the most common actions in Headlamp allows users to become very productive with the dashboard. So we should add them.

Initially we may just have them to select the search (#13), and switch clusters.

Acceptance Criteria:

• Accessing the cluster chooser can be done through a shortcut (Ctrl+Shift+L);
• Selecting the search entry / enabling the filter can be done through a shortcut (Ctrl+Shift+F);

Flatpak provides sandboxed and easy to manage Linux applications. We want to have Headlamp as a flatpak and on Flathub too, so let's track the work here.

Acceptance Criteria:

• A flatpak can be easily built
• Headlamp is published on Flathub

We have severa workload types like DaemonSets, Deployments, Jobs, CronJobs, StatefulSets, ReplicaSets, but only the latter has a dedicated list view.

We should create the dedicated list views for each of them, showing extra data in the list (to be defined).

The dashboard should be able to support several clusters. The actual support for this should be a build flag so it's just simple to configure when hosted.

In #66 the Dockerfile assumes that any plugins to be included in the image will be added to a folder plugins in the project's root directory. It would be nicer to instead be able to pass the plugins dir as an arg to the docker's file. This sounds trivial but since we need to copy the dir only when it exists, things get a bit trickier.

Currently we support plugins but there is yet no stable API for registering views/routes, etc. i.e. they can be done but they're subject to change.
We should evaluate whether the current functions/prototypes are good enough to announce that their "stable", meaning we will support them through minor versions.

Acceptance Criteria:

• TBD

Description

I get an SSL error when trying to use on-prem Dex with a cert signed by our local cert authority. Is there a way to make this work?

Impact

Prevents me from using OIDC

Environment and steps to reproduce

1. Set-up: Follow the in-cluster directions.
2. Task: Try to sign in.
3. Error: From the headlamp logs:

2020/11/19 23:58:21 Error while fetching the provider from https://dex.tst-k8s.epic.com/callback error Get https://dex.tst-k8s.epic.com/callback/.well-known/openid-configuration: x509: certificate signed by unknown authority
2020/11/19 23:58:21 http: panic serving 10.96.77.112:41566: runtime error: invalid memory address or nil pointer dereference

This results in a pop up window that says 502 bad gateway.

Expected behavior
Be directed to dex to login

Additional information
I'm already passing -insecure-ssl and it did not help.

Hello,

I got an error and there was blank screen when i try to access the url that host name and path defined in the Ingress yaml.
But the url of Service ip and nodeport is working fine and there is only problem when using Ingress.

This is the message on Chrome developer mode. (The url is : "http://test.mycompany.com/monitor/ " but i got this)

GET http://test.mycompany.com/static/css/2.e4d123f2.chunk.css net::ERR_ABORTED 404 (Not Found)

my Ingress yaml is as follows: (I don't think it has its own problem because it works for other services)

kind: Ingress
apiVersion: networking.k8s.io/v1beta1
metadata:
  name: headlamp
  namespace: kube-system
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /$2
spec:
  rules:
  - host: test.mycompany.com
    http:
      paths:
      - path: /monitor(/|$)(.*)
        backend:
          serviceName: headlamp
          servicePort: 80

Could you give me some help to use ingress to access headlamp?

Thanks.

hi This is a great project，and I want to contribute code.
but as title I meet trouble
I don‘t konw what is it the url headlamp.mydeployment.io .
Can you help me make a develop environment ？

Description

MacOS app does not get beyond "Wait while fetching clusters..." state. Cannot connect to http://localhost:4466/config.

Impact

App seems completely dysfunctional.

Environment and steps to reproduce

1. Set-up: macOS Big Sur v11.0.1 (20B29), Headlamp Version 0.1.0 (0.1.0)
2. Task: Launched the App
3. Action(s):
4. Error: See below

Expected behavior

Expected to see some clusters, kubectl context or similar.

Additional information

Screenshots

We have Edit and Delete buttons with the respective functionality, but they haven't been added and connected to all the views. So we should add those where needed.

Acceptance Criteria:

• All of the objects' details views have an edit/delete buttons (according to the user's permissions)

Description

Two issues

• The manifests for deployment to the cluster is wrong - it should be -plugins-dir instead of -plugin-dir
• After login to the UI after creating the ingress not able to see any data from the cluster (logged in via SA token the default one)
  Impact

[ 1 sentence detailing the impact this bug is creating for you ]

Environment and steps to reproduce

1. Set-up: a managed k3s cluster on Civo (civo.com)

2. Task: first edit the deployment and change the plugin-dir to plugins-dir

3. Action(s): after opening the UI , providing the default SA token for authentication I am not able to view anything inside the cluster

4. Error:
   

Expected behavior
Should be able to see the cluster resources

Current situation
If the metrics server is not installed, then Headlamp shows that notice but there is no mention of it in the docs.

Impact
Users who are not very familiar with the metrics-server/k8s may end up thinking there is a bug.

Ideal future situation
Users will know what to do if they want to see metrics exposed in Headlamp.

Implementation options

1. We need to add documentation and link to guides for installing the metrics-server, e.g. https://kubernetes.io/docs/tasks/debug-application-cluster/resource-metrics-pipeline/#metrics-server and https://kubernetes.io/docs/tutorials/hello-minikube/ (metrics setting).
2. Add a link to that documentation from the tooltip in the UI (the one showing up when there are no metrics)

When deploying Headlamp on a cluster, we may want to consider supporting auth using a service account.

Pros:

• It Just Works (TM) - the user doesn't have to figure out what a "token" is and how to get one.

Cons:

• Compromising the Headlamp pod grants access to the cluster at the same permission level as the service account.
• No per-user authentication, so harder to do things like auditing.

In the Workloads view's charts, if a chart is empty (because there are no workloads running of that kind), it should still show a legend under it.

E.g.:

In the example above, under the CronJobs' chart it should say: 0 Running.

Acceptance Criteria:

• When a type of workload has no running resources, its chart's legend should still be shown

The overall design of the dashboard will be reviewed by a designer, so we make sure the UX and UI great for our users. We also need a nice logo.

Acceptance Criteria:

• The UI/UX of the main parts has been reviewed, changes have been implemented (more details TBD)
• The project has a logo and it's being used in the UI
• The project has a logo and it's being used in the README

We should have a notifications area, with the most important events from the cluster.
It's still to be defined whether this area should show events for all clusters or just the current one (or to let it be defined by the settings).

Another possibility that can be part of this feature is to have an actual browser/app notification when an event happens.

Acceptance Criteria:

• There is a notifications area showing the important events
• We have a way to dispatch notifications
• Optional: There are notifications for some events' levels

More details TBD.

We should add a search view that searches for objects across clusters.
This search should have filters to specify e.g. kinds of objects, namespaces, clusters, etc.

Proposals:

• The search should be accessible from any view within a cluster.
• It should allow to filter what the search refers to (object kinds, namespaces, etc.), and what cluster to search in (or all, when omitted).
• It should show the results with links to their respective detailed views.

Steps to Reproduce the above issue in Roles View:

1. Go to Roles view
2. Use the table paginator and press the next arrow button on it
3. Now Click on any role name from the list
4. In the Role Detail View Press the Back Button and Boom you will be redirected to chooser page

Steps to Reproduce the above issue in RoleBindings View

1. Go to RoleBindings View
2. Click on any Name from the list
3. On the RoleBindings Detail View Now Press Back and Boom You will be redirected to chooser page

In views which use tables (every list view), if the data is updated, then the list refreshes to show those changes. This represents a UX a problem if the user is beyond the first page of the table, as it will refresh and show the 1st page again.
Refreshing and keep showing the previous page the user was seeing is also not a good solution as there may be new entries before or in the current page, which would "displace" the results the user may be interested in checking out.

A better solution thus is to just not update the table when the data changes if the table is in a page > 1, but instead show a "Refresh" button on top of the table, so the user can be aware that there are new changes, and click the button.

Acceptance Criteria:

• When the table's data changes, if the user has changed the page at all (i.e. even if changed to page 2 and then page 1), the current table page and data are not changed
• When the table's data changes, a refresh button is shown on top of the table
• When the user clicks the refresh button, the actual table's data is changed and thus the user is taken to page 1, with the new data showing (and the refresh button is no longer shown)
• The refresh button will be centralized horizontally and have this icon, the label Refresh, and the tooltip Click to display the new data in the table.

Provide:

• ./Makefile
• ./Dockerfile
• ./deploy/*.yaml: Kubernetes yaml files to deploy with kubectl apply -f deploy/

Many users prefer dark backgrounds in a screen, so we should offer this option.

Acceptance Criteria:

• A dark theme is available
• The theme selectable from the settings view (#16)

When we support multiple clusters, it'd be useful to have an overview with any interesting data from the clusters, like any failure events, and/or the load. So users can quickly be aware of any changes that require their attention.

Requirements TBD.

When starting a Lokomotive cluster without gangway, I get a kubeconfig with a client certificate but without token. We should implement a way in the dashboard to authenticate with a kubeconfig, without a dashboard.

Helm is used by a large portion of the k8s community for managing workloads. We probably want to have an official chart for Headlamp.

One nice way to quickly identify clusters is to assign different icons to them. So we should allow that as an option.

Acceptance Criteria:

• Offer a way for the user to configure a different icon for a cluster *

* TBD: Whether this will be a choice from a set of predefined icons, or a user uploaded icon, or both.

We should highlight the JSON and YAML data in the several views that show it. E.g. https://www.prettifier.net/json/

Acceptance Criteria:

• The JSON data is highlighted
• The YAML data is highlighted

We need an apply button that allows users to apply changes to the cluster using a YAML file.

Acceptance Criteria:

• There is a button for showing up the apply dialog
• The apply dialog effectively applies the new configuration given by the user
• There is a grace period between pressing apply and the actual action being performed, within which the user can cancel the action
• The apply button is only shown if the user has the right permissions