Open fpaparoni opened 2 weeks ago
Hi Federico,
- Fixed namespace: is there the possibility to have a default namespace configured so the user won't the namespace selection?
The namespace selection is always available, but if there is a default namespace configured in your kubeconfig file, then Kubebox uses that and won't display the namespace selection when started.
- Resource panel: is it possible to remove from the main view by default config?
No, it's not configurable at the moment.
- Installing it in a cluster gives me free access to the console. Is there a possibility to link some sort of authentication (OIDC or something similar?)
Provided you have a cluster with OIDC enabled, and you've configured it on the kubeconfig file, then Kubebox should use that to authenticate.
Thank you for your answers. For the Resource panel I'm trying to understand how to modify the source code to toggle on/off.
Related to the other questions there is something I don't understand. You are talking about a kubeconfig, but if I install kubebox in my remote k8s cluster, so using web version I'm not providing a kubeconfig and I have direct access to the cluster where I installed it, also using a computer/browser where I haven't a k8s configuration. Is there a sort of config I can add to the kubebox k8s yamls to define, for example, the namespace?
Thank you for your answers. For the Resource panel I'm trying to understand how to modify the source code to toggle on/off.
The resources box is created there: https://github.com/astefanutti/kubebox/blob/0448a18e9e6acabba004d44fd1d0625027ba48ed/lib/ui/dashboard.js#L73-L85
Related to the other questions there is something I don't understand. You are talking about a kubeconfig, but if I install kubebox in my remote k8s cluster, so using web version I'm not providing a kubeconfig and I have direct access to the cluster where I installed it, also using a computer/browser where I haven't a k8s configuration. Is there a sort of config I can add to the kubebox k8s yamls to define, for example, the namespace?
You're right, the kubeconfig file is used when running Kubebox locally. When running in-cluster that's the service account associated to the Pod that's used at the moment, so Kubebox "inherits" the permissions granted to that service account via RBAC.
With OpenShift, it's possible to use OAuth (see https://github.com/astefanutti/kubebox/blob/0448a18e9e6acabba004d44fd1d0625027ba48ed/openshift.yaml#L77C19-L77C39).
It might be possible to deactivate the ServiceAccount for authentication and use OpenID, but I'm not sure we've tested it and there might be some limitations, as custom CA for the IDP: https://github.com/astefanutti/kubebox/blob/master/README.adoc#authentication.
Thank you for the hints ;)
I would like to know if configuration options are available in the project. I'm trying to see in the github repo but don't find much documentation.
Mainly I have three things to modify related to the standard setup:
Regards,
Federico