sarman/tftsr-devops_investigation
1
1
Fork 0
Code Issues 4 Pull Requests Actions 34 Packages Projects 3 Releases 6 Wiki Activity
c871318009
tftsr-devops_investigation/docs/wiki/Kubernetes-Management.md
Shaun Arman 3f4869af01
Some checks failed
PR Review Automation / review (pull_request) Has been cancelled
Details
Test / frontend-typecheck (pull_request) Has been cancelled
Details
Test / rust-clippy (pull_request) Has been cancelled
Details
Test / frontend-tests (pull_request) Has been cancelled
Details
Test / rust-fmt-check (pull_request) Has been cancelled
Details
Test / rust-tests (pull_request) Has been cancelled
Details
feat(kubernetes): implement Lens Desktop v5 feature-parity UI 
Complete overhaul of the Kubernetes management page from a basic config
panel into a full Lens-style IDE shell with 26 resource types, real-time
data, and a comprehensive test suite.

Layout & navigation:
- Rewrite KubernetesPage as a Lens v5-style shell: collapsible sidebar
  (Workloads / Services & Networking / Config & Storage / Access Control /
  Cluster), top hotbar with cluster+namespace selectors, Ctrl+K command
  palette
- All 26 resource types now accessible via sidebar navigation (previously 5)

New resource types (Rust + TypeScript + React):
- StorageClasses, NetworkPolicies, ResourceQuotas, LimitRanges
- 4 new Tauri commands registered in generate_handler![]

Component implementations (replacing stubs with real IPC):
- Terminal: full xterm.js with multi-tab sessions and exec_pod IPC
- YamlEditor: Monaco editor with YAML syntax highlighting
- MetricsChart: recharts LineChart/BarChart
- ClusterOverview: live node/pod/deployment/namespace counts
- ClusterDetails: real kubeconfig + node data
- PodDetail, DeploymentDetail, ServiceDetail, ConfigMapDetail, SecretDetail:
  all connected to real IPC data, zero hardcoded values
- CreateResourceModal, EditResourceModal: wired to createResourceCmd /
  editResourceCmd
- RbacViewer: live data from 4 RBAC IPC commands
- RbacEditor: create roles/cluster-roles via YAML editor
- CommandPalette: 12 real navigation commands, keyboard nav

Dependencies added: xterm@5, xterm-addon-fit, xterm-addon-web-links,
@monaco-editor/react@4, recharts@2

Tooling:
- Replace eslint-plugin-react (incompatible with ESLint 10) with
  @eslint-react/eslint-plugin; fix eslint.config.js for flat config
- Fix pre-existing hoisting lint errors in Security.tsx, PortForwardForm.tsx
- Fix eventBus.ts: replace all `any` generics with `unknown`

Tests: 251 passing across 35 test files (was 94/19)
- 16 new test files covering all new and fixed components (TDD)
- npx tsc --noEmit: 0 errors
- cargo clippy -- -D warnings: 0 warnings
- cargo fmt --check: passes
- eslint src/ --max-warnings 0: 0 issues
2026-06-07 16:41:28 -05:00

12 KiB
Raw Blame History

Kubernetes Management

This document describes the Kubernetes Management UI — a Lens Desktop v5-equivalent Kubernetes management experience built into the Troubleshooting and RCA Assistant.

Overview

The Kubernetes Management UI provides full feature parity with Lens Desktop v5.x (the last open-source release), delivering a complete cluster management IDE directly inside the application. The implementation is MIT-licensed and uses the bundled kubectl binary for all cluster operations.

Current version: v1.1.0

Page Layout

The Kubernetes page uses a Lens-style shell layout:

┌──────────────────────────────────────────────────────────────┐
│  Hotbar: Cluster selector | Namespace selector | Refresh | + │
├──────────────┬───────────────────────────────────────────────┤
│   SIDEBAR    │              MAIN CONTENT                     │
│              │                                               │
│ ▶ WORKLOADS  │  ClusterOverview (default)                    │
│   Pods       │  — or —                                       │
│   Deployments│  Selected resource list                       │
│   DaemonSets │  — or —                                       │
│   StatefulSets│  Detail panel                                │
│   ReplicaSets │                                              │
│   Jobs       │                                               │
│   CronJobs   │                                               │
│              │                                               │
│ ▶ NETWORKING │                                               │
│   Services   │                                               │
│   Ingresses  │                                               │
│   NetworkPols│                                               │
│              │                                               │
│ ▶ CONFIG     │                                               │
│   ConfigMaps │                                               │
│   Secrets    │                                               │
│   HPAs       │                                               │
│   PVCs       │                                               │
│   PVs        │                                               │
│   StorageClass│                                              │
│   ResourceQ  │                                               │
│   LimitRanges│                                               │
│              │                                               │
│ ▶ ACCESS CTL │                                               │
│   ServiceAccts│                                              │
│   Roles      │                                               │
│   ClusterRoles│                                              │
│   RoleBindings│                                              │
│   CRBindings │                                               │
│              │                                               │
│ ▶ CLUSTER    │                                               │
│   Overview   │                                               │
│   Nodes      │                                               │
│   Events     │                                               │
│   Port Fwd   │                                               │
└──────────────┴───────────────────────────────────────────────┘

Keyboard shortcut: Ctrl+K opens the Command Palette for quick navigation.

Resource Types (26 total)

Workloads (7)

Resource Component Actions
Pods PodList + PodDetail Logs, exec, scale, delete
Deployments DeploymentList + DeploymentDetail Scale, restart, rollback, delete
Daemon Sets DaemonSetList Delete
Stateful Sets StatefulSetList Delete
Replica Sets ReplicaSetList Delete
Jobs JobList Delete
Cron Jobs CronJobList Delete

Services & Networking (3)

Resource Component Actions
Services ServiceList + ServiceDetail Port forward, delete
Ingresses IngressList Delete
Network Policies NetworkPolicyList Delete

Config & Storage (8)

Resource Component Actions
Config Maps ConfigMapList + ConfigMapDetail Edit, delete
Secrets SecretList + SecretDetail View masked, delete
Horizontal Pod Autoscalers HPAList Delete
Persistent Volume Claims PVCList Delete
Persistent Volumes PVList Delete
Storage Classes StorageClassList Delete
Resource Quotas ResourceQuotaList Delete
Limit Ranges LimitRangeList Delete

Access Control (5)

Resource Component Actions
Service Accounts ServiceAccountList Delete
Roles RoleList + RbacViewer/RbacEditor Create, delete
Cluster Roles ClusterRoleList + RbacViewer/RbacEditor Create, delete
Role Bindings RoleBindingList Delete
Cluster Role Bindings ClusterRoleBindingList Delete

Cluster (4)

Resource Component Notes
Overview ClusterOverview Live node/pod/deployment counts
Nodes NodeList Cordon, uncordon, drain
Events EventList Filterable by namespace
Port Forwarding PortForwardList + PortForwardForm Start/stop/delete tunnels

Advanced Features

Terminal (Terminal.tsx)

  • Full xterm.js implementation with multi-tab session management
  • Shell selection: sh, bash, zsh
  • Connects to pods via exec_pod IPC command
  • xterm-addon-fit for automatic resize
  • xterm-addon-web-links for clickable URLs in output
  • Sessions identified by pod/container/namespace

YAML Editor (YamlEditor.tsx)

  • Monaco editor (@monaco-editor/react) with YAML syntax highlighting
  • Language: yaml, Theme: vs-dark
  • Controlled value with Apply/Cancel buttons
  • Used in: CreateResourceModal, EditResourceModal, detail panels, RbacEditor

Metrics Charts (MetricsChart.tsx)

  • recharts LineChart and BarChart with ResponsiveContainer
  • Time range selector: 5m, 15m, 1h, 6h, 1d
  • Used in: ApplicationView, ClusterOverview

Command Palette (CommandPalette.tsx)

  • Triggered with Ctrl+K from anywhere in the Kubernetes page
  • 12 navigation commands covering all major resource types
  • Keyboard navigation: ↑/↓ arrows, Enter to execute, Escape to close
  • Filter commands by typing

RBAC Management (RbacViewer.tsx / RbacEditor.tsx)

  • Viewer: live data from listRolesCmd, listClusterrolesCmd, listRolebindingsCmd, listClusterrolebindingsCmd
  • Editor: YAML editor with template generation for Roles, ClusterRoles, RoleBindings, ClusterRoleBindings
  • Create via createResourceCmd, delete via deleteResourceCmd

Cluster Overview (ClusterOverview.tsx)

  • Real-time counts: nodes (ready/total), pods (running/total), deployments, namespaces
  • Node table with status, roles, version, age
  • All data loaded from listNodesCmd, listPodsCmd, listDeploymentsCmd, listNamespacesCmd

Backend Architecture

All Kubernetes operations use the bundled kubectl binary (v1.30.0) via tokio::process::Command. No direct Kubernetes API client library is used — this approach avoids TLS certificate management complexity and works with any cluster configuration.

State

pub struct AppState {
    pub clusters: Arc<TokioMutex<HashMap<String, ClusterClient>>>,
    pub port_forwards: Arc<TokioMutex<HashMap<String, PortForwardSession>>>,
    pub watchers: Arc<Mutex<HashMap<String, WatcherHandle>>>,
    // ...
}

Clusters are stored in-memory only (not persisted). Kubeconfigs are stored encrypted in the database and written to temporary files at command execution time.

Security

  • Input validation: validate_resource_name() enforces Kubernetes DNS subdomain rules and prevents command injection
  • Temp file cleanup: TempFileCleanup guard auto-deletes kubeconfig temp files on scope exit
  • No credential logging: kubeconfig content never appears in audit logs
  • Three-tier command safety: shell commands additionally classified by classifier.rs (Tier 1 auto, Tier 2 approval, Tier 3 deny)

Commands (48 total)

Cluster Management (5)

  • add_cluster, remove_cluster, list_clusters, test_cluster_connection, discover_pods

Port Forwarding (5)

  • start_port_forward, stop_port_forward, list_port_forwards, delete_port_forward, shutdown_port_forwards

Resource Discovery (26)

  • list_namespaces, list_pods, list_services, list_deployments, list_statefulsets, list_daemonsets
  • list_replicasets, list_jobs, list_cronjobs
  • list_configmaps, list_secrets, list_nodes, list_events
  • list_ingresses, list_persistentvolumeclaims, list_persistentvolumes
  • list_serviceaccounts, list_roles, list_clusterroles, list_rolebindings, list_clusterrolebindings
  • list_horizontalpodautoscalers
  • list_storageclasses, list_networkpolicies, list_resourcequotas, list_limitranges (v1.1.0)

Resource Management (8)

  • get_pod_logs, scale_deployment, restart_deployment, delete_resource, exec_pod
  • cordon_node, uncordon_node, drain_node

YAML Operations (2)

  • create_resource, edit_resource

Rollback (1)

  • rollback_deployment

Event Subscription (3)

  • subscribe_to_k8s_events, subscribe_to_all_k8s_events, unsubscribe_from_k8s_events

Frontend State Management

Store: src/stores/kubernetesStore.ts (Zustand, not persisted)

State Purpose
selectedClusterId Active cluster (drives namespace/resource loading)
selectedNamespace Active namespace filter
clusters, contexts Cluster metadata
namespaces Cached namespace list per cluster
loadedResources Set of resource types currently loaded
terminalSessions Active xterm.js terminal sessions
globalSearchQuery Cross-resource search state
bulkSelection Multi-resource selection per type

Key Files

Path Purpose
src/pages/Kubernetes/KubernetesPage.tsx Lens-like page shell (sidebar + hotbar + content)
src/components/Kubernetes/ResourceBrowser.tsx Legacy resource browser (5 types)
src/components/Kubernetes/ClusterOverview.tsx Live cluster summary
src/components/Kubernetes/Terminal.tsx xterm.js pod exec terminal
src/components/Kubernetes/YamlEditor.tsx Monaco YAML editor
src/components/Kubernetes/MetricsChart.tsx recharts metrics visualization
src/components/Kubernetes/RbacViewer.tsx Live RBAC resource viewer
src/components/Kubernetes/RbacEditor.tsx RBAC create/edit via YAML
src/components/Kubernetes/CommandPalette.tsx Ctrl+K command palette
src/lib/eventBus.ts Frontend event bus for K8s watchers
src-tauri/src/commands/kube.rs All 48 Kubernetes Tauri commands
src-tauri/src/kube/ Client, port forward, watcher, refresh modules

Dependencies

Frontend (npm)

Package Version Purpose
xterm 5.x Terminal emulator
xterm-addon-fit 0.8.x Auto-resize
xterm-addon-web-links 0.9.x Clickable URLs
@monaco-editor/react 4.x YAML editor
recharts 2.x Metrics charts

Backend (Cargo)

No external Kubernetes client libraries. Uses tokio::process::Command + bundled kubectl binary.

Known Limitations

  1. Metrics: CPU/memory charts show placeholder data — requires metrics-server integration (future work)
  2. Real-time updates: Watcher backend exists but frontend integration is polling-based; true watch streams pending
  3. Helm: Not yet integrated (planned for v1.2.0)
  4. StorageClasses: Cluster-scoped, no namespace filter
  5. Node metrics: Cordon/drain requires cluster admin privileges