(DEPRECATED) Octant Dashboard turnkey Docker image and Helm deployment files

Deprecation notice

VMware/Tanzu has deprecated Octant. By extension, this repository is now deprecated has wel..

Intro

This repository provides ready-to-use Helm deployment files and a Docker image to deploy the Octant tool in your Kubernetes cluster in a read-only manner.

What is Octant

From the Octant GitHub repository:

A highly extensible platform for developers to better understand the complexity of Kubernetes clusters.

Octant is a tool for developers to understand how applications run on a Kubernetes cluster. It aims to be part of the developer’s toolkit for gaining insight and approaching complexity found in Kubernetes. Octant offers a combination of introspective tooling, cluster navigation, and object management along with a plugin system to further extend its capabilities.

The purpose of this repo

I like Octant, but sometimes giving a .kube/config file to your developers isn’t feasible or practical (for various reasons, which is another discussion altogether!).

So I figured I could deploy octant in as a read-only dashboard alternative to the official Kubernetes dashboard. This repository is me open-sourcing and sharing my deployment configuration.

Effectively, using this repo you can:

• Install Octant as read-only in your Kubernetes cluster(s)
• Protect that dashboard with SSO (OAuth2 Proxy dependancy)

Installing with Helm

First, add the Helm chart repository (provided through GitHub Pages with the help of Chart Releaser)

helm repo add octant-dashboard https://aleveille.github.io/octant-dashboard-turnkey/repo

Then install the chart:

helm upgrade octant-dashboard octant-dashboard/octant --namespace octant  --install --values myValues.yaml

Here’s a sample Helm value file compatible with External DNS, NGINX Ingress Controller and that assumes you are terminating SSL somewhere upstream. By default, this chart will have Octant listens on port 8000 (service & pod). There’s also a way to give Octant more cluster role rules in order to list custom resources that aren’t already part of this chart (in the values files below you can see an example to whitelist everything).

#imagePullSecrets:
#- name: someSecret

ingress:
  enabled: true
  annotations:
    kubernetes.io/ingress.class: nginx
    external-dns.alpha.kubernetes.io/target: yourdns.zone.com.
  hosts:
    - host: octant.yourdns.zone.com
      paths:
      - path: /
        pathType: ImplementationSpecific
  tls: []

clusterRole:
  additionalRules:
  - apiGroups:
    - "*"
    resources: ["*"]
    verbs:
    - get
    - list
    - watch

Contributing or asking for features

While this repo is heavily inspired by my deployments of Octant and how I deploy it, I’m happy to improve it if you have different needs (eg: other SSO proxies or non-read-only deployments). Just open a GitHub issue and I’ll see if I can support your use-case.