Cloud Manager Reference Manual

Docs EInnovator Posted 13 May 20

Cloud Manager FAQ - Frequently Asked questions

What is the relation between Kubernetes and Cloud Manager?

Kubernetes is a software container deployment and instrumentation platform. It defines and manages compute, storage, memory and configuration resources that are deployed to a cluster of node. Cloud Manager is a web-front end to Kubernetes that simplifies and makes more effective all aspects of devops work. It provides a UI/UX that complements and, in many cases, makes Kubernetes more convenient and straightfoward to use than using the plain command-line tool kubectl and hard to maintain manifest YAML configuration file.

How are the Kubernetes resources managed from within Cloud Manager?

Cloud Manager provides convenient UI/UX to inspect, create and manager all Kubernetes core resource and some key extensions. This includes: Namespaces, Deployments, StatefulSet, Pods, Jobs, ConfigMaps, Secrets, etc. Some of the resources in Kubernetes are mirrored into Cloud Manager own database, for easy of access and extended functionally. It also allow resources to be edited before deployed to a cluster.

How are the Kubernetes resources mapped to Cloud Manager resources?

All core resources in Kubernetes are mapped one-to-one with resources in Cloud Manager. A namespace in Kubernetes is mapped to a Space and is assigned to a Cluster. A Deployment in Cloud Manager has a kind attribute, and depending on the kind is mapped to a Deployment, StatefulSet or Pod in the underlying Kubernetes cluster.

Does Cloud Manager support multi-clusters operations?

Yes! In Cloud Manager you can defined and configure access to several clusters. Cloud Manager provides a seemly integrated experience to handle clusters hosted in multiple clouds and data-centers. You can perform inter-cluster operations as well, such as copy-paste of deployments and other resources across clusters.

How to trouble-shoot deployments ?

Cloud Manager provides easy access to the logs of Kubernetes pods. You can easily switching between logs of different pods of same deployment, follow log tails, search and filtering log content, with a nice display high-lighting. You can also inspect all details about a resource spec, the same way as you do with kubectl but with the commodity of a web UI.

How to install marketplace solution with Cloud Manager ?

Cloud Manager allows administrators to defined and share reusable services and deployments — designated as solutions. Solutions can be defined standalone or as part of a catalog or solution repository. Administrators specify all the configuration details for a solution, so developers can use a one-click approach to setting up backing services and support services. Integration with package manager Helm and YAML templating tool YTT is available out-of-the-box.

Can I manage services from Cloud Manager?

Cloud Manager as built-in UI to manage several kinds of services. You can find management consoles for a pod file-system — File Manager, a shell terminal for pods — Console, and a database management console with support for querying and data backup/snapshots — currently with support for MySQL/MariaDB. The set of supported services and databases is also planned to be expanded.

Does Cloud Manager supports CI/CD pipelines ?

Yes! Cloud Manager integrates with Tekton, a de-facto standard for Kubernetes, to implement CI/CD pipelines. Cloud Manager gives you a simplified experience for creating new Docker images and deploying them. You can define a (VCS) GIT repository and a Docker image Registry for each of your deployments. You can build a new docker image for latest version or snapshoot of you application in a single-click. Source code is pulled from the GIT repository, built in the the cloud, and the resulting docker image is pushed to the selected image registry. All the details of authorization and kubernetes resource creation are taken care automatically by Cloud Manager.

Can I use Cloud Manager in combination with kubectl ?

Yes! Cloud Manager allow users to download authorization certificates and configuration files to access a Kubernetes cluster using kubectl. The permissions for the issued certificate are set to match the access-control policy and role assignment defined in Cloud Manager. Cloud Manager allow you to be more productive by automating and simplifying commonly performed tasks, but gives users the options to fallback to use command-line tools as well.

How does Cloud Manager and Kubernetes Dashboard compare?

Both Cloud Manager and Kubernetes Dashboard provide a web UIs for Kubernetes. However, Cloud Manager has a larger feature set and scope, and more powerful capabilities. Dashboard only allows you to inspect the state of your resources and perform basic devops such as scaling. Cloud Manager gives you a full gamut of possibilities, from defining new and launching new deployments, define configuration resources, define and manage persistence resource, support multi-cluster access and operations, allows users to download certificates for kubectl access, perform supports CI/CD pipelines and integration with multiple images registries and GIT (version/source-control) systems, provide marketplace solutions and catalogs, and much more.

How is authentication and access control done in Cloud Manager ?

Cloud Manager integrates with a SSO Gateway to secure and authenticate access to your cluster. Additionally, it provides a simplified role-based access-control modal, that maps into Kubernetes RBAC abstraction. User can easily invite others to access a Space and assigned them selected roles.

Can I install Cloud Manager on-premises ?

Yes! We provide an installation package that contains scripts to easily install Cloud Manager in on-premises clusters (e.g. your dev laptop, or your organization data-center, or a public cloud not affiliated with EInnovator). Installation tooling & packaging can be opted between YTT and HELM. All different modes of exposing service in Kubernetes are supported (i.e. ingress, nodeport, load-balancer, port-forwarding). Instructions to download the installation package and the list of installation step are available here: Deploy Cloud Manager On-Premises. In most cases, it does not take more than a few minutes to set it up in your cluster.

Is there any difference between Cloud Manager free Community edition and licensed editions ?

Mostly not. The features available in the Community edition are exactly the same as in other editions. The only difference is that the community/unlicensed edition is capped on the amount of resources you can deploy to your cluster(s) — e.g. at most 10Gb of memory usage and 10Pods/Deployments. Purchasing a commercial license allows to raise the limit on resource usage and get VIP priority on handling reported issues. You can start with a very affordable license and upgrade as your system and business grows (e.g. starting with a 100$/month Professional license is probably enough for serious development, and for a small-medium size startup). Complex micro-service architectures and large scale deployments may require more resources. Enterprise licenses further includes 16/6 technical/operations support, and VIP priority handling of requests for new features. Check Licenses for details.

Can I stop using Cloud Manager at any time ?

Yes! Cloud Manager does not change in any way the fundamentals and runtime of Kubernetes. You can stop using or uninstall Cloud Manager any time, without any disruption to your Kubernetes clusters and the application and services running on it.

It also does not require any runtime or agent specific of Cloud Manager to be installed. It uses Kubernetes API for all ops. As such, there is no need to uninstall any Cloud Manager specific component in each and every cluster, whenever you decide to stop using Cloud Manager.

Is Cloud Manager open-source software ?

Cloud Manager, and the services it depends on made by EInnovator, follow a Freemium pricing model. It is free to use up to a limited amount of resources allocation. All client-side libraries for accessing services, and command-line tools, are available as open-source software in GitHub. Selected parts of services run-time are also available (or planned to be made available) as open-source software on GitHub public repositories. The source-code implementing the UI/UX functionality of Cloud Manager and support microservices is currently not available as open-source software in the traditional sense. Nonetheless, re-evaluation and refinement of the business and development model, may lead to fully open-source increasing parts and number of services.

The support microservices are designed from the ground up to be highly customizable and resuable – e.g. in theme, views, provide a generic programming model, and a rich set of configuration options. As such, these service can be used to build your own custom platform and applications as part of your own micro-service architecture — even if you don’t have access to the complete source code of some of the services. In specific cases (e.g. to address legal and/or compliance requirements), we do case-by-case agreements to make parts of the software semi-open for review by internal staff, affiliated organizations, and compliance bodies. We also provide a semi-open-source license when organizations want to reuse/extend Cloud Manager or the microservices architecture for specific business use cases, in a partnership development and professional services provider model.

Does Cloud Manager increase the attack vectors to my Kubernetes cluster ?

People and organizations sometimes worry if adding Kubernetes Dashboard, CloudManager, or other browser based tools to the devops toolkit increases the attack vectors into Kubernetes Clusters.

In the limit case, for security sake, you can always put Cloud Manager running in a VM/cluster that is not reachable from the Internet. Even if you are managing clusters on the cloud, the VM/cluster where you have Cloud Manager deployed can be inside your organization internal network — fully protected with firewall and/or without public IP.

Cloud Manager can run in single-user mode — with only one admin user/password at the UX level, which minimizes access credentials. To enable team collaboration, deploying Cloud Manager in multi-user mode is preferable. In multi-user mode, Cloud Manager runs with a secure state-of-the-art SSO Gateway as a companion side-quick service. The SSO Gateway is fully configurable in access policies, account and token management. Its is implemented with Spring Security, a battle harder framework for security.

How does your Cloud Manager position itself in the market?

Given the considerable number of tools available in the Kubernetes ecosystem, people like to know how Cloud Manager position itself in the market and compares or integrates with other tools.

Cloud Manager main goal is to provide a comprehensive coverage of all/most workflows needed to deploy, configure, troubleshoot, and build applications and microservice architecture. It is our starting assumption, that the Kubernetes devops model and UX can be highly simplified for most practical purposes and most used in every day work activities. While there are other tools that aims to simplify different aspects of Kubernetes devops, Cloud Manager takes this coverage further when it comes to supporting development. While some aspects are deliberate excluded and relegated to other tools (e.g. real-time monitoring, or on-premises cluster setup), aspects relevant to developers works are considered primary. From building images, to simplified deployments, to DNS routes and ingress setup, to backup and import database data, to configuring microservice bindings.

How does your Cloud Manager compares with Rancher ?

Rancher is another web-tool to help you manage Kubernetes clusters, like Cloud Manager and Kubernetes Dashboard. People often ask how Rancher and Cloud Manager compare, are they competitors or complementary tools?!

There is some overlap in functionality between Rancher and Cloud Manager, but not completely. Rancher is more focused on cluster setup and tool integration. Rancher fallback to use kubectl command-line tools to many/most operations, such as: deploying applications, services, setup ingresses, etc. On the other hand, Cloud Manager is intended to replace both the Kubernetes Dashboard and kubectl for many/most operations and simplify those operation to maximum extent possible. This includes: deploying application with minimial configuration for deployments (i.e. no need for YAML manifest file, unless you have a very specific/advanced use-case), make it super easy to setup ingresses and DNS routes for applications, manage domain certificates (including issuing free certificates), manage custom marketplace catalogs and install solutions, take backup snapshots of DB data, and setup CICD pipelines (e.g. to build Docker images on demand, or automatically when a (tagged) push/commit is done in some GIT repo).

Rancher approach to runtime is also different from Cloud Manager. Rancher requires installation of an agent in each managed cluster. Cloud Manager operates directly with Kubernetes standard API expoused in the master node, so no need to install an agent. It could be argued that, for simplicity and security sake, not installing an agent in each cluster can be a preferred option unless it is stricly required.

The other API Cloud Manager uses is when integrating with public clouds. In this case, it also uses the API of the public cloud provider to import the clusters with a single click. Once the clusters is imported, only uses Kubernetes API is used.

Overall, Rancher and Cloud Manager follow a different architectural approach and have partially overlapping but a different set of functions. Depending on your workflows and tasks, they could be used as complementary or alternative tools. If you are a developer or architect doing also some devops works Cloud Manager ideal as it simplifies most workflows need on a daily basis. If you are a devops engineer, that setups clusters but mostly does monitoring work on the cluster after that, then Racher (or Leans IDE) is probably a good option as well.

How does your Cloud Manager compares with Lens IDE ?

Leans IDE is another popular tool for Kubernetes. It provides a nice UI for managing multiple Kubernetes clusters. It is implemented as a standalone application, rather than as a web-browser based tool. It allows to browse resource deployed in clusters, and provides key status and statistics and monitoring insights of clusters. Like Racher it fallback to kubectl command-line tool when performing most operations.

Cloud Manager like Kubernetes Dashboard is a web-browser based tool. This as the advantage of remote access, and allowing team collaboration in same cluster and namespaces. It can be setup in multi-user mode with an fully-fledged side-kick SSO Gateway with support for account and token management and user invitations. It provides also a simplified access control model on top of Kubernetes RBAC, partially inspired in Cloud Foundry access model. The setup of an additional side-kick notification service, further enable email and SMS notifications for increased awarness and team collaboration. A social service add-on also enables comments and discussion per (name)space.

Overall, Leans IDE and Cloud Manager follow a different architectural approach. Leans IDE is packaged as a “traditional” standalone app, with optional module extensions. While Cloud Manager runs as a web-app packaged as a Docker Image. Runs as a single-service in single-user mode, or as a set of microservice in multi-user mode. In multi-user mode, typically runs inside a Kubernetes cluster.

How do I setup access to clusters, and upload a config file with cluster credentials ?

In Cloud Manager, clusters are configured either explicitly with server+access credentials, or by importing the details from cloud providers. For explicit config, the minimal information required is: cluster name, (master) server URL, CA certificate, and either token or user certificate+private key. This information is available in the kubectl cluster-context YAML configuration file, by default located in ~/.kube/config. Uploading of the config file was a requested feature, which is planned to be released soon. We will update this FAQ when available.

For clusters provisioned in public cloud providers, you can usually download the config file from the console or corresponding command-line tool. You can also import cluster details with a single click, by providing a personal access token/credentials to the provider. Cloud Manager supports cluster imports from 10+ cloud providers, including all the major provider. We also add support for new cloud providers as soon as we are aware of them, and they publish documentation of a public API. In many cases, we build our own client driver to the provider to avoid having to wait for a full SDK to be available from the provider or community.

Comments and Discussion