Configuration

Kontena Lens is configured via Kontena Lens Installer ConfigMap.

apiVersion: v1
kind: ConfigMap
metadata:
  name: kontena-lens-installer
  namespace: kube-system
  labels:
    k8s-app: kontena-lens-installer
data:
  lens.yml: |-
    # name: my-cluster
    # ingress:
    #   host: lens.mydomain.com
    #   tls:
    #     enabled: true
    #     email: me@mydomain.com
    #     secret_name: my-domain-tls
    # persistence:
    #   enabled: true
    #   storage_class: ""
    # metrics:
    #   replicas: 1
    #   persistence:
    #     enabled: true
    #     size: 5Gi
    #     storage_class: ""
    #   tolerations: []
    #   node_selector: {}
    #   retention:
    #     time: 30d
    #     size: 1GB
    #   node_exporter:
    #     enabled: true
    #   kube_state_metrics:
    #     enabled: true
    #   alert_managers: []
    # shell:
    #   image: docker.io/kontenapharos/lens-terminal:latest
    #   skip_refresh: false
    # charts:
    #   enabled: true
    #   repositories:
    #   - name: stable
    #     url: https://kubernetes-charts.storage.googleapis.com
    # authentication:
    #   connectors:[]
    # addons:
    #   aws-gp2:
    #     enabled: true
    #   aws-calico-policy:
    #     enabled: true
    #   cert-manager:
    #     enabled: true
    #   ingress-nginx:
    #     enabled: true
    #     kind: Deployment
    #     deployment:
    #       replicas: 2
    #     configmap:
    #       worker-shutdown-timeout: 300s
    #     default_backend:
    #       image:
    #     node_selector: {}
    #     tolerations: []
    #     extra_args: []

Configuration File Reference

name

Name for the Kontena Lens installation (usually cluster name).

ingress

Ingress configuration.

ingress:
  host: lens.mydomain.com
  tls:
    enabled: true
    email: me@mydomain.com
    secret_name: mydomain-tls
  • host - ingress host. Defaults to lens.<lb-ip>.nip.io.
  • tls.email - email used for LetsEncrypt certificate. If no email is given then secret_name must be set to a valid TLS secret.
  • tls.secret_name - name for TLS secret that ingress uses. LetsEncrypt is not used if set.

For production environments it's recommended to use dedicated domainname and valid email address for LetsEncrypt notifications.

persistence

Configuration for persistence (volumes). It's recommended to keep this enabled if cluster has working PersistentVolumeClaim configuration in place.

  • enabled - does installer use PersistentVolumeClaims for storage. Default: true.
  • storage_class - StorageClass to use for PersistentVolumeClaims. Set to empty string to use default StorageClass. Default: "".

charts

  • enabled - is Helm Chart UI enabled. Default: true.
  • repositories - list of Helm Chart repositories. Default:
      - name: stable
        url: https://kubernetes-charts.storage.googleapis.com
      - name: gitlab
        url: https://charts.gitlab.io
      - name: jfrog
        url: https://charts.jfrog.io
      - name: harbor
        url: https://helm.goharbor.io
      - name: mattermost
        url: https://helm.mattermost.com
    

metrics

Metrics related settings.

metrics:
  replicas: 1
  persistence:
    size: 5Gi
    storage_class: ""
  tolerations: []
  node_selector: []
  retention:
    time: 30d
    size: 1GB
  node_exporter:
    enabled: true
  kube_state_metrics:
    enabled: true
  alert_managers: []
  • replicas - number of Prometheus replicas. Default: 1.
  • persistence.size - PersistentVolumeClaim size. Default: 5Gi.
  • persistence.storage_class - StorageClass to use for PersistentVolumeClaims. Set to empty string to use default StorageClass. Default: "".
  • tolerations - array of tolerations for Prometheus deployment.
  • node_selector - node selector (map) for Prometheus deployment.
  • retention.time - determines when to remove old data. Default: 30d.
  • retention.size - configures the maximum number of bytes that storage blocks can use. The oldest data will be removed first. Default: 1GB.
  • node_exporter.enabled - true or false. Is Node Exporter DaemonSet enabled. Disable this only if you already have Node Exporter deployed. Default: true.
  • kube_state_metrics.enabled - true or false. Is Kube State Metrics enabled. Disable this only if you already have Kube State Metrics deployed. Default: true.

authentication

NOTE: Authentication connectors only work if Kubernetes installation supports OIDC configuration. For example Google GKE and Amazon EKS does not support this.

OIDC identity provider configuration. Without authentication connectors Kontena Lens will accept only tokens at login.

authentication:
  connectors: []
  • authentication.providers - array of identity provider configurations. See authentication docs for full reference.

addons

Addons are essential cluster components for Lens to work properly. You don’t need to enable these if your Kubernetes cluster has the same functionality already configured.

  • aws-gp2 - Storage class configuration for Amazon EKS.
  • aws-calico-policy - NetworkPolicy engine (Calico) for Amazon EKS
  • cert-manager - Cert-manager for issuing Let's Encrypt certificates
  • ingress-nginx - Ingress-NGINX controller
    • kind - ingress-controller kind, Deployment or DaemonSet. Default: Deployment.
    • deployment.replicas - replica count (applicable only if kind=Deployment). Default: 2.
    • configmap - configmap contents.
    • tolerations - deployment tolerations. Given as array of standard toleration objects.
    • node_selector - deployment node selector (map), deploys ingress only to matching nodes.
    • service.external_traffic_policy - external traffic policy for service (applicable only if kind: Deployment).

results matching ""

    No results matching ""