Olares

English

简体中文

English

简体中文

Appearance

Manage resource configurations

This guide explains how to view and manage resource configurations in Olares using Control Hub. You can access resources in two ways:

  • Namespaces view: Focused on resources within a specific namespace (e.g., Secrets, ConfigMaps, Service Accounts, Services).
  • Resources view: Aggregated by type across the cluster (e.g., Storage, Network, Jobs, CRDs).

Namespace view

Under each namespace, you can find resources such as Secrets, ConfigMaps, Service Accounts, and Services.

View Secrets

The Secrets section stores sensitive data like passwords, credentials, and key configurations. In Kubernetes, this data is Base64 encoded by default.

To view Secrets:

  1. In the left navigation, click Browse.
  2. In the Browse panel, expand the target namespace.
  3. In the second column, click to expand Secrets, then select an item to view details.

Secrets

Details include:

  • Info: Cluster, namespace, creation time, and secret type.
  • Data: Key/value pairs (values shown in Base64 by default. Click the visibility button to decode).

Click the edit_square button in the top-right corner to edit the YAML configuration of the secret.

View ConfigMaps

ConfigMaps stores environment variables, startup parameters, and configuration files for the namespace. Its structure is similar to Secrets. However, the content is saved in plaintext.

To view ConfigMaps:

  1. In the left navigation, click Browse.
  2. In the Browse panel, expand the target namespace.
  3. In the second column, click to expand ConfigMaps, then select an item to view details.

ConfigMaps

Details include:

  • Info: Namespace, creation time.
  • Data: Config keys and values (stored in plain text).

Click the edit_square button in the top-right corner to edit the YAML configuration of ConfigMaps.

View Service Accounts

Service Accounts is a Kubernetes mechanism to authenticate container applications, enabling their access to cluster resources managed by Kubernetes.

Each Service Account is linked to a Secret. This Secret includes the Service Account's CA certificate, Namespace, and Token.

To view Service Accounts:

  1. In the left navigation, click Browse.
  2. In the Browse panel, expand the target namespace.
  3. In the second column, click to expand Service Accounts, then select an item to view details.

Service accounts

Details include:

  • Info: Basic information such as namespace and creation time.
  • Data: Key/value pairs of the secret linked to this service account.
  • KubeConfig settings: The KubeConfig configuration automatically generated by this Service Account. Developers can download this configuration and incorporate it into an application within the container. Alternatively, an application in the container can read the Service Account configuration injected by Kubernetes at /var/run/secrets/kubernetes.io/serviceaccount/.

Click the edit_square button in the top-right corner to edit the YAML configuration of the service account.

View Services

Services expose network applications running on a single or a group of Pods as network services. They distribute traffic based on defined Selectors.

A Selector uses Labels to filter Pods. Essentially, a Service acts as a virtual IP (VIP) that directs traffic to a single Pod or a group of Pods.

To view Services:

  1. In the left navigation, click Browse.
  2. In the Browse panel, expand the target namespace.
  3. In the second column, click to expand Services, then select an item to view details.

Services

Details include:

  • Properties: Namespace, creation time, selector, virtual IP, etc.
  • Workloads: Workloads selected by the service.
  • Ports: All exposed ports.
  • Pods: Selected Pods and their status.
  • Labels/Annotations: Metadata for the service.
  • Events: Related system events.

Click the edit_square buttons in the top-right corner to:

  • Edit YAML: Change the Service configuration by editing its YAML file.
  • Edit external access: Set the method for accessing the service from outside the cluster.

Resources view

Beyond namespace-specific entries, you can also view resource configurations by type in the Resources section. This section aggregates cluster resources by category, providing cross-namespace comparison and cluster-level troubleshooting. Supported types include:

Resource typeDescriptionCommon use cases
StorageLists all Persistent Volume Claims (PVCs)
for managing application storage.		Debug mounts, check quotas, or troubleshoot storage
NetworkDisplays namespace network policies that
define ingress/egress rules.		Troubleshoot entrance connectivity or validate security
JobsManage one-time or scheduled (Cron) tasks,
track execution history.		Monitor scheduled tasks or review job runs
CRDsLists all Kubernetes Custom Resource Definitions
powering Olares features.		Inspect system extensibility or debug CRDs

Manage Storage Volumes

Navigate to Resources > Storage in the left sidebar to view the list of persistent volume claims (PVCs) in your Olares cluster. You can filter PVCs by namespaces, status, or search by name.

Storage

PVC details include:

  • Name: The unique identifier of the PVC.
  • Status: The PVC status, including Bound, Lost, and Pending.
  • Access mode: Common modes are ReadWriteOnce (RWO), ReadOnlyMany (ROX), and ReadWriteMany (RWX)
  • Mount status: Whether the volume is mounted to a pod.
  • Creation time: The time when the PVC was created.

Click the more_vert icon on the right side of a PVC entry to perform these actions:

  • Edit Info: Modify the PVC's metadata, such as its name or labels.
  • Edit YAML: Edit the PVC's configuration in the YAML editor.

Caution

Editing or deleting PVCs may affect dependent applications or cause data loss. Proceed carefully.

View Network Policies

Navigate to Resources > Network in the left sidebar to access the network policy details page for a specific namespace.

Network

  • Ingress rules: Only allow traffic to enter from Pods within the same namespace that match the specified conditions in the label-matching rules.

    • Within a single rule: All label conditions use AND logic and must be met.
    • Between rules: Multiple rules use OR logic, and traffic is allowed if it satisfies any one of the rules.

  • Egress rules: The logic is similar to ingress rules; used to control which traffic is allowed to leave the namespace.

Click the visibility button in the top-right corner to view the YAML definition of the policy.

View Jobs

Navigate to Resources > Jobs in the left sidebar to view the execution history, scheduling, and status of both one-time and cron (scheduled) jobs within your cluster.

View CRDs

Navigate to Resources > Jobs in the left sidebar to access the Custom Resource Definitions (CRDs) page.

CRDs

For each CRD, you can see:

  • Details: Basic info such as name, group, scope, and creation time. There are two types of CRD scopes.
    • Namespace: Custom resources belong to a namespace.
    • Cluster: Custom resources are unique at the cluster level (e.g., Namespace itself).
  • Custom Resources: A list of all resources under the CRD, including names and creation times.

Click the more_vert button on the right side of the custom resource entry to perform these actions:

  • Edit YAML: Edit the custom resource's configuration in the YAML editor.
  • Delete: Delete the custom resource.