Help Center> Cloud Container Engine> User Guide> Old Console> Add-ons> web-terminal
View PDF

web-terminal

The web-terminal add-on is a lightweight terminal server that allows you to use kubectl on the web UI. It provides a remote command-line interface (CLI) via web browser and HTTP, and can be easily integrated into an independent system. You can directly access the add-on as a service to obtain information and log in to a server through cmdb.

web-terminal can run on all operating systems supported by Node.js and does not depend on local modules. It is fast and easy to install and supports multiple sessions.

Open source community: https://github.com/rabchev/web-terminal

Notes and Constraints

  • This add-on can be installed only in clusters of v1.9 or later. Kunpeng clusters are not supported.
  • This add-on is currently in the beta phase. Cloudshell will replace this add-on in the future.
  • When installing web-terminal to use kubectl, you must log in using your cloud account or as an IAM user with the CCE Administrator permission. For details about how to control the kubectl permission, see Controlling web-terminal Permissions.
  • This add-on can be deployed only on x86 nodes. On Kunpeng nodes, you can directly connect to your cluster through kubectl.
  • The web-terminal add-on can be used only after coredns is installed in a cluster.

Precautions

The web-terminal add-on can be used to manage CCE clusters. Keep the login password secure to prevent unexpected operation.

Installing the Add-on

  1. Log in to the CCE console. In the navigation pane, choose Add-ons. On the Add-on Marketplace tab page, click Install Add-on under web-terminal.
  2. On the Install Add-on page, select the cluster and the add-on version, and click Next: Configuration.
  3. On the Configuration page, set the following parameters:

    • Username: The default value is root and cannot be changed.
    • Password: password for logging in to web-terminal. Keep secure the password. The web-terminal add-on can be used to manage CCE clusters. Keep the login password secure to prevent unexpected operation.
    • Confirm Password: Enter the password again.
    • Access Type
      • NodePort: The web-terminal add-on is accessed in the NodePort mode by default and can be used only if any node in the cluster has an EIP. If this access type is selected, an EIP must be bound to the cluster where web-terminal will be installed.
      • LoadBalancer (ELB): If this access type is selected, an ELB must be selected. If no load balancer is available, create a shared load balancer and click the refresh icon. Ensure that the load balancer you select or create is in the same VPC as the cluster and routes requests over the Internet.
    • Port Settings: mandatory if the access type is LoadBalancer (ELB).
      • Protocol: The value is fixed to TCP.
      • Container Port: port on which the workload in the container image listens. The default value is used and cannot be replaced by another value.
      • Access Port: port mapped to the container port at the load balancer's IP address. The workload can be accessed at <Load balancer's IP address>:<Access port>. The port number range is 1–65535.

  4. Click Install.

    After the add-on is installed, click Go Back to Previous Page. On the Add-on Instance tab page, select the corresponding cluster to view the running instance. This indicates that the add-on has been installed on each node in the cluster.

Connecting to a Cluster Using the web-terminal Add-on

Method 1

  1. Log in to the CCE console. In the navigation pane, choose Resource Management > Clusters.
  2. Click Command Line Tool > web-terminal to go to the add-on instance details page.

    Figure 1 Using web-terminal to connect to a cluster

  3. Click the hyperlink in the Access Address field to access the add-on.

    Figure 2 Access address of the web-terminal add-on

Method 2

  1. Log in to the CCE console. In the navigation pane, choose Add-ons.
  2. In the Add-on Instance tab page, select the cluster where the add-on is located and click web-terminal.
  3. Click the hyperlink in the Access Address field to access the add-on.

Controlling web-terminal Permissions

After web-terminal is installed, kubectl uses the ClusterRole cluster-admin by default and can operate Kubernetes resources in the cluster. If you need to manually change to another ClusterRole, you can run kubectl edit clusterrolebinding web-terminal to modify the web-terminal ServiceAccount.

For details about ClusterRole and ClusterRoleBinding, see Namespace Permissions (Kubernetes RBAC-based).

  • Manually configured web-terminal permissions could be reset after the web-terminal add-on is upgraded. You are advised to back up the configurations before the upgrade.
  • Before using kubectl to modify ClusterRoleBindings, ensure that kubectl has been configured with the required permissions.

Upgrading the Add-on

  1. Log in to the CCE console. In the navigation pane, choose Add-ons. On the Add-on Instance tab page, click Upgrade under web-terminal.

    • If the Upgrade button is not available, the current add-on is already up-to-date and no upgrade is required.
    • During the upgrade, the web-terminal add-on of the original version on cluster nodes will be discarded, and the add-on of the target version will be installed.

  2. On the Basic Information page, select the add-on version and click Next.
  3. Set the parameters by referring to the parameter description in Installing the Add-on and click Upgrade.

Uninstalling the Add-on

  1. Log in to the CCE console. In the navigation pane, choose Add-ons. On the Add-on Instance tab page, click Uninstall under web-terminal.
  2. In the dialog box displayed, click Yes to uninstall the add-on.
Parent topic: Add-ons