Cluster Agent
SkyU Console allows you to connect to an existing Kubernetes Cluster. This works by installing the SkyU Agent on the Kubernetes Cluster. The SkyU Agent is a lightweight agent that runs on the Kubernetes Cluster and communicates with the SkyU Console. The agent is responsible for syncing the Kubernetes Cluster state with the SkyU Console.
Agent Connection
Agent establishes a secure connection with the SkyU Console using a secure token. The token is generated by the SkyU Console and is unique to each Kubernetes Cluster. The token is used to authenticate the agent with the SkyU Console.
The Cluster can be completely private and Agent only requires an outbound 443 connection to the SkyU Console. The agent does not require any inbound connections to the Kubernetes Cluster.
All Agent to SkyU Console communication is encrypted using TLS. In addition, the data itself is encrypted using a secure key unique to each Kubernetes Cluster.
More information on how to connect a Kubernetes Cluster to SkyU can be found in the Clusters section.
Kubernetes Resource Heirachy
The following diagram depicts the high-level resources and their relationships in the SkyU Agent Deployment.
Kubernetes Shell
SkyU Console provides a Kubernetes Shell that allows you to interact with the Kubernetes Cluster directly from the SkyU Console. The Kubernetes Shell is a web-based terminal that allows you to run kubectl commands on the Kubernetes Cluster.
Shell can only be accessed if the User is given shell permissions at project level or environment level at SkyU RBAC level. When the user is given shell permissions, automatically SkyU Creates roles and rolebindings in the Kubernetes Cluster to provide access to the user.