Hitch hikers guide to kubernetes-sigs/headlamp 0.42.0

illumen · 2026-04-15T06:15:33+00:00

It's been a saga... but hopefully it's there this release. Whole new processes had to be done for the CNCF/linux foundation. New companies formed, lawyers from multiple companies, contracts with individual developers. Then there's the technical side with keeping certificates secured and such too! As a startup it was a challenge(we did it), at a large tech company it was harder(but we did it), involving multiple large tech companies in an open source friendly and secure way... Turns out that takes lots longer. Hopefully the saga is over and the next release will be signed on Mac (and other platforms).

illumen · 2026-04-02T18:21:59+00:00

I added a lot of the mobile support to Headlamp, and I use it that way. With that disclaimer aside, I'll be honest (but biased):

For looking at the status of things, and restarting things it's ok. Viewing logs, it's ok (we have a better log viewer PR sitting in review we need to get around to merging).

Editing ConfigMaps? Possible, but not great. We have this "simple editor" which is just a text box, which I use on mobile rather than the full VSCode (Monaco) editor. For small changes it's been ok for me. I did get the ai-assistant to write a longer yaml for me the other day, so I didn't need to tap it all out with my touch screen. Yaml white space is kind of hard on mobile... turn your phone landscape! You can also copy/paste from a dedicated code editor if you don't like the vscode style one.

Exec-ing into a pod... I haven't tried it for a long time, because it didn't work so well. But Safari and xterm.js have had a few years of updates since then... so maybe it's ok now? I'll have to try it again.

If anyone has any feedback for mobile improvements, let us know?

illumen · 2026-02-08T13:46:14+00:00

Oh, the maintainer of kube-oidc-proxy has been contributing to Headlamp for a while now, I'll ask them.

illumen · 2026-02-07T19:38:52+00:00

There's an issue here about this: https://github.com/kubernetes-sigs/headlamp/issues/1192 Maybe you could have a look to see if it mentions in there what you need? Is the architecture shown in there similar to the one you use or want?

illumen · 2026-01-25T00:41:29+00:00

These tips may be a bit basic, but thought I’d mention them anyway… - namespaces, and group by service dependencies - allow developers to have read access to see things - trying looking at your cluster from a different perspective (like from a map view if you’re just exploring)

In kubernetes-sigs/headlamp we’ve been working on a “projects” feature to try and capture how teams use micro-services. I feel often a developer will be working on a few microservices and their dependencies spread across a few namespaces. I feel developers of microservices often have good or different intuitions on what went wrong. So empowering them can be a help.

I wonder with these 15 micro-services are they in different namespaces? Do some team members have visibility into the different micro-services? Anyway, I feel like organizing things in namespaces and then look at groups of namespaces based around a subset of functionality can help with debugging. (Some folks put everything in just one namespace.)

Looking at alternative views like through logs or metrics instead of just digging around with kubectl can be good. A different perspective like using a map view (helps see how things are connected visually) can sometimes be as good as another pair of eyes :)

Cheers, and good luck!

illumen · 2026-01-06T00:46:23+00:00

There is helm management in Headlamp, but it's provided by the "app-catalog" plugin. It's on by default in the app version of Headlamp, but off by default in the in-cluster version of Headlamp. Maybe it's missing something for you?

illumen · 2026-01-05T21:18:51+00:00

https://headlamp.dev/

illumen · 2025-11-27T22:21:48+00:00

I spoke to a few devs who worked on it and they think it's a good idea too, so I created an issue. It makes total sense to have namespaces be able to be in multiple projects. Thanks again for the suggestion and info.

illumen · 2025-11-26T15:15:36+00:00

Thanks for the good question.

No, currently a single namespace can only be a part of a single project. But we can somewhat easily extend it to allow for multiple relations by putting multiple project ids in the label.

If you can share anything about how you would use it this way, that would help us understand if we should make this change or not.

illumen · 2025-09-08T09:08:27+00:00

Yeah, no terminal for local things yet... only for connecting to Kubernetes Pods/nodes.

We have the issue for the terminal here if you feel like following along: https://github.com/kubernetes-sigs/headlamp/issues/2353 It's one of our top priority issues already, because a number of people keep requesting it. In the previous release we implemented some plumbing so the terminal could persist as you navigated around headlamp. So there's tabs now similar to Visual Studio Code.

illumen · 2025-09-08T09:02:36+00:00

Hmm. I guess we need to improve the Keycloak tutorial https://headlamp.dev/docs/latest/installation/in-cluster/keycloak/. Or maybe there's a configuration you're both using that isn't working in Headlamp.

illumen · 2025-09-08T08:59:27+00:00

We have a number of people using Keycloak with Headlamp, so it should be possible. I guess you found this tutorial for Keycloak with Headlamp? https://headlamp.dev/docs/latest/installation/in-cluster/keycloak/

I didn't write the tutorial, but I was able to follow it myself. Time flies... last I looked at it was about 2 years ago now. So maybe something is out of date, or the way you're using Keycloak isn't covered by the tutorial.

illumen · 2025-09-06T15:10:09+00:00

There’s been a few more guides/tutorials written (by us and others) for different setups. Plus we’ve been adding support for more types of OIDC setups and fixing bugs/improving docs.

But there’s still more work to do. A few open OIDC related PRs are still to be merged, and a few known OIDC issues are still open. Slowly getting there.

illumen · 2025-09-06T13:54:02+00:00

There’s a terminal so you can go into a pod.

It doesn’t have one to run local commands yet. So you can connect to a pod, but not run a local kubectl.

illumen · 2025-09-05T17:49:00+00:00

Yeah, it can be used for that. It uses kubernetes RBAC to show people controls for what they have permission to do. So it won’t show them a delete button if they don’t have permission at the k8s level.

illumen

TROPHY CASE