Cloud Shell

    • Watch the logs of the application.
    • Open the shell TTY of the application instance.
    • Upload and download files from the shell environment.

    This operation needs to have the permission of the addon management.

    On the UI top right, there is a cloud shell button. Users can open the cloud shell environment by clicking it. By default, all users have permission to open the cloud shell. If you want to disable this feature for some users, you could create a new platform role that has permission. Bind this role to the user, who you want to disable.

    After connected to the cloud shell environment, you could exec to get the help message. In the console, users have some permissions(Kubernetes RBAC) that auto-grant base the permission in the UI. there are some rules:

    1. If you have the permission, you are allowed to do anything in the cloud shell environment.
    2. If you have the permission in the projects, you could have all permissions of the Application in the namespace that belongs to the project.
    3. If you have the permission in the projects, you will only have the read permission of the Application in the namespace that belongs to the project.

    When you want to debug the application runtime, using the container console could be pretty helpful. In KubeVela, this feature is one of the common use cases of the cloud shell. After clicking the button, you will open a dialog window and see the command line. You can copy the commands and execute them in the cloud shell.