Browse

The Browse pane provides an application view to let you quickly locate resource usages related to an application.

Namespace

In the Browse pane, the first column is Namespace. It categorizes different namespaces into User Projects and System Projects.

• User Projects:
  Include each user's independent namespace. Namespaces prefixed with user-space are built-in applications for users. Those prefixed with user-system are user-related system programs or components, typically TAPR components, scheduling and proxy programs for cross-application interaction within a user's applications.

• System Projects:
  Include the core applications of the Terminus OS system cluster, along with system-level service programs. For instance, within os-system, there are a Middleware database that serves the entire cluster, a system-level Vault application, and Authelia, a cluster-wide SSO service.

TIP

Member can only see projects under their own User Projects, while admin can see projects under System Projects as well as projects under all user's namespaces.

Project Resources

Terminus organizes project resources using a three-column layout for easy navigation and management.

Click on a namespace to expand the middle column that contains all resource types within the namespace. These resources include Workload, Service, ConfigMap, Secret, and ServiceAccount for applications.

Clicking on any resource name will expand its detailed information in the third column. The details may vary depending on the type of resource.

Workloads

In Terminus OS, Workloads represent applications running on your Terminus OS cluster. They correspond to three primary resource types in Kubernetes:

• Deployment
  Deployment is the most common workload type in Kubernetes. It automatically generates a ReplicaSet to schedule and generate Pods, creating more Pod replicas for horizontal scaling.

• StatefulSet
  StatefulSet is typically used to deploy stateful Pods, such as Pods for databases, distributed file storage, or in-memory caching. With StatefulSet, each Pod may hold different data, resulting in Pods with different states. Therefore, StatefulSet often schedules Pods sequentially.

• DaemonSet
  A DaemonSet schedules and runs only one Pod on each node. In other words, the number of Pods generated by a daemon set is usually equal to the number of nodes. Therefore, DaemonSet is also used for node-specific hardware operations.

View Resource Details

Click on a workload resource to view the details of a deployment, the content is as follows:

Section	Description
Details	Number of Replicas: Desired number of Pod instances Namespace: Namespace of the workload Creation Time: Timestamp of creation
Pods	Pod List: Name, Status, Node, IP Address, CPU/Memory Charts Revision Records Button: Click to view history of Pod scheduling changes Refresh Button: Click to manually update Pod status
Ports	Lists all exposed port collections from the workload's Pod containers: Name: Port collection name Protocol Type: TCP/UDP Port Number: Port number
Environment Variables	Environment variables defined at the workload level in the Pod template
Labels	Configured in the workload metadata; Used for controller management coordination in Terminus OS. Can also act as indexes for filtering and selecting resources in Kubernetes
Annotations	Similar to labels but more flexible and character range. Serve as a tool for controllers to manage workloads
Events	Log of events related to the workload within the latest one hour, often showing Pod scheduling status. Click the Refresh button to get the latest updates

You can click on the name of a Pod to learn the detailed information of a Pod, as shown in the table below:

Section	Description
Details	Contains basic information about the Pod - Namespace: The Pod's namespace - Status: Current running state - Restart Count: Number of times the Pod has restarted - IP Address: Network address - Creation Time: Timestamp of creation
Containers	A list of containers within the Pod - Name: Container's name - Status: Current running status - Exposed Ports: Ports accessible from outside the Pod - CPU/Memory Charts: Visualizations of resource usage - Logs: Click to access Pod logs - Terminal: Click to open a terminal session within the container (only for containers in your namespace)
Volumes	Persistent volumes configured for the Pord - Name: Volume's name - PersistentVolumeClaim: The associated PersistentVolumeClaim - Local Path: Directory where the volume is mounted inside the Pod
Environment Variables	Environment variables defined for the Pod
Events	Chronological log of events related to the Pod

Modify Pod Replicas

To modify the number of running Pod replicas:

1. In the resource details page, locate the number of Pod replicas at the top.

2. Adjust the number of Pod replicas using the + or - button.

   

WARNING

Many applications in Terminus OS do not support multi-replica mode. Increasing the number of replicas for these Pods may cause exceptions. Therefore, it's important to read the documentation thoroughly and adjust the number of replicas with caution.

Edit the YAML File

To edit the YAML file of the current workload:

1. In the upper right corner of the resource details page, click the More Options menu.

2. Click the Edit YAML option to open the Edit YAML window.

3. Edit the YAML configuration of the workload as needed.

4. Click OK to save your changes and apply them.

   

Secrets

The Secrets section stores sensitive data like passwords, credentials, and key configurations. In Kubernetes, this data is Base64 encoded by default.

Expand the Secrets section in the second column to see the all secrets under the application's namespace. Click an item to view the details:

• Details: Displays the basic information of the secret, including the namespace it belongs to and the creation time.
• Data: This section displays the Data Key and Data Value of the secret.

TIP

The Data Value shown by default is the Base64 encoded. You can click the preview button at the top right of this section to see the original text.

ConfigMap

The ConfigMap section has a structure similar to Secrets. However, the content stored in the ConfigMap is saved in plaintext.

Likewise, you can expand the ConfigMaps section in the second column to view the details of the ConfigMaps under the application's namespace:

• Details: Shows the basic information of the ConfigMap, including the namespace and creation time.
• Data: Displays the Data Key and Data Value of the ConfigMap.

Service Account

Service Accounts is a Kubernetes mechanism to authenticate cluster container applications, enabling their access to cluster resources managed by Kubernetes.

Each Service Account is linked to a Secret. This Secret includes the Service Account's CA certificate, Namespace, and Token.

You can expand the second column on the Service Accounts section to view all the Service Accounts under the application's namespace. Click an item to access the details page:

• Details: Shows the basic information of the Service Account, including the namespace it belongs to, creation time, etc.
• Data: Displays the Data Key and Data Value of the Secret linked to this Service Account.
• Kubeconfig Settings:
  It is the kubeconfig configuration automatically generated by this Service Account. Developers can download this configuration and incorporate it into an application within the container. Alternatively, an application in the container can read the Service Account configuration injected by Kubernetes at /var/run/secrets/kubernetes.io/serviceaccount/.

Services

Services expose network applications running on a single or a group of Pods as network services. They distribute traffic based on defined Selectors.

A Selector uses Labels to filter and select Pods. Essentially, a Service acts as a virtual IP (VIP) that directs traffic to a single Pod or a group of Pods.

Expand the Services section in the second column to view all the Services` under the namespace of the current application. Click a service item to see the details page.

Section	Description
Details	Shows basic information of the Service, including its namespace, creation time, selector, virtual IP, type, and DNS address
Workloads	Lists workloads selected by the Service's selector, including name and status
Ports	Displays exposed ports, including port number, protocol, and upstream destination port number
Pods	Lists Pods selected by the Service's selector, including name, node, IP address, and recent CPU and memory charts. An empty list may indicate a Service issue
Labels	Shows the Service's labels.
Annotations	Displays the Service's annotations
Events	Lists events related to the Service