Mobile Kubernetes Troubleshooting on Ios with K9s

k9s provides a functional iOS client for Kubernetes troubleshooting with logs, shell access, and pod restarts.

JR

2 minute read

k9s provides a functional iOS client for Kubernetes troubleshooting with logs, shell access, and pod restarts, though with some usability tradeoffs.

Platform engineers need mobile tools for cluster diagnostics when away from desktops. iOS options are limited, but k9s fills critical gaps with console access, real-time logs, and exec capabilities via a web interface. Here’s how to deploy and use it effectively.

Actionable Workflow

  1. Deploy k9s in web mode:
    Run k9s as a web server in your cluster:

    k9s --mode web --config ~/.kube/config

    Expose it securely via ingress or port-forward:

    kubectl port-forward deploy/k9s 8080

  2. Access from iOS Safari:
    Connect to the web URL (e.g., http://localhost:8080 via SSH tunnel or internal DNS).

  3. Navigate cluster resources:

    • Use the TUI-like web interface to browse pods, nodes, and services.
    • Click pods to view logs, exec into containers, or restart deployments.

  4. Persist configuration:
    Store contexts and preferences in ~/.k9s/config for reuse.

Policy Example: k9s Configuration

Sample ~/.k9s/config snippet for restricted access:

clusters:  
  - name: prod-cluster  
    user: read-write-user  
    namespace: monitoring  
preferences:  
  - name: logs  
    columns: ["status", "restarts", "age"]

Tooling

  • k9s-web: Primary choice for iOS. Lightweight, no native app required.
  • Lens: Commercial iOS app with polished UI, but requires cluster exposure.
  • kubectl over SSH: Fall back to terminal apps (e.g., Termius) for raw kubectl commands.

Tradeoffs

  • k9s-web: Requires setup (TLS, auth) and isn’t optimized for touch interfaces.
  • Lens: Easier for iOS but introduces licensing costs and cluster connectivity complexity.
  • Security: Avoid public exposure of k9s endpoints; use VPNs or zero-trust proxies.

Troubleshooting

  • Connection refused: Verify port-forwarding or ingress rules. Check firewall rules.
  • RBAC errors: Ensure the kubeconfig user has get, list, and patch permissions for core APIs.
  • Slow UI: Reduce log output verbosity in k9s config or upgrade device hardware.
  • Cert issues: Update kubeconfig with valid certificates if encountering TLS errors.

For urgent mobile access, k9s-web is the most practical balance of capability and maintainability. Native iOS apps exist but often lack depth or introduce operational debt. Prioritize securing the connection and limiting permissions to mitigate risks.

Source thread: Is there a good Kubernetes client for iOS? Mainly need logs, shell, restart pods

comments powered by Disqus