Terminal Access
Atmosly provides a built-in web terminal that allows you to execute commands directly on pods within your Kubernetes cluster — without needing local kubectl access.
Overview
The terminal feature provides secure, audited shell access to your cluster's pods through the Atmosly console. Each terminal connection creates a tracked session with full audit logging.
Starting a Terminal Session
- Navigate to the desired Cluster.
- Go to the Pods section or select a specific workload.
- Click on the Terminal icon next to the pod you want to connect to.
- Select the Namespace, Pod, and Container (if the pod has multiple containers).
- A web-based terminal session opens with shell access to the selected container.
Session Management
Each terminal session is tracked with the following details:
| Field | Description |
|---|---|
| Session ID | Unique identifier for the terminal session |
| Cluster | The cluster the session is connected to |
| Namespace | Kubernetes namespace of the target pod |
| Pod | Name of the connected pod |
| Container | Specific container within the pod (if multi-container) |
| User | The Atmosly user who initiated the session |
| Cluster Type | Whether the cluster is public or private |
| Status | Active or expired |
| Last Activity | Timestamp of the last interaction |
Session Expiration
- Sessions have a configurable expiration time.
- Idle sessions (no activity for 5 minutes) are automatically flagged.
- Expired sessions are terminated and cannot be resumed.
Audit Logging
All terminal sessions are fully audited. The following actions are recorded:
| Action | Description |
|---|---|
connect | User connected to the terminal session |
disconnect | User disconnected from the session |
command_executed | A command was executed in the terminal |
resize | Terminal window was resized |
Each audit log entry includes:
- User who performed the action
- Cluster and Pod targeted
- Command executed (if applicable)
- IP Address of the user
- User Agent of the browser
- Timestamp of the action
Viewing Audit Logs
- Navigate to the cluster.
- Go to the Terminal section.
- Click Audit Logs to view the history of all terminal sessions and commands executed on the cluster.
Private Cluster Access
For private clusters (where the API endpoint is not publicly accessible), terminal sessions are routed through the ops-agent installed in the cluster. Ensure the ops-agent is running and connected for terminal access to work on private clusters.
Permissions
Terminal access is controlled through Atmosly's permission system. Users must have appropriate cluster access permissions to open terminal sessions.