I love lens for my work and also for my homelab! It reduces me the stress of trying when troubleshooting something, and you don't remember the exact command you need. I've also recommended it to new k8s admins. I've been always thought about using portainer as I've used it only with docker, and it's also a great tool. Will try in my homelab for sure!
We have rancher installed at work , it's quite a complex system the only thing that i don't like it's how bloated the cluster becomes once installed but that's probably because we are not using it as they recommend it, and that is to have your management cluster where rancher is installed and have separate workload clusters :)) , we also have it integrated with our Google Workspaces account but will probably switch it to Active Directory
Be prepared for a wild ride with AD. We had major problems with LDAP auth, some users just weren't able to login for no apparent reason... I opened a bug request but everyone seemed to ignored it. Maybe it works now but we settled for Keycloak that was connected to AD. That worked well!
I've used portainer and lens for some reasons, yes lens is good for home lab server with limited resources like raspberry pi or may be server with small resources like my home lab server and I like portainer since I known docker, thanks for always making content like this sir. sorry my english bad
I have hyped Portainer for the reasons you mentioned with Rancher. Thanks for drawing my attention to Lens as that look like a great balance. I also want to give K9S a go just because. This was an excellent rundown. As always thanks another great video.
Another tool I like is stern. It is for tailing logs. What I like about it is that I can use selectors to display the logs for all pods in a deployment and use since so get just the most recent logs while tailing. Don’t know about newer version of kubectl but it wasn’t able to do all three at the same time the last time I tried and now use stern exclusively.
@@ThePapanoob You may be able to now but in the past I was not able to use ‘since’ and ‘follow’ together which meant I had to wait as it scrolled through all the logs to get to the end. It wasn’t just the time but it also cleared the scroll back buffer on my terminal. Another feature I like is that it prefixes each line with the pod name when displaying logs from multiple pods. If you like kubectl, stay with it since sticking with one tool is a lot easier. I wasn’t. Also stern is not the only third party tool for looking at Kubernetes logs. Just the fact that there are alternatives implies that kubectl is less than optimal for many people.
Using Rancher from some time and it's quite good to manage Multiple Kubernetes Clusters very smoothly & Rancher also has built in central GitOps with project Fleet
Great video and I agree on all points you have mentioned. One thing I would like to ask is what shell you are using on mac? How do you get the auto-complete to show up and the colour scheme. Would appreciate if you can reply.
Pity Lens is not being offered with a tablet/smartphone platform in mind as well, the download section only lists MS exes, linux rpm/deb/appimage/snap and macos dmg... while dropping the graphical UI from the cluster to a desktop app releases the resources on the nodes for actual work, users typically want to be able to use/monitor/manage the cluster from any device. If the UI is baked in into the kubernetes distribution or the node OS, you only need a device with a browser to work with the cluster.
would Harvester HCI be applicable here? I just found out about the platform recently. I'm interested in how it differs from setting up proxmox > vms > portainer / rancher > kubernetes
I’ve used rancher in the past but currently I’m using lens and of course kubectl Longhorn is amazing BTW, I use it exclusively for my cluster PVC’s at the moment
Longhorn has a very major flaw … if you have a power outage. When the pods come back up they don’t auto fsck. You might need to fix every single volume manually with an fsck -y, they don’t do this for you automagically. I wrote a cronjob to just look at syslog and auto repair any volumes that show up requiring an fsck on mount (as long as they are longhorn volumes)
IMO, Rancher is just too buggy for long term usage. I use it for years and every year ran into major problem and have to rebuild my cluster from time to time. I ended up dropped it for my homelab setup
@@LampJustin that's why I moved to rke2+fluxcd v2+lens. I am start seeing rke2 not that stable either.... so might ditch it for Talos or something. But I need a way to run nebula overlay VPN and yet find a way to do it right.
@@admun yeah that's why I just use kubeadm based systems like kubespray, clusterapi and Talos. That's the most stable you can get. It's what almost everybody uses. Nebula is pretty cool. If you don't rely on it too heavily, you can use Talos and it's WireGuard based mesh.
I have been using K9S at work were I don’t have WUI or GUI and really like it. I don’t think that the lack of ability to create resources as a drawback. I have been frustrated with tools like Portainer that “own” your resource definitions. Once you create the resource using their tool, you can’t export it and use it outside of their tool. I use Portainer at home but never to create or edit my resources so I own my configuration.
@@borntoexcel14 I don’t create resources with K9S or Portainer. At home I don’t worry about supporting multiple environments so a simple YAML file with related resources works well. I also experimenting with Ansible for Docker. At work I am working with deployed resources. The biggest differences are in configuration/secrets and scale. I have tried Terraform and CloudFormation. Currently we are using Jenkins to provide environment specific properties. As a developer I find it very enjoyable to come up with complex solutions but in the end, they don’t add value. They just add complexity that you need to deal with in the middle of the night. The other issue with complex solutions is that no one else wants to touch it so you own it and can’t move on to new projects.
There is also fish shell and other fish like extensions for other terminals (zsh etc) that arent dependent on specific terminal emulator, but not quite as fancy either. It will inline hint out suggestions or history, depending on how you have it configured. if you are using kubectl, make sure you setup kubectl autocomplete for the shell you use. zsh/oh-my-zsh has autocomplete plugins for kubectl that will query the k8s api and autosuggest things relevant to your current cli query. ergo, if you are typing "kubectl exec -it " and double tab, it will discover the pods in the current contexts namespace, and suggest them for you for autocompletion.
OpenLens > Lens None of that Mirantis commercial crap packaged into it. No forced account creation, etc. We use OpenLens at work, it just hooks kube config, and AWS EKS cli just adds cluster and user profiles to kube config, so it picks it up just fine. Not sure why you would need AD integration with OpenLens when OpenLens is not an auth mechanism itself, it just hooks existing mechanisms through kube config. Unfortunately, there are no "official" builds of OpenLens since Mirantis bought/funded the OpenLens team, as Mirantis obviously doesn't want to undercut their commercial product. You have to do a little bit of searching for how to build or install 3rd party builds of OpenLens.
Hey.. Christian... Do you have some experience using jsonnet? ( data templating language) in kubernetes... If yes Can do a video about it..? I heard it could be a good alternativ to kustomize or helm
* Better lifecycle management than just docker alone. Deployment/Statefulset upgrades are "built-in" to some extent and can roll-back if not successful. * Helm charts are available for most software that is already containerized * Much better ingress handling for multiple services vs just a self-managed reverse proxy * Cert-manager automatically will generate and renew certs (incl LetsEncrypt) for your web services, just "enable" SSL on the ingress * external-dns can automatically create/update/delete DNS entries for your web services, either locally (such as a LAN DNS server), or externally (such as CloudFlare or some other service). * Can ingress, secure, and proxy traffic to other web services outside of the cluster, but using the cluster to manage access to those web services centrally. Ergo, you have another web server thats not running in kubernetes, but can use an ingress, service, and manually created endpoint, to point to that and have it all SSL and DNS automated via aforementioned tools. * Kubernetes at its core, is a state engine, so it will do everything in its power to maintain that state. Liveness probes, readiness probes (readiness determines availability for receiving traffic, vs liveness means its running, but not dead), restart containers when things aren't responding or crashing. * Could setup HA cluster, even on a single bare metal machines using VMs, so that you can have an "always up" path for updating the cluster. Not redundant, but hey, something. * Could setup HA cluster on things such as raspberry pi quite cheaply. * Can define your home environment and services more agnostically to what is actually running kubernetes. Setting up a kubernetes cluster can be a fairly straight forward process and runs on just about anything. You could back everything in a git repo, then redeploy your entire setup from scratch this way within just a few steps if you had to. * More storage options and redundancy out of the box with kubernetes storage providers than with something like docker alone. * You learn how to properly setup, manage, and upgrade a Kubernetes cluster, which can get you jobs paying $180k+ with no degree, as even the concepts in a home lab scale on Kubernetes. * I am sure there are several more points that could be made, but these were just the ones off the top of my head.
@@jslay88 For the ingress part I just go with Traefik, a compose file start with Traefik seems to be able to do them all simple and easy. I don't know other benefits though. But I really could switch to k8s if it's much more resource efficient like less storage or cpu or memory, although as I can see it always drains more because you have to pair it with a lot of stuff like tools OP suggests or tons of clusters to help maintain visualizable and appreciable. Just my two cents though, I don't know nothing about k8s, I'm sorry if I'm wrong.
a little too late to the party here. I want to practice Kubernetes on my WSL2 setup, which i will ofcourse push to a VPS in the cloud for production. any tips or video you can direct me to @Christian?
Portainer has gone completely crazy, they monetize in such a vulgar way that the free version is starting to feel like a cancer, it is over run by stupid things reminding you that you are getting it for free, well with all their annoying "BEGGING" for money I will much rather eat my own foot that support their stupidity. I feel like taking the code, fork it and remove all their CARP and give it ack to the community, but not stop there and get a full time developer to push hard to make the free version better than the Begged for version.
I don't think that's true. Developers cost a lot of money. And somehow there needs to be money made to pay the people. They also give a lot of stuff for free back to the community.
Half of my comments keep disappearing/being deleted. Worthless. What's the point in trying to provide useful information here if its just gunna disappear. I spend quality time trying to write something useful up and help but nope! Later.
Came to you from NetworkChuck, really love your sense of humor. Thank you for all you are doing!
Awesome! He's a nice guy ;) Great to see you coming to my channel as well
I just found your channel, I have to say, your presentation and videos are excellent. Thank you for your time and effort.
I love lens for my work and also for my homelab! It reduces me the stress of trying when troubleshooting something, and you don't remember the exact command you need. I've also recommended it to new k8s admins. I've been always thought about using portainer as I've used it only with docker, and it's also a great tool. Will try in my homelab for sure!
Totally agree!
We have rancher installed at work , it's quite a complex system the only thing that i don't like it's how bloated the cluster becomes once installed but that's probably because we are not using it as they recommend it, and that is to have your management cluster where rancher is installed and have separate workload clusters :)) , we also have it integrated with our Google Workspaces account but will probably switch it to Active Directory
Interesting, yeah I’m doing the same, but who wants to set up a separate cluster just for rancher in a homelab? XD
Be prepared for a wild ride with AD. We had major problems with LDAP auth, some users just weren't able to login for no apparent reason... I opened a bug request but everyone seemed to ignored it. Maybe it works now but we settled for Keycloak that was connected to AD. That worked well!
Thanks!
Thank you for your support 🙏
Currently using K9S and loving the terminal look and snappy performance. Will try out Lens as it looks quite nice, thanks for the tip 👍
You're welcome :)
I've used portainer and lens for some reasons, yes lens is good for home lab server with limited resources like raspberry pi or may be server with small resources like my home lab server and I like portainer since I known docker, thanks for always making content like this sir.
sorry my english bad
No worries about your English, I'm also not a native speaker :D Thank you for liking and supporting the content man!
Lens is just amazing! Eases the administration by providing a very intuitive look & feel experience!
Absolutely!
I have hyped Portainer for the reasons you mentioned with Rancher. Thanks for drawing my attention to Lens as that look like a great balance. I also want to give K9S a go just because. This was an excellent rundown. As always thanks another great video.
Thank you! I’m glad it was useful to you :)
Had a hard time to get into K8S. I've installed Portainer and was satisfied with it. It has some limitations but I am fine with it.
Although i don't use any of this, you sure know how to present the information for the topic ! Good work !! Keep these coming !
Thank you :)
Another tool I like is stern. It is for tailing logs. What I like about it is that I can use selectors to display the logs for all pods in a deployment and use since so get just the most recent logs while tailing. Don’t know about newer version of kubectl but it wasn’t able to do all three at the same time the last time I tried and now use stern exclusively.
interesting! I'll take a look ;)
why not simply use `kubectl logs -l tag=here -f` thats what ive been using for years.
@@ThePapanoob You may be able to now but in the past I was not able to use ‘since’ and ‘follow’ together which meant I had to wait as it scrolled through all the logs to get to the end. It wasn’t just the time but it also cleared the scroll back buffer on my terminal. Another feature I like is that it prefixes each line with the pod name when displaying logs from multiple pods. If you like kubectl, stay with it since sticking with one tool is a lot easier. I wasn’t. Also stern is not the only third party tool for looking at Kubernetes logs. Just the fact that there are alternatives implies that kubectl is less than optimal for many people.
Using Rancher from some time and it's quite good to manage Multiple Kubernetes Clusters very smoothly & Rancher also has built in central GitOps with project Fleet
Thx for sharing, I thought at some point I need to look at Fleet and see how it works
2:53 Hol’ up… how are you getting these IDE-style intellisense suggestions for your bash completions? That’s pretty sick!
Great video and I agree on all points you have mentioned. One thing I would like to ask is what shell you are using on mac? How do you get the auto-complete to show up and the colour scheme. Would appreciate if you can reply.
Would love a video about your macOS terminal setup, it looks fantastic!
That’s the topic for the next video xD stay tuned
@@christianlempa Can’t wait!
Pity Lens is not being offered with a tablet/smartphone platform in mind as well, the download section only lists MS exes, linux rpm/deb/appimage/snap and macos dmg... while dropping the graphical UI from the cluster to a desktop app releases the resources on the nodes for actual work, users typically want to be able to use/monitor/manage the cluster from any device. If the UI is baked in into the kubernetes distribution or the node OS, you only need a device with a browser to work with the cluster.
would Harvester HCI be applicable here? I just found out about the platform recently. I'm interested in how it differs from setting up proxmox > vms > portainer / rancher > kubernetes
I’ve used rancher in the past but currently I’m using lens and of course kubectl
Longhorn is amazing BTW, I use it exclusively for my cluster PVC’s at the moment
Yeah longhorn is amazing
@@christianlempa I was surprised with the number of pods longhorn spins up 😮
Longhorn has a very major flaw … if you have a power outage. When the pods come back up they don’t auto fsck. You might need to fix every single volume manually with an fsck -y, they don’t do this for you automagically. I wrote a cronjob to just look at syslog and auto repair any volumes that show up requiring an fsck on mount (as long as they are longhorn volumes)
IMO, Rancher is just too buggy for long term usage. I use it for years and every year ran into major problem and have to rebuild my cluster from time to time. I ended up dropped it for my homelab setup
Haha damn right! It really is and it's almost impossible to remove... Even their tool to do exactly that leaves traces behind...
@@LampJustin that's why I moved to rke2+fluxcd v2+lens. I am start seeing rke2 not that stable either.... so might ditch it for Talos or something. But I need a way to run nebula overlay VPN and yet find a way to do it right.
@@admun yeah that's why I just use kubeadm based systems like kubespray, clusterapi and Talos. That's the most stable you can get. It's what almost everybody uses. Nebula is pretty cool. If you don't rely on it too heavily, you can use Talos and it's WireGuard based mesh.
I have been using K9S at work were I don’t have WUI or GUI and really like it. I don’t think that the lack of ability to create resources as a drawback. I have been frustrated with tools like Portainer that “own” your resource definitions. Once you create the resource using their tool, you can’t export it and use it outside of their tool. I use Portainer at home but never to create or edit my resources so I own my configuration.
Yeah that’s something I don’t like as well
@@borntoexcel14 I don’t create resources with K9S or Portainer.
At home I don’t worry about supporting multiple environments so a simple YAML file with related resources works well. I also experimenting with Ansible for Docker.
At work I am working with deployed resources. The biggest differences are in configuration/secrets and scale. I have tried Terraform and CloudFormation. Currently we are using Jenkins to provide environment specific properties.
As a developer I find it very enjoyable to come up with complex solutions but in the end, they don’t add value. They just add complexity that you need to deal with in the middle of the night. The other issue with complex solutions is that no one else wants to touch it so you own it and can’t move on to new projects.
Hi Christian, what is the auto-suggestion software/plugin for your terminal ? Any similar tools in Macbook for your recommendation, thanks
Is warp terminal
It’s coming from my terminal app, I will show that in one of my next videos :)
@@christianlempa cool thanks
There is also fish shell and other fish like extensions for other terminals (zsh etc) that arent dependent on specific terminal emulator, but not quite as fancy either. It will inline hint out suggestions or history, depending on how you have it configured.
if you are using kubectl, make sure you setup kubectl autocomplete for the shell you use. zsh/oh-my-zsh has autocomplete plugins for kubectl that will query the k8s api and autosuggest things relevant to your current cli query. ergo, if you are typing "kubectl exec -it " and double tab, it will discover the pods in the current contexts namespace, and suggest them for you for autocompletion.
I prefer OpenLens because I need no Account/Login and I didn't miss any functionality.
hi Chris,
what you think About OKD ? can you make some Videos ..OKD install on single node or as docker Container.....
OpenLens > Lens
None of that Mirantis commercial crap packaged into it. No forced account creation, etc.
We use OpenLens at work, it just hooks kube config, and AWS EKS cli just adds cluster and user profiles to kube config, so it picks it up just fine.
Not sure why you would need AD integration with OpenLens when OpenLens is not an auth mechanism itself, it just hooks existing mechanisms through kube config.
Unfortunately, there are no "official" builds of OpenLens since Mirantis bought/funded the OpenLens team, as Mirantis obviously doesn't want to undercut their commercial product. You have to do a little bit of searching for how to build or install 3rd party builds of OpenLens.
Lens Lens Lens love this.
Hey.. Christian... Do you have some experience using jsonnet? ( data templating language) in kubernetes... If yes Can do a video about it..? I heard it could be a good alternativ to kustomize or helm
Super helpful, thank you!
Thank you! Glad it helped :)
I’m using rancher for manage my EKS cluster 😅
What's a use case for Kubernetes in a home lab though?
Yeah that's what I want to know, I've got lots of Docker containers and aside from my server going down when it backs up I can't think of anything
I will do more videos about that especially what’s better in a home lab, docker or k8s, hope that will answer some of your questions
@@christianlempa Thanks, I'm just now getting into Docker and really haven't wrapped my head around using Kubernetes in my setup yet.
* Better lifecycle management than just docker alone. Deployment/Statefulset upgrades are "built-in" to some extent and can roll-back if not successful.
* Helm charts are available for most software that is already containerized
* Much better ingress handling for multiple services vs just a self-managed reverse proxy
* Cert-manager automatically will generate and renew certs (incl LetsEncrypt) for your web services, just "enable" SSL on the ingress
* external-dns can automatically create/update/delete DNS entries for your web services, either locally (such as a LAN DNS server), or externally (such as CloudFlare or some other service).
* Can ingress, secure, and proxy traffic to other web services outside of the cluster, but using the cluster to manage access to those web services centrally. Ergo, you have another web server thats not running in kubernetes, but can use an ingress, service, and manually created endpoint, to point to that and have it all SSL and DNS automated via aforementioned tools.
* Kubernetes at its core, is a state engine, so it will do everything in its power to maintain that state. Liveness probes, readiness probes (readiness determines availability for receiving traffic, vs liveness means its running, but not dead), restart containers when things aren't responding or crashing.
* Could setup HA cluster, even on a single bare metal machines using VMs, so that you can have an "always up" path for updating the cluster. Not redundant, but hey, something.
* Could setup HA cluster on things such as raspberry pi quite cheaply.
* Can define your home environment and services more agnostically to what is actually running kubernetes. Setting up a kubernetes cluster can be a fairly straight forward process and runs on just about anything. You could back everything in a git repo, then redeploy your entire setup from scratch this way within just a few steps if you had to.
* More storage options and redundancy out of the box with kubernetes storage providers than with something like docker alone.
* You learn how to properly setup, manage, and upgrade a Kubernetes cluster, which can get you jobs paying $180k+ with no degree, as even the concepts in a home lab scale on Kubernetes.
* I am sure there are several more points that could be made, but these were just the ones off the top of my head.
@@jslay88 For the ingress part I just go with Traefik, a compose file start with Traefik seems to be able to do them all simple and easy. I don't know other benefits though.
But I really could switch to k8s if it's much more resource efficient like less storage or cpu or memory, although as I can see it always drains more because you have to pair it with a lot of stuff like tools OP suggests or tons of clusters to help maintain visualizable and appreciable.
Just my two cents though, I don't know nothing about k8s, I'm sorry if I'm wrong.
Headlamp is the best feature-rich and extensible UI for Kubernetes
Nice, thanks for the suggestion. I will try it out ;)
What do you use as your terminal client ?
you do great videos
Thx!
What is the terminal you are using intially, for kubectl commands ?? That looks pretty good
I will make a full tutorial video about my new terminal set up soon :) stay tuned
VSCode have nice features.
a little too late to the party here.
I want to practice Kubernetes on my WSL2 setup, which i will ofcourse push to a VPS in the cloud for production.
any tips or video you can direct me to @Christian?
Check out Docker Desktop for local K8S, and CIVO for VPS ;)
Haven't you tried devtron?
Yes but that was long ago, I wouldn’t call it a management tool it’s more a CI/CD tool
Openlens maybe ?
What about ArgoCD?
It's not a management tool in my opinion, but I love ArgoCD, it's a great tool!
Skooner, Kubernetic, Kubevious, Komodor, kubernetes dashboard.. what about it ?
Use open lens! Not regular lens you'll be happy you do.
Lens the best!
Its worth to mention TILT. Super tool for automating development process
Infra App so cool
what about google anthos?
Lens we use in development
Nice
K9S is the best!
What about openshift ?
Haven’t used it yet
K9S is the best.
OpenLens is free! but dang Chris you gained weight xD
LOL do you see that? :D
k9s +1
Lens is closed source now. 😢
Yeah, for those of us who care that's unfortunate
Portainer has gone completely crazy, they monetize in such a vulgar way that the free version is starting to feel like a cancer, it is over run by stupid things reminding you that you are getting it for free, well with all their annoying "BEGGING" for money I will much rather eat my own foot that support their stupidity. I feel like taking the code, fork it and remove all their CARP and give it ack to the community, but not stop there and get a full time developer to push hard to make the free version better than the Begged for version.
I don't think that's true. Developers cost a lot of money. And somehow there needs to be money made to pay the people. They also give a lot of stuff for free back to the community.
I tried portainer before, it is completely useless.
I would rather use kubectl or vscode k8s extension.
Half of my comments keep disappearing/being deleted. Worthless. What's the point in trying to provide useful information here if its just gunna disappear. I spend quality time trying to write something useful up and help but nope! Later.
Idk why YT seems to delete comments, wondering what you were typing xD
For now I am using exclusively kubectl perhaprs because I prefer CLI tools I didn't really tried any other tool
Once I know a cli then a great ui is amazing but if I don’t know the cli very well then the ui can be a great way to get lost in the dark.
@@eccehomosexual I totally agree, especially with such tools sometimes you need cli
That’s now a perfect chance to try out something new :D
K9s is the best.