Launch the Gloo Mesh UI

When you have access to the management cluster, you can launch the Gloo Mesh UI from your local machine.

Default access to the Gloo Mesh UI

By default, the Gloo Mesh UI is deployed in the gloo-mesh namespace of your management cluster. The deployment is exposed with a ClusterIP service so that no one can access it externally from the cluster. You can review the gloo-mesh-ui resources with the following command.

kubectl get all -A -l app=gloo-mesh-ui --context ${MGMT_CONTEXT}

No authentication or authorization is applied by default. Anyone that can access the management cluster can open the Gloo Mesh UI and review all of the Gloo Mesh resources and configurations in your setup.

To control access:

  1. Give only administrators access to the management cluster.
  2. Control user access to the Gloo Mesh UI service in the management cluster with Kubernetes RBAC.
  3. Optionally set up an OIDC provider for the Gloo Mesh UI.

Launch the Gloo Mesh UI

The Gloo Mesh UI is served from the gloo-mesh-ui service on port 8090. You can connect by using the meshctl or kubectl CLIs.

  1. Open the Gloo Mesh UI.
    • meshctl: For more information, see the CLI documentation.
      meshctl dashboard --context ${MGMT_CONTEXT}
    • kubectl:
      1. Port-forward the gloo-mesh-ui service on 8090.
        kubectl port-forward -n gloo-mesh svc/gloo-mesh-ui 8090:8090 --context ${MGMT_CONTEXT}
      2. Open your browser and connect to http://localhost:8090.
  2. Optional: If authentication is enabled, sign in.
  3. Review the overview page.
Figure: Gloo Mesh UI overview page.