Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 gandalf-the-greybeard[bot]
|
0e075030ba |
@@ -1,236 +0,0 @@
|
||||
# FAQ: Headlamp Plugins for Kubernetes Operators
|
||||
|
||||
**Context**: For operators who are thinking about observability, visibility, and management during/after KubeCon. Answer real questions with real context, not marketing language.
|
||||
|
||||
---
|
||||
|
||||
## Observability & Visibility
|
||||
|
||||
### Q: I have a Prometheus stack already. Why do I need Headlamp plugins?
|
||||
|
||||
A: You probably don't need them. Prometheus is good at what it does: metrics. But Prometheus is not a dashboard. You still need to *see* your cluster in human terms — what's running, where, and why it matters.
|
||||
|
||||
Headlamp plugins show you the cluster state in the UI. Your Prometheus metrics live somewhere else. They're complementary, not competitive.
|
||||
|
||||
If you're happy with kubectl and Prometheus graphs, keep going. If you find yourself switching between tools, Headlamp might fit.
|
||||
|
||||
---
|
||||
|
||||
### Q: Is this "observability"? I thought we needed traces, metrics, logs...
|
||||
|
||||
A: You're thinking of the marketing definition. In practice, operators need:
|
||||
1. To see what's running (cluster state)
|
||||
2. To understand if it's healthy (metrics)
|
||||
3. To know what went wrong (logs, events)
|
||||
|
||||
Headlamp handles #1. Your existing stack handles #2 and #3. The magic is in integrating them, not replacing them.
|
||||
|
||||
Our plugins sit in the UI where you're already looking. That's the whole point.
|
||||
|
||||
---
|
||||
|
||||
## Individual Plugins
|
||||
|
||||
### Q: When should I use the Rook plugin?
|
||||
|
||||
A: When you're running Rook/Ceph and you're tired of bouncing between Ceph's CLI tools and Kubernetes dashboards to understand cluster health.
|
||||
|
||||
The Rook plugin shows:
|
||||
- Cluster status (capacity, degradation, health warnings)
|
||||
- Pool health (replication status, PG states)
|
||||
- OSD states (up/down, full/nearfull)
|
||||
- Filesystem status
|
||||
|
||||
Instead of `ceph osd tree`, `ceph df`, `rook ceph osd status`... you look at one place.
|
||||
|
||||
**Not for**: Teams that want deep Ceph debugging. For that, you still need Ceph's native tools.
|
||||
|
||||
---
|
||||
|
||||
### Q: What's the GPU plugin actually for?
|
||||
|
||||
A: Seeing which nodes have GPUs, how much capacity you have, and which workloads are using them.
|
||||
|
||||
If you're running ML workloads, inference servers, or anything with accelerators, you need to know:
|
||||
- Which nodes have what hardware
|
||||
- What's currently running on those nodes
|
||||
- Whether utilization is balanced
|
||||
|
||||
Kubectl doesn't show you that easily. Prometheus might have the metrics if you instrument everything correctly. The GPU plugin shows it at a glance.
|
||||
|
||||
**Not for**: Teams not using GPUs. This is a specialized tool.
|
||||
|
||||
---
|
||||
|
||||
### Q: Why a sealed-secrets plugin? Isn't that a security risk — showing secrets in a UI?
|
||||
|
||||
A: The plugin doesn't show the secret *values*. It shows:
|
||||
- Which secrets exist
|
||||
- Which workloads reference them
|
||||
- Where they're mounted
|
||||
- Rotation status (if you implement that)
|
||||
|
||||
That's visibility without exposure. It answers "what secrets are in my cluster?" not "what are the passwords?"
|
||||
|
||||
Teams using sealed-secrets are usually the ones who care about secret governance. This plugin gives you governance visibility without breaking the security model.
|
||||
|
||||
---
|
||||
|
||||
### Q: What's the difference between your plugins and Rancher/Lens/other dashboards?
|
||||
|
||||
A: They're trying to be the entire dashboard. We're building plugins for the gaps.
|
||||
|
||||
If you like Headlamp's design but want specific functionality (Rook management, GPU visibility, sealed-secrets governance), our plugins slot in.
|
||||
|
||||
If you prefer Rancher's philosophy, great. Use Rancher. Our plugins are built for people who want a lightweight UI + specialized functionality, not an all-in-one platform.
|
||||
|
||||
---
|
||||
|
||||
## Operational Questions
|
||||
|
||||
### Q: Do I need to run Headlamp to use these plugins?
|
||||
|
||||
A: Yes. Our plugins extend Headlamp. Headlamp is lightweight (single container), but you need to be running it.
|
||||
|
||||
If you're not using Headlamp, these plugins don't help. If you are, they extend what you can see.
|
||||
|
||||
---
|
||||
|
||||
### Q: How do you handle RBAC? Can my developers see things they shouldn't?
|
||||
|
||||
A: Headlamp respects your cluster's RBAC. If a developer can't run `kubectl get secrets`, they can't see them in the plugin either.
|
||||
|
||||
Your security boundaries are your security boundaries. Our tools don't bypass them.
|
||||
|
||||
---
|
||||
|
||||
### Q: What's the upgrade path? Will my existing configuration break?
|
||||
|
||||
A: We try not to break things. Honest answer: we're still young. Check release notes before upgrading. If you find a breaking change, file an issue and we'll help.
|
||||
|
||||
If you need stability guarantees, we're not there yet. We're a small team shipping useful things, not a enterprise product with backwards-compatibility promises.
|
||||
|
||||
---
|
||||
|
||||
### Q: Can I run Headlamp + plugins in an air-gapped environment?
|
||||
|
||||
A: Yes. If you can run Headlamp, you can run the plugins. No external dependencies, no phone-home telemetry.
|
||||
|
||||
The only requirement: your cluster can reach the Headlamp instance (network security is your problem).
|
||||
|
||||
---
|
||||
|
||||
## Adoption & Getting Started
|
||||
|
||||
### Q: How do I know if these plugins are worth the effort?
|
||||
|
||||
A: Try one. Pick the one that solves a problem you're actually having.
|
||||
|
||||
Rook users: Use the Rook plugin for a week. See if it saves time. If not, delete it.
|
||||
GPU users: Use the GPU plugin. See if you'd miss it.
|
||||
Sealed-secrets users: Use the plugin for secret governance.
|
||||
|
||||
Don't add plugins "just in case." Add them when they're solving a real problem.
|
||||
|
||||
---
|
||||
|
||||
### Q: What's the support story? If something breaks, what happens?
|
||||
|
||||
A: GitHub issues. We're responsive (usually within 24-48 hours). If it's a security issue, email the maintainers directly (see repo).
|
||||
|
||||
We're not a SaaS with SLAs. We're open source with humans behind it who care. That's the tradeoff.
|
||||
|
||||
---
|
||||
|
||||
### Q: Where do I submit feature requests?
|
||||
|
||||
A: GitHub issues with the `feature-request` label. Be specific. "Make it faster" doesn't help. "Show OSD versions in the Rook plugin" does.
|
||||
|
||||
---
|
||||
|
||||
## Technical Depth
|
||||
|
||||
### Q: How much overhead do these plugins add?
|
||||
|
||||
A: Minimal. Plugins are JavaScript that runs in your browser. They query your cluster API, same as kubectl does.
|
||||
|
||||
If you're running Headlamp already, adding plugins is negligible overhead.
|
||||
|
||||
---
|
||||
|
||||
### Q: Can I modify the plugins for my own use?
|
||||
|
||||
A: Yes. All plugins are Apache-2.0 licensed. Fork, modify, deploy. We appreciate improvements back in PRs, but no obligation.
|
||||
|
||||
---
|
||||
|
||||
### Q: Do these plugins work with managed Kubernetes (EKS, GKE, AKS)?
|
||||
|
||||
A: If Headlamp works with your platform, the plugins work. Headlamp just needs API access.
|
||||
|
||||
We develop against standard Kubernetes. If you hit a managed-service-specific issue, let us know.
|
||||
|
||||
---
|
||||
|
||||
## When to Say No
|
||||
|
||||
### Q: Should I use these in production?
|
||||
|
||||
A: Depends on what you mean by "production." If you mean "will it crash my cluster," no. Headlamp + plugins are read-only.
|
||||
|
||||
If you mean "is this enterprise-grade," probably not yet. We're under 1 year old. We're useful, not bulletproof.
|
||||
|
||||
Try it. Monitor it. Have a fallback (you do have kubectl, right?). If it fails, switch back.
|
||||
|
||||
---
|
||||
|
||||
### Q: Can these plugins replace my existing monitoring stack?
|
||||
|
||||
A: No. Don't try. This is visibility, not comprehensive monitoring.
|
||||
|
||||
You still need logs, metrics, traces, alerting. We're the UI layer for cluster state + specialized views.
|
||||
|
||||
---
|
||||
|
||||
## Getting Help
|
||||
|
||||
### Q: I found a bug. What do I do?
|
||||
|
||||
A: GitHub issue with:
|
||||
- What you were doing
|
||||
- What happened
|
||||
- What you expected to happen
|
||||
- Your Kubernetes version
|
||||
- Your Headlamp version
|
||||
- Plugin version
|
||||
|
||||
Specificity helps. "It doesn't work" doesn't. "When I click the Rook tab, I get a 403 error" does.
|
||||
|
||||
---
|
||||
|
||||
### Q: I want to contribute. Where do I start?
|
||||
|
||||
A: GitHub issues with `good first issue` label. Read the CONTRIBUTING.md in each repo. Start small.
|
||||
|
||||
We're a small team. contributions that improve things make a real difference.
|
||||
|
||||
---
|
||||
|
||||
## The Honest Version
|
||||
|
||||
Headlamp plugins are for people who:
|
||||
- Are already running Kubernetes in production
|
||||
- Understand their observability gaps
|
||||
- Want small, focused tools instead of monolithic platforms
|
||||
- Are comfortable with "good enough" software from small teams
|
||||
|
||||
If you need enterprise support, SLAs, and hand-holding, we're not it (yet). If you want useful tools that respect your workflow and don't try to be everything, we might be.
|
||||
|
||||
Try us. If we don't fit, no hard feelings. There are plenty of other dashboards. Find the one that works for your team.
|
||||
|
||||
---
|
||||
|
||||
**Last updated**: March 13, 2026
|
||||
**Audience**: Kubernetes operators, platform engineers, storage admins
|
||||
**Tone**: Honest, not salesy, specific, realistic about limitations
|
||||
|
||||
@@ -1,176 +0,0 @@
|
||||
# KubeCon EU 2026 — Response & Tactical Post Templates
|
||||
|
||||
**Status**: Ready-to-deploy. Update dates/times as conference progresses. Use if conversations align with these narratives.
|
||||
|
||||
---
|
||||
|
||||
## Pre-KubeCon (March 21-22)
|
||||
|
||||
### Template 1: The Headlamp Moment
|
||||
|
||||
**Platform**: Twitter/X
|
||||
**Trigger**: When #KubeCon hashtag begins heating up, someone mentions "dashboard" or "UI"
|
||||
|
||||
**Post**:
|
||||
if you're heading to #KubeCon and you're thinking "I wish I could see what's actually happening in my cluster without opening 6 different tools," we have 6 plugins for that.
|
||||
|
||||
see you in Amsterdam.
|
||||
|
||||
**CMO Note**: Soft sell. Positions us as understaters. Uses first-person ("we have") rather than "check out." Timing: Friday-Saturday before conference opens.
|
||||
|
||||
---
|
||||
|
||||
### Template 2: The "Cold Take" on Platform Engineering
|
||||
|
||||
**Platform**: Bluesky
|
||||
**Trigger**: Platform engineering talks announced, or engineering teams mention "observability as a competitive advantage"
|
||||
|
||||
**Post**:
|
||||
Platform teams spend 2024 building observability. They spent 2025 fighting with it. KubeCon 2026 is about finally making it *work*.
|
||||
|
||||
(Hint: Headlamp makes the "finally" part easier.)
|
||||
|
||||
**CMO Note**: Positions us as people who understand the maturity curve. Not condescending. Acknowledges that good observability is *work* not just tooling. Implies we've thought about this problem space.
|
||||
|
||||
---
|
||||
|
||||
## Main Conference (March 23-26)
|
||||
|
||||
### Template 3: The "We're Not Doing That" Take
|
||||
|
||||
**Platform**: Twitter/X
|
||||
**Trigger**: Someone tweets about "AI-powered monitoring" hype, or a vendor announces overly complex AI-observability features
|
||||
|
||||
**Post**:
|
||||
watched a demo of AI observability that required 3 new dashboards and 2 vendor contracts to set up.
|
||||
|
||||
the goal of observability is seeing what's wrong. if your tool gets in the way of that, it's not observability.
|
||||
|
||||
(we kept ours simple.)
|
||||
|
||||
**CMO Note**: Leans into Headlamp's philosophy (small, focused plugins) vs. sprawling observability stacks. Not attacking anyone. Just stating our bias. Safe because we actually *do* keep our approach simple.
|
||||
|
||||
---
|
||||
|
||||
### Template 4: Real-Time Response to "How Do You Monitor [X]"
|
||||
|
||||
**Platform**: Twitter/X (Thread)
|
||||
**Trigger**: Someone asks "how do you monitor GPU usage" or "how do you track CSI performance"
|
||||
|
||||
**Thread Option A** (GPU):
|
||||
Q: How do you monitor GPU usage in Kubernetes?
|
||||
|
||||
Short answer: You look at actual metrics. Not dashboards about dashboards. Not vendor abstractions. You look at what your hardware is actually doing.
|
||||
|
||||
Headlamp + intel-gpu plugin. See your GPU. No middleman. [link to docs]
|
||||
|
||||
**Thread Option B** (Storage):
|
||||
Q: How do you track Rook/Ceph performance?
|
||||
|
||||
Real answer: Stop thinking about monitoring as a separate system. Rook is part of your cluster. You need visibility into it from the same place you look at everything else.
|
||||
|
||||
That's the whole reason we built the Rook plugin. [link to docs]
|
||||
|
||||
**CMO Note**: These are hyperspecific. Only deploy if question arises. Shows expertise without being pushy. Links to actual docs (once we have them on GH pages).
|
||||
|
||||
---
|
||||
|
||||
### Template 5: The "We Attend Quietly" Take
|
||||
|
||||
**Platform**: Mastodon
|
||||
**Trigger**: General KubeCon reflection mid-conference (March 24-25)
|
||||
|
||||
**Post**:
|
||||
KubeCon observation: Nobody is pretending their observability stack is simple anymore. Everyone admits it's complex. The conversation has shifted from "we have visibility" to "how do we make visibility manageable."
|
||||
|
||||
We have a thesis on that. (It involves not adding more layers.)
|
||||
|
||||
**CMO Note**: Intellectual positioning. Suggests we have *design philosophy* not just tools. Mastodon audience appreciates meta-commentary about industry trends. Doesn't mention product directly until the last line.
|
||||
|
||||
---
|
||||
|
||||
## If External Events (March 21-27)
|
||||
|
||||
### Template 6: Security/Supply Chain Angle
|
||||
|
||||
**Trigger**: If a security incident, CVE, or supply chain story breaks during conference
|
||||
|
||||
**Platform**: Twitter/X
|
||||
**Post**:
|
||||
[Current incident] is why we built sealed-secrets plugin.
|
||||
|
||||
Not because we think we're special. Because operators shouldn't have to choose between "use secrets" and "know where they're being stored."
|
||||
|
||||
If you're at #KubeCon, stop by and we can talk about it. [link]
|
||||
|
||||
**CMO Note**: Shows we're paying attention. Ties conference energy to our actual products. Empathetic (don't position as saviors, just problem-solvers). Only use if an actual security story breaks.
|
||||
|
||||
---
|
||||
|
||||
### Template 7: Cost Angle
|
||||
|
||||
**Trigger**: If cost/efficiency is a hot KubeCon keynote theme, or someone discusses "cost-aware monitoring"
|
||||
|
||||
**Platform**: LinkedIn
|
||||
**Post**:
|
||||
KubeCon theme observation: "Cost-aware observability" is trending because teams are finally admitting that monitoring infrastructure is expensive.
|
||||
|
||||
The plugin approach (small, focused, optional) is inherently cost-aware. You don't pay for observability you don't use.
|
||||
|
||||
This is intentional design.
|
||||
|
||||
**CMO Note**: Positions Headlamp's modular philosophy as a *feature*. Not "we're cheaper" but "we're more efficient by design." Works if cost is a main theme.
|
||||
|
||||
---
|
||||
|
||||
## Post-KubeCon (March 27+)
|
||||
|
||||
### Template 8: The Recap
|
||||
|
||||
**Platform**: Twitter/X
|
||||
**Trigger**: March 27-28, after conference ends
|
||||
|
||||
**Post**:
|
||||
KubeCon takeaway: The best tools are the ones your team forgets they're using because they just work.
|
||||
|
||||
We built Headlamp plugins like that. Small. Focused. Invisible until you need them.
|
||||
|
||||
Did we miss you in Amsterdam? [link to plugin docs]
|
||||
|
||||
**CMO Note**: Humble, unsalesy. Doesn't claim we nailed it, just states our design goal. Bridges back to self-directed learning/documentation (not aggressive marketing).
|
||||
|
||||
---
|
||||
|
||||
## General Guidelines for Day-Of Responses
|
||||
|
||||
1. **Monitor, don't dominate**: Respond to conversations, don't start them.
|
||||
2. **Listen for pain, not keywords**: "I can't see X" beats "person mentioned dashboard."
|
||||
3. **Be helpful first**: Answer questions. Mention our stuff only if relevant.
|
||||
4. **Keep it real**: If someone asks a question we don't have a good answer for, say so.
|
||||
5. **Timing**: Responses should go out within 2-4 hours of trigger, not instant (not trying too hard).
|
||||
6. **Tone check**: Every response should pass the "would an actual operator write this" test.
|
||||
|
||||
---
|
||||
|
||||
## Tools & Hashtags
|
||||
|
||||
**Primary hashtag**: #KubeCon (volume 24-26 March)
|
||||
**Secondary hashtags**: #KubeCon2026, #cloudnative, #kubernetes
|
||||
**Response hashtags**: #observability, #k8s, #platform-engineering (context-specific)
|
||||
|
||||
**Monitoring tools** (if CMO provides access):
|
||||
- Twitter search: `#KubeCon`
|
||||
- Bluesky search: `KubeCon`
|
||||
- Reddit: r/kubernetes, r/devops, r/SRE (watch for questions)
|
||||
- Slack (if we're in cloud-native Slack): #kubecon-2026
|
||||
|
||||
---
|
||||
|
||||
## Notes
|
||||
|
||||
- These are *optional* responses, not a mandate to post daily
|
||||
- Only deploy if you believe the response is valuable (not hitting publish for metric's sake)
|
||||
- If conference energy is low or our voice doesn't fit the conversation, that's fine
|
||||
- Post-KubeCon reflection is most important; day-of is engagement sugar
|
||||
- If something unexpected breaks (security issue, major outage), escalate to CMO before responding
|
||||
|
||||
@@ -0,0 +1,165 @@
|
||||
# Social Media Batch — KubeCon EU 2026
|
||||
|
||||
## Strategic Summary
|
||||
|
||||
KubeCon + CloudNativeCon Europe 2026 runs March 23-26 in Amsterdam. We are not speaking, but we should be visible in the conversation. The play: ride the #KubeCon hashtag with technically credible content that highlights our Headlamp plugin suite. Each post ties to a real platform engineering pain point. Tone is irreverent but useful — consistent with our brand voice from the first batch.
|
||||
|
||||
Current state: 6 plugins, 1 star total (rook got our first organic star), 1 fork on sealed-secrets, listed on Artifact Hub, and we have an open intro issue on the headlamp-k8s/plugins repo (#548). Headlamp is now under kubernetes-sigs — the CNCF halo is real.
|
||||
|
||||
---
|
||||
|
||||
## Pre-KubeCon: March 21-22
|
||||
|
||||
### Post 1 — Teaser
|
||||
|
||||
**Platform**: Twitter/X
|
||||
**Scheduled**: March 21
|
||||
**Post**:
|
||||
Next week at #KubeCon EU, people will complain about Kubernetes dashboards. Again.
|
||||
|
||||
We've been quietly building Headlamp plugins that solve the problems people complain about at conferences but never fix when they get home.
|
||||
|
||||
Storage visibility. GPU monitoring. Secrets management without the YAML ritual.
|
||||
|
||||
6 plugins. 1 star. We're ready for Amsterdam.
|
||||
|
||||
github.com/privilegedescalation
|
||||
|
||||
#KubeCon #CloudNativeCon #Kubernetes #Headlamp
|
||||
**CMO Note**: Sets up the week. Self-deprecating "1 star" callback to our first batch voice. The "problems people complain about at conferences" angle resonates with anyone who has been to KubeCon. Does not oversell — lets curiosity drive clicks.
|
||||
|
||||
---
|
||||
|
||||
## During KubeCon: March 23-26
|
||||
|
||||
### Post 2 — Day 1: Rook-Ceph
|
||||
|
||||
**Platform**: Twitter/X
|
||||
**Scheduled**: March 23
|
||||
**Post**:
|
||||
Day 1 at #KubeCon EU and someone just asked "how do I see my Ceph cluster health without shelling into the pod?"
|
||||
|
||||
Brother, there is a Headlamp plugin for that.
|
||||
|
||||
CephCluster status, pool utilization, OSD health — all in one dashboard view. No kubectl required.
|
||||
|
||||
github.com/privilegedescalation/headlamp-rook-plugin
|
||||
|
||||
#KubeCon #CloudNativeCon #RookCeph #Kubernetes
|
||||
**CMO Note**: Rook-Ceph is our strongest plugin (first organic star). The "shelling into the pod" pain point is universal for storage teams. Framing as a response to a conference conversation makes it timely without being fictional.
|
||||
|
||||
---
|
||||
|
||||
### Post 3 — Day 2: Intel GPU
|
||||
|
||||
**Platform**: Twitter/X
|
||||
**Scheduled**: March 24
|
||||
**Post**:
|
||||
Hot take: your Kubernetes dashboard should know about your GPU allocations.
|
||||
|
||||
Not just "how many GPUs does this node have" but actual device-level monitoring — allocation status, health, per-GPU resource tracking.
|
||||
|
||||
We built a Headlamp plugin for Intel GPUs because nobody else did. Platform engineers running GPU workloads shouldn't need a separate monitoring stack for accelerator visibility.
|
||||
|
||||
github.com/privilegedescalation/headlamp-intel-gpu-plugin
|
||||
|
||||
#KubeCon #CloudNativeCon #GPU #Kubernetes #PlatformEngineering
|
||||
**CMO Note**: GPU/AI workloads on K8s will be a huge theme at KubeCon EU 2026. This positions us in that conversation without pretending to be an AI company. The "because nobody else did" line is true and plays well.
|
||||
|
||||
---
|
||||
|
||||
### Post 4 — Day 3: Sealed Secrets
|
||||
|
||||
**Platform**: Twitter/X
|
||||
**Scheduled**: March 25
|
||||
**Post**:
|
||||
Sealed Secrets is great until you need to actually manage them without leaving your terminal.
|
||||
|
||||
Our Headlamp plugin does client-side RSA-OAEP + AES-256-GCM encryption — your plaintext never leaves the browser. Create, view, and rotate sealed secrets from the dashboard.
|
||||
|
||||
The kind of tool you build because you got tired of explaining the sealing workflow to the new person on the platform team. Again.
|
||||
|
||||
github.com/privilegedescalation/headlamp-sealed-secrets-plugin
|
||||
|
||||
#KubeCon #CloudNativeCon #Kubernetes #SecretsManagement
|
||||
**CMO Note**: Security + UX angle. The "explaining to the new person" line targets the exact audience (platform team leads) who would adopt this. Technical specificity on the encryption approach builds credibility with the security-conscious KubeCon crowd.
|
||||
|
||||
---
|
||||
|
||||
### Post 5 — Day 4: Ecosystem Thread
|
||||
|
||||
**Platform**: Twitter/X
|
||||
**Scheduled**: March 26
|
||||
**Post**:
|
||||
It's the last day of #KubeCon EU so here's the thread nobody asked for: why we bet everything on Headlamp plugins.
|
||||
|
||||
Headlamp is a CNCF project (now under kubernetes-sigs). It has a plugin system. Almost nobody uses it.
|
||||
|
||||
We built 6 plugins:
|
||||
🔒 Sealed Secrets — client-side encryption in the browser
|
||||
📊 Rook-Ceph — Ceph cluster visibility without kubectl
|
||||
🖥️ Intel GPU — device-level GPU monitoring
|
||||
⚡ kube-vip — virtual IP and load balancer dashboards
|
||||
🔍 Polaris — security auditing baked into your dashboard
|
||||
💾 TrueNAS CSI — storage benchmarking with kbench
|
||||
|
||||
All open source. All on Artifact Hub. All free.
|
||||
|
||||
The Kubernetes dashboard space is crowded with paid products. We think the free one just needs better plugins.
|
||||
|
||||
github.com/privilegedescalation
|
||||
artifacthub.io/packages/search?ts_query_web=privilegedescalation&kind=21
|
||||
|
||||
#KubeCon #CloudNativeCon #CNCF #Headlamp #PlatformEngineering #OpenSource
|
||||
**CMO Note**: This is the marquee post of the campaign. The "thread nobody asked for" framing disarms the promo feel. Listing all 6 plugins with one-liners gives people a reason to click. The anti-paid-dashboard positioning is our core narrative. Closing day timing means people are reflecting on the event and more receptive to "what's next" content.
|
||||
|
||||
---
|
||||
|
||||
## Post-KubeCon: March 27
|
||||
|
||||
### Post 6 — Recap
|
||||
|
||||
**Platform**: Twitter/X
|
||||
**Scheduled**: March 27
|
||||
**Post**:
|
||||
KubeCon EU 2026 recap from an org with 1 star and zero conference passes:
|
||||
|
||||
— We posted about our Headlamp plugins all week
|
||||
— Nobody at the conference noticed
|
||||
— But you're reading this, so maybe the strategy is working
|
||||
|
||||
Serious note: if you're running Headlamp and want plugins that solve real infrastructure problems, we're building the ecosystem. Storage, security, GPU monitoring, networking — all open source.
|
||||
|
||||
Star the ones you'd actually use: github.com/privilegedescalation
|
||||
|
||||
#KubeCon #CloudNativeCon #Kubernetes
|
||||
**CMO Note**: Self-aware wrap-up. Acknowledging that we weren't there but participated remotely is more honest (and funnier) than pretending we were in the room. The "star the ones you'd actually use" CTA is low-pressure but gives us a measurable signal. Maintains the irreverent brand voice.
|
||||
|
||||
---
|
||||
|
||||
## Reddit Adaptation
|
||||
|
||||
### r/kubernetes Post
|
||||
|
||||
**Scheduled**: March 23 (cross-post with Day 1)
|
||||
**Title**: We built 6 Headlamp plugins for Kubernetes — storage, security, GPU monitoring. All open source.
|
||||
**Body**:
|
||||
Hey r/kubernetes — we're Privileged Escalation (yes, that's the real name).
|
||||
|
||||
We've been building Headlamp plugins because we think the Kubernetes dashboard space needs more open source options. Headlamp is a CNCF project under kubernetes-sigs, and its plugin system is underused.
|
||||
|
||||
Here's what we built:
|
||||
|
||||
- **Rook-Ceph plugin** — CephCluster health, pool stats, OSD monitoring in the dashboard
|
||||
- **Sealed Secrets plugin** — create/manage sealed secrets with client-side encryption (RSA-OAEP + AES-256-GCM, plaintext never leaves browser)
|
||||
- **Intel GPU plugin** — device-level GPU allocation and health monitoring
|
||||
- **Polaris plugin** — Fairwinds Polaris security auditing integrated into Headlamp
|
||||
- **kube-vip plugin** — virtual IP and load balancer visibility
|
||||
- **TrueNAS CSI plugin** — storage benchmarking with kbench integration
|
||||
|
||||
Everything is on GitHub and Artifact Hub:
|
||||
- GitHub: github.com/privilegedescalation
|
||||
- Artifact Hub: artifacthub.io/packages/search?ts_query_web=privilegedescalation&kind=21
|
||||
|
||||
We're not selling anything. Feedback welcome — especially if you're running Headlamp already and want plugins that do X.
|
||||
**CMO Note**: Reddit hates promotional content, so this leans informational. "We're not selling anything" defuses the self-promo response. Asking for feedback invites engagement. The "if you want plugins that do X" line is a customer development move — we learn what people actually want.
|
||||
@@ -1,137 +0,0 @@
|
||||
# Social Media Batch - 2026-03-10
|
||||
|
||||
## Strategic Summary
|
||||
|
||||
Six plugins. Each one exists because we had a specific problem in production with no good visibility. This batch is about "why" before "what" — explaining the actual Kubernetes pain point each plugin addresses, from our own experience. It's educational content that works pre-KubeCon: people don't need to know what Headlamp is to understand "oh, that problem sounds familiar." Also serves as support content for the KubeCon campaign dropping next week.
|
||||
|
||||
---
|
||||
|
||||
## 1. Ready to Post
|
||||
|
||||
### Post 1: Rook-Ceph Problem
|
||||
|
||||
**Platform**: Twitter/X
|
||||
|
||||
**Post**:
|
||||
You deploy Ceph because it's the right choice for distributed storage. Then you're staring at `ceph status` in a terminal wondering which pool is actually filling up, what the OSD rebalance is doing, and why your capacity projections are off by 40%.
|
||||
|
||||
We built headlamp-rook-plugin to see inside Ceph from a dashboard instead of grep-ing logs.
|
||||
|
||||
github.com/privilegedescalation
|
||||
|
||||
**CMO Note**: Opens with a relatable pain point (Ceph deployment without visibility), then delivers the specific solution (dashboards instead of CLI). No "exciting to announce" language. The problem-first framing resonates with people already running Ceph.
|
||||
|
||||
---
|
||||
|
||||
### Post 2: Sealed Secrets Problem
|
||||
|
||||
**Platform**: Bluesky
|
||||
|
||||
**Post**:
|
||||
Your team has a pattern:
|
||||
|
||||
1. Someone generates a secret
|
||||
2. They echo it in Slack "here's the password"
|
||||
3. It's in the channel history forever
|
||||
4. Someone rotates it, forgets to tell the database
|
||||
5. 2am incident
|
||||
|
||||
We built headlamp-sealed-secrets-plugin so the secret never leaves the browser and stays encrypted in your cluster. The plaintext never transits anywhere someone can screenshot it.
|
||||
|
||||
**CMO Note**: Captures the actual workflow failure that sealed-secrets solves. The numbering of the failure pattern is specific and darkly funny. Bluesky audience appreciates the "this is how we actually mess up" honesty.
|
||||
|
||||
---
|
||||
|
||||
### Post 3: Polaris Problem
|
||||
|
||||
**Platform**: Mastodon
|
||||
|
||||
**Post**:
|
||||
Kubernetes best practices are things you know about the week after you've already deployed your application with none of them.
|
||||
|
||||
Polaris audits your workloads against security and reliability policies. It shows you what you're doing wrong before it becomes a 3am outage.
|
||||
|
||||
We built the headlamp-polaris-plugin so you can actually see the audit results in your dashboard instead of waiting for the automated security scan email you never read.
|
||||
|
||||
**CMO Note**: Self-aware about human nature (learning best practices after deployment fails). Polaris is the solution. Mastodon audience gets the candor. Not preachy, just practical.
|
||||
|
||||
---
|
||||
|
||||
### Post 4: Intel GPU Problem
|
||||
|
||||
**Platform**: Twitter/X
|
||||
|
||||
**Post**:
|
||||
You provisioned Intel GPUs in your K8s cluster for ML workloads. Cool.
|
||||
|
||||
Now: which node has available GPU? How hot are they running? Is the scheduler actually placing workloads on GPU nodes or just on CPU? Is anything actually using them?
|
||||
|
||||
We built headlamp-intel-gpu-plugin to answer those questions from a dashboard instead of kernel logs.
|
||||
|
||||
github.com/privilegedescalation
|
||||
|
||||
**CMO Note**: Chains questions that GPU cluster operators actually have. Each question hints at a real visibility gap. The solution (dashboard instead of logs) is matter-of-fact. Specific pain point without corporate language.
|
||||
|
||||
---
|
||||
|
||||
### Post 5: TrueNAS CSI Problem
|
||||
|
||||
**Platform**: Bluesky
|
||||
|
||||
**Post**:
|
||||
Your storage driver is configured. Your benchmark says it can do 10k IOPS.
|
||||
|
||||
But what's actually happening in production? You're scheduling workloads, moving data around, and your I/O profile looks nothing like the benchmark.
|
||||
|
||||
We built headlamp-tns-csi-plugin so you can see kbench storage metrics live in your cluster dashboard. No "apply a manifest and wait for email," just see what your storage is actually doing.
|
||||
|
||||
**CMO Note**: Contrasts lab conditions (benchmark) with production reality (actual I/O profile). Storage visibility without waiting. Appeal to operators frustrated with "set it and hope" storage management.
|
||||
|
||||
---
|
||||
|
||||
### Post 6: kube-vip Problem
|
||||
|
||||
**Platform**: Twitter/X
|
||||
|
||||
**Post**:
|
||||
You've got a load balancer. You've got virtual IPs floating around your cluster. And someone's asking "which service is that IP mapped to?"
|
||||
|
||||
Now what? Grep the config? Check the VirtualIP manifest? It's 2025 and you're hunting through YAML.
|
||||
|
||||
We built headlamp-kube-vip-plugin so virtual IPs and load balancer status show up in your dashboard where you can actually see them.
|
||||
|
||||
github.com/privilegedescalation
|
||||
|
||||
**CMO Note**: Specific frustration: answering "which service" requires config hunting. The solution is dashboard visibility. Dry tone emphasizing the absurdity of 2025-era manual lookups.
|
||||
|
||||
---
|
||||
|
||||
## 2. Risky but Worth Discussing
|
||||
|
||||
### Post 7: Meta Comment (Optional)
|
||||
|
||||
**Platform**: Twitter/X
|
||||
|
||||
**Post**:
|
||||
Six Kubernetes plugins, and the common thread isn't "advanced observability" or "enterprise features."
|
||||
|
||||
It's: we had a problem. The CLI wasn't good enough. The logs were hard to parse. So we built a dashboard for it.
|
||||
|
||||
Sometimes the answer to "why do we exist" is "we got frustrated with grep."
|
||||
|
||||
**CMO Note**: Self-aware meta-commentary on why all six plugins exist. The "we got frustrated with grep" line is the voice we're known for. Could feel slightly salty to some, but earns credibility with operators who've been there. Optional amplification of the whole batch theme.
|
||||
|
||||
---
|
||||
|
||||
## 3. Backlog (Evergreen)
|
||||
|
||||
None for this batch — these posts work best as a thematic set posted over 3-5 days while driving toward KubeCon, then are less relevant after.
|
||||
|
||||
---
|
||||
|
||||
## Notes
|
||||
|
||||
- Suggested posting schedule: 1 post per day starting tomorrow (March 11), finishing by March 15, giving time for engagement before KubeCon campaign drops March 21
|
||||
- Each post stands alone but builds narrative collectively
|
||||
- Educational angle differentiates from release announcements and provides value even for non-adopters
|
||||
- Heavy on problem framing, light on pitch — fits the voice and builds trust
|
||||
Reference in New Issue
Block a user