Access Using Lens

Lens is a popular desktop Kubernetes IDE that provides a graphical interface for managing Kubernetes clusters. This method is optional, but recommended if you prefer a visual interface instead of using command-line tools.

KubeRaya clusters are fully compatible with Lens because they use standard Kubernetes kubeconfig authentication.

No special integration or plugin is required.

This guide explains how to connect a KubeRaya cluster to Lens, what Lens does (and does not) replace, and best practices for using it safely.

What Lens Is (and Is Not)

What Lens Is

• A local desktop application
• A visual interface on top of kubectl
• Uses your existing kubeconfig
• Respects Kubernetes RBAC permissions
• Works with any CNCF-compliant Kubernetes cluster

What Lens Is Not

• Not a managed service
• Not hosted by CloudRaya
• Not a replacement for Kubernetes APIs
• Not a security boundary by itself

Lens does not bypass Kubernetes security.

Everything you see in Lens depends on your kubeconfig permissions.

Prerequisites

Before connecting your cluster to Lens, ensure:

• A running KubeRaya cluster
• kubeconfig file downloaded from CloudRaya
• Lens installed on your local machine
• Network access to the cluster API endpoint

📄 See: Access Cluster Using kubeconfig

Step 1: Download kubeconfig from KubeRaya

You can download the kubeconfig file in either of these ways:

Option A — From Cluster List

1. Open Dashboard → Compute → KubeRaya
2. Click the three-dot menu on the cluster card
3. Select Download Config File

Option B — From Cluster Detail Page

1. Open the cluster
2. Click View Detail
3. Click Download Config

This file contains:

• Cluster API endpoint
• Certificate authority
• User credentials
• Context configuration

Keep this file secure.

Step 2: Install Lens

Download Lens from the official website:

https://k8slens.dev

Lens is available for:

• Windows
• macOS
• Linux

Install and launch the application.

Step 3: Open Lens and Navigate to Local Kubeconfigs

1. Open Lens Desktop
2. In the left sidebar, open Kubernetes Clusters
3. Select Local Kubeconfigs

This section is used to manage clusters added via kubeconfig files.

Step 4: Add kubeconfig to Lens

Click Add Kubeconfigs and choose one of the following methods:

Option A — Import kubeconfig from filesystem

1. Click Add kubeconfig
2. Select Add kubeconfig from filesystem
3. Choose the kubeconfig file downloaded from CloudRaya

Option B — Paste kubeconfig manually

1. Click Add kubeconfig
2. Select Add kubeconfig by pasting
3. Paste the full contents of the kubeconfig file
4. Click Add Clusters

Lens will automatically parse and validate the configuration.

Step 5: Verify Cluster Connection

Once added:

• The cluster will appear under Local Kubeconfigs
• The cluster status should change to Connected
• You can now access:
  • Nodes
  • Namespaces
  • Workloads
  • Services
  • Logs and metrics

No additional authentication steps are required.

Where Lens Stores kubeconfig Files

Lens stores imported kubeconfig files in its internal configuration directory.

You do not need to manually place the file in ~/.kube/config, although Lens supports it if you already use kubectl locally.

Important Note About Lens UI & Documentation

Lens is a third-party application, and its user interface may change over time.

For the most up-to-date steps, always refer to the official Lens documentation:

📄 Official Lens Docs – Adding Kubernetes Clusters

https://docs.k8slens.dev/k8slens/getting-started/add-clusters/add-local-cluster/

The KubeRaya workflow remains consistent:

Download kubeconfig → Add to Local Kubeconfigs → Connect

When to Use Lens vs kubectl

Lens complements kubectl but does not replace it.

Understanding Permissions in Lens

Lens does not grant additional access.

What you can do depends on:

• The user defined in kubeconfig
• Kubernetes RBAC roles and bindings

Examples:

• Read-only kubeconfig → view-only access
• Admin kubeconfig → full cluster control

If Lens shows permission errors, the issue is RBAC, not Lens.

Recommended Use Cases for Lens

Lens is well-suited for:

• Visual inspection of cluster state
• Debugging workloads
• Viewing logs and events
• Exploring Kubernetes objects
• Learning Kubernetes behavior

Lens is not recommended as the primary tool for:

• Production deployments
• CI/CD pipelines
• Infrastructure automation

For production, prefer:

• kubectl
• GitOps workflows
• Declarative manifests

Security Best Practices

• Treat kubeconfig files as sensitive credentials
• Do not share kubeconfig files
• Use separate kubeconfigs for:
  • Development
  • Staging
  • Production
• Remove unused contexts
• Revoke access by rotating credentials when needed

Lens is only as secure as the kubeconfig it uses.

Common Issues & Troubleshooting

Cluster Shows as Offline

• Verify network access to the cluster API
• Ensure VPN is connected if required
• Confirm the cluster status is Running

Authentication Errors

• Check kubeconfig validity
• Ensure certificates are not expired
• Confirm correct context is selected

Limited Visibility

• Check RBAC permissions
• Verify namespace access

How Lens Fits into CloudRaya Kubernetes

CloudRaya provides:

• Managed Kubernetes infrastructure
• Secure cluster API access
• kubeconfig-based authentication

Lens provides:

• Local visualization
• Developer convenience
• UI on top of standard Kubernetes APIs

They work together without coupling or lock-in.

Summary

• Lens is a third-party Kubernetes IDE
• CloudRaya clusters work with Lens out of the box
• Connection uses standard kubeconfig
• Security is enforced by Kubernetes RBAC
• Lens improves visibility, not authority

Related Guides

📄 Access Cluster Using kubeconfig

📄 Access Cluster via Kubernetes Dashboard

📄 Manage KubeRaya Cluster

📄 Kubernetes Security Basics

📄 Kubernetes Best Practices