Kubernetes Integration

Connect Calmo to your Kubernetes clusters to enable comprehensive container orchestration, monitoring, and troubleshooting through AI assistance. This integration provides access to 15+ specialized tools across 5 categories for complete cluster management.

Overview & Value Proposition

The Kubernetes integration transforms how your team manages containerized applications by providing:

Cluster-Wide Visibility - Monitor pods, services, deployments, and resources across namespaces
Intelligent Troubleshooting - AI-powered analysis of pod failures, resource constraints, and configuration issues
Safe Operations - Read-only tools enabled by default with granular control over write operations
Multi-Cloud Support - Works with GKE, EKS, AKS, and self-managed clusters
Context-Aware Management - Switch between clusters and namespaces seamlessly

Key Capabilities

When connected, Calmo gains access to 15+ Kubernetes tools across 5 categories:

Category	Tools	Capability
Resource Management	5 tools	Get, list, describe, apply, and create Kubernetes resources
Operations	4 tools	View logs, scale deployments, patch resources, manage rollouts
Cluster Management	3 tools	Switch contexts, list API resources, explain resource types
Advanced Operations	3 tools	Port forwarding, resource deletion, generic kubectl commands
Helm Operations	3 tools	Install, upgrade, and uninstall Helm charts

Prerequisites

Kubernetes cluster access (GKE, EKS, AKS, or self-managed)
Valid kubeconfig file with appropriate permissions
For cloud providers: Service account keys (optional but recommended)
Calmo account with team or personal workspace

Setup Methods

Method 1: Kubeconfig Upload (Recommended)

Step 1: Prepare Your Kubeconfig

Locate your kubeconfig file (typically ~/.kube/config)
Ensure it contains valid cluster credentials and contexts
Verify access by running: kubectl cluster-info

Step 2: Connect to Calmo

Navigate to Integrations in your Calmo dashboard
Click Kubernetes integration
Choose Upload Kubeconfig File
Select your kubeconfig file or paste the contents
Select your desired context from available options
Choose target namespace (default: default)

Step 3: Configure Tool Access

Review and customize tool categories based on your needs:

✅ Resource Management - Read operations (get, list, describe) enabled by default
❌ Write Operations - Apply, create, delete disabled by default for safety
✅ Cluster Management - Context switching and resource discovery enabled
❌ Advanced Operations - Port forwarding and generic commands disabled by default

Method 2: Cloud Provider Service Account (Enhanced Security)

For enhanced security with cloud providers, you can supplement kubeconfig with service account keys:

Google Kubernetes Engine (GKE)

Create a service account in Google Cloud Console
Assign appropriate Kubernetes permissions
Download the service account key (JSON)
Upload both kubeconfig and service account key to Calmo

Amazon Elastic Kubernetes Service (EKS)

Configure AWS IAM role with EKS permissions
Update kubeconfig with AWS authentication
Provide AWS credentials through service account key

Azure Kubernetes Service (AKS)

Create Azure service principal
Assign Kubernetes permissions
Configure kubeconfig with Azure authentication

Tool Categories & Configuration

🔍 Resource Management (Read-Safe)

Default: Enabled - Essential for cluster visibility

kubectl_get - Retrieve specific Kubernetes resources
kubectl_list - List resources by type across namespaces
kubectl_describe - Get detailed resource information
kubectl_apply - Apply configuration changes (⚠️ Write operation)
kubectl_create - Create new resources (⚠️ Write operation)

Use Cases: Resource discovery, status checking, configuration analysis

⚙️ Operations (Mixed Safety)

Default: Logs only - Operational tasks with varying risk levels

kubectl_logs - View container logs (✅ Read-only)
kubectl_scale - Scale deployments (⚠️ Write operation)
kubectl_patch - Patch resource configurations (⚠️ Write operation)
kubectl_rollout - Manage deployment rollouts (⚠️ Write operation)

Use Cases: Debugging applications, scaling services, deployment management

🗂️ Cluster Management (Read-Safe)

Default: Enabled - Essential cluster navigation

kubectl_context - Switch between cluster contexts
list_api_resources - Discover available Kubernetes APIs
explain_resource - Get resource documentation and schemas

Use Cases: Multi-cluster management, API discovery, resource understanding

🔧 Advanced Operations (High Risk)

Default: Disabled - Powerful but potentially dangerous operations

port_forward - Forward local ports to pods (⚠️ Network access)
kubectl_delete - Delete Kubernetes resources (⚠️ Destructive)
kubectl_generic - Execute arbitrary kubectl commands (⚠️ Unrestricted)

Use Cases: Advanced debugging, direct cluster access, emergency operations

📦 Helm Operations (Package Management)

Default: Disabled - Helm chart lifecycle management

install_helm_chart - Install Helm charts (⚠️ Write operation)
upgrade_helm_chart - Upgrade existing releases (⚠️ Write operation)
uninstall_helm_chart - Remove Helm releases (⚠️ Destructive)

Use Cases: Application deployment, package management, release lifecycle

Team vs Personal Configuration

Team/Organization Setup

Shared cluster access across team members
Centralized tool configuration and policies
Organization-level context and namespace defaults
Team administrators can manage tool permissions

Personal Setup

Individual cluster connections
Personal tool preferences and configurations
Private contexts and namespace selections
Full control over enabled capabilities

Security & Best Practices

⚠️ Safety Recommendations

Start with Read-Only - Enable only read operations initially
Gradual Enablement - Add write operations as trust builds
Namespace Isolation - Restrict to specific namespaces when possible
Regular Auditing - Review enabled tools and permissions periodically
Service Account Keys - Use cloud provider service accounts for enhanced security

🔒 Permission Levels

Risk Level	Operations	Recommendation
Low	Get, List, Describe, Logs	✅ Safe to enable
Medium	Apply, Create, Scale, Patch	⚠️ Enable with caution
High	Delete, Generic commands	❌ Enable only when necessary

Configuration Management

Updating Cluster Configuration

Navigate to Integrations → Kubernetes
Click Edit Configuration
Upload new kubeconfig or service account keys
Modify context and namespace selections
Adjust tool permissions as needed
Save changes

Managing Multiple Clusters

Not yet supported

Troubleshooting

Common Issues

Connection Failed

Verify kubeconfig has valid credentials
Check cluster connectivity: kubectl cluster-info
Ensure proper context is selected

Permission Denied

Verify service account has required Kubernetes permissions
Check RBAC policies in your cluster
Ensure namespace access is properly configured

Tool Execution Errors

Review enabled tool permissions
Check if operations require write access
Verify cluster resources exist and are accessible

Getting Help

Reconnect Integration - Use the reconnect option in integration settings
Update Credentials - Upload fresh kubeconfig or service account keys
Contact Support - Reach out to support@getcalmo.com for assistance

Advanced Features

Multi-Cloud Support

Google GKE - Full integration with Google Cloud service accounts
Amazon EKS - AWS IAM integration for enhanced security
Azure AKS - Azure Active Directory integration
Self-Managed - Support for any standard Kubernetes cluster

Context & Namespace Management

Switch between multiple cluster contexts
Set default namespaces per context
Maintain separate configurations per environment
Support for namespace-scoped operations

The Kubernetes integration provides the most comprehensive container orchestration capabilities in Calmo, enabling your team to manage clusters efficiently through AI-powered assistance while maintaining strict security controls.

For additional help with Kubernetes integration, contact our support team at support@getcalmo.com.

Get Started

Integrations

​Kubernetes Integration

​Overview & Value Proposition

​Key Capabilities

​Prerequisites

​Setup Methods

​Method 1: Kubeconfig Upload (Recommended)

​Method 2: Cloud Provider Service Account (Enhanced Security)

​Google Kubernetes Engine (GKE)

​Amazon Elastic Kubernetes Service (EKS)

​Azure Kubernetes Service (AKS)

​Tool Categories & Configuration

​🔍 Resource Management (Read-Safe)

​⚙️ Operations (Mixed Safety)

​🗂️ Cluster Management (Read-Safe)

​🔧 Advanced Operations (High Risk)

​📦 Helm Operations (Package Management)

​Team vs Personal Configuration

​Team/Organization Setup

​Personal Setup

​Security & Best Practices

​⚠️ Safety Recommendations

​🔒 Permission Levels

​Configuration Management

​Updating Cluster Configuration

​Managing Multiple Clusters

​Troubleshooting

​Common Issues

​Getting Help

​Advanced Features

​Multi-Cloud Support

​Context & Namespace Management