Skip to main content

Documentation Index

Fetch the complete documentation index at: https://radarhq.io/docs/llms.txt

Use this file to discover all available pages before exploring further.

Radar can drop you into a pod, attach a debug container, forward a port to your laptop, or open a local terminal. Each is gated by RBAC and can be disabled per-install.

Pod terminal

Click Exec on any pod (or a container row). Radar opens a WebSocket-backed terminal in the side panel.
  • Default shell cascade: bash -ilashsh. Override with --pod-shell-default 'bash -l'.
  • Multiple terminals can be open simultaneously; they’re persisted in the URL so you can share or reload.
  • Closing the panel terminates the exec session immediately.
RBAC: needs pods/exec on the namespace. Disabled by default in the chart - opt in with rbac.podExec: true. Per-user installs (proxy / OIDC auth) inherit each user’s exec permissions. Disable cluster-wide with --disable-exec.

Debug containers

For pods running minimal images (distroless, scratch), Radar can inject an ephemeral debug container with a full shell. Click Debug instead of Exec on the pod. The debug container shares the target pod’s PID and network namespace by default - so ps, netstat, and friends see what the target sees. RBAC: needs pods/ephemeralcontainers patch. Same on-by-default behavior as podExec.

Port forwarding

Forward any pod or service port to your local machine. Click the port number in the resource row → Forward.
  • The list of active forwards is in the bottom-right tray. Click any one to copy the local URL.
  • SSE-pushed status keeps the tray live across pages.
  • Forwards survive page navigation but stop when you close Radar.
RBAC: needs pods/portforward on the namespace. Disabled by default in the chart - opt in with rbac.portForward: true. API: 
GET    /api/portforwards                                        # list
POST   /api/portforwards                                        # create
DELETE /api/portforwards/{id}                                   # stop
GET    /api/portforwards/available/{type}/{namespace}/{name}    # which ports a target exposes

Local terminal

Radar can open a terminal on the machine running Radar (your laptop for local installs, or the Radar pod for in-cluster installs). Useful for ad-hoc kubectl / helm commands without leaving the UI.
  • Local installs: full shell access on your laptop. Honors your $SHELL and login config.
  • In-cluster installs: access to the Radar pod’s shell. Combined with the pod’s ServiceAccount permissions, that’s effectively a kubectl session.
Disable with --disable-local-terminal. For in-cluster shared deployments where you don’t want operators having a shell on the Radar pod, set this and rbac.podExec: false.

Restricted-permission preview

If you want to preview what a restricted operator would see, run with --disable-helm-write / --disable-exec / --disable-local-terminal to mask those features in the UI without changing your real RBAC.

See also