Skip to main content

KIOPS User Guide

Welcome to the KIOPS Guide! This guide will help you understand and utilize all the features of the KIOPS platform with ease.

What is KIOPS?

KIOPS stands for K8s Integrated Workflow Intelligence, an integrated DevSecOps platform that lets you manage servers, deploy containers, and analyze security—all in one place.

Who Needs KIOPS?

  • Operations teams who want to centrally manage multiple servers and Kubernetes clusters.
  • Development teams who want CI/CD pipelines and security scanning without separate tools
  • DevOps engineers who want to see builds, deployments, and vulnerabilities at a glance
  • Administrators who want to intuitively operate servers even with minimal infrastructure experience.

What Can You Do with KIOPS?

  • Register Servers: Register servers with SSH connection info and manage them remotely.

  • Connect Runtimes: Connect Kubernetes, Docker, or Podman environments to KIOPS.

  • Build Services: Automatically build container images from GitLab repositories.

  • Deploy Services: One-click deployment to K8s or Docker environments.

  • Security Scanning: Automatically detect vulnerabilities with SAST, SCA, and DAST.

  • Backup/Recovery: Safely backup and restore etcd and Docker data.

Quick Start

First Time Here?

If you're new to KIOPS, follow these steps in order. Each step takes about 5-10 minutes to complete.

Step 1: Register a Server

First, register the server where you'll deploy services.

  1. Go to the Device Management page
  2. Click AddAdd Device
  3. Enter the server's IP address and SSH port
  4. Test the connection and save.
Before You Start

Prepare the following information:

  • Server IP address and SSH port (default: 22)
  • SSH credentials (username/password or key)

Step 2: Connect Runtime Environment

Connect a Kubernetes cluster or Docker to your registered server.

  1. Go to the Runtime Environments page
  2. Click the Add Runtime button.
  3. Select the runtime type (Kubernetes/Docker/Podman)
  4. Enter the connection information and save.
For Kubernetes Users

You'll need a kubeconfig file. Check the ~/.kube/config file on your master node.

Step 3: Register and Deploy a Service

Connect a GitLab repository to register a service and build/deploy it.

  1. Go to the Service Management page
  2. Click the Add Service button.
  3. Enter the GitLab repository URL and token
  4. Configure build settings and run the deployment.
Don't Have a GitLab Token?

Go to GitLab → Settings → Access Tokens to create a Personal Access Token. You'll need read_api and read_repository permissions.

Page Guides

Detailed guides for all features on each page. Click a page to view detailed usage instructions.

Main Features

  • Dashboard: Monitor overall service status. Key features include status check, DORA metrics, and quick actions.

  • Device Management: Manage servers and infrastructure. Key features include SSH connection, multi-hop, and VPN integration.

  • Runtime Environments: Manage K8s/Docker/Podman. Key features include cluster connection and resource monitoring.

  • Service Management: Git-based service build/deploy. Key features include build, deploy, security scan, and rollback.

Operations Management

  • Backup Management: Backup and restore infrastructure data. Key features include etcd backup, Docker backup, and restoration.

  • Database: Manage external DB connections. Key features include connection info, sync, and restoration.

  • Audit Log: View system activity records. Key features include filtering, search, and export.

Admin Features

  • User Management: Manage organization users. Key features include signup approval, assign roles, and deactivate.

  • Permission Management: Configure user permissions. Key features include grant/revoke permissions and risk display.

  • Profile: Manage personal information. Key features include edit info and change password.

Scenario Guides

Step-by-step guides that walk you through specific tasks from start to finish.

System Setup

Service Build/Deploy

Security Analysis

Operations Management

KIOPS Core Features

Service Build/Deploy

KIOPS provides a complete pipeline for fetching source code from GitLab repositories, building container images, and deploying them.

  • Git Integration: Connect GitLab/GitHub repositories using a Personal Access Token. You can build by branch or tag.
  • BuildKit Build: Safely and quickly build images based on Dockerfiles. If you don't have a Dockerfile, Build Wizard helps with auto-generation.
  • K8s/Docker Deploy: Deploy built images as Kubernetes Pods or Docker containers.
  • Rollback: Quickly revert to a previous version when issues occur.

Security Analysis (DevSecOps)

Perform security checks throughout the development pipeline to catch vulnerabilities early.

  • SAST: Static source code analysis to detect SQL injection, XSS, etc. Uses Semgrep (basic) and OpenGrep (advanced).

  • SCA: Check known vulnerabilities (CVEs) in open-source libraries. Uses Trivy (basic) + Dependency-Check (advanced).

  • SBOM: Generate a software component and license list. Generated with Syft + ScanCode and downloadable as CycloneDX 1.5 (JSON).

  • DAST: Attack simulation on running apps. Uses ZAP + Nuclei.

Infrastructure Management

Unified management for various container runtimes.

  • Kubernetes: Cluster connection, node status, namespaces, resource monitoring. Also supports metrics server installation, node placement control (Taint/Toleration/NodeAffinity), and runtime ConfigMap/Secret management.
  • Docker/Podman: Container list, log viewing, image management. Podman runs in rootless mode for enhanced security.

Backup/Recovery

Backup critical infrastructure data and restore when needed.

  • etcd Backup: Backup Kubernetes cluster state as snapshots. Essential for cluster disaster recovery.
  • Docker Backup: Backup containers, volumes, and images.
  • External Storage: Safely store backup files in object storage (SeaweedFS, AWS S3, etc.).

Permission System

KIOPS manages user permissions through Role-Based Access Control (RBAC).

Role Types

Each user has one system role in KIOPS.

  • PlatformAdmin: Platform administrator with access to all organizations and system settings.

  • Manager: Organization administrator with access to signup approval, permission management, and most features.

  • Member: Regular user with access only to features within granted permissions.

Permission Categories

Permissions are classified by target resource.

  • infra: Kubernetes, Docker, Podman runtime related.
  • device: Servers, VMs, and infrastructure devices.
  • service: Service build, deploy related (including operate modal K8s/Docker/Podman actions).
  • security: Security Analysis (SAST/SCA/DAST/SBOM/IaC/secret/gate) related. This category was added when Security Analysis was split into the standalone [Security Analysis] page, and existing service permission holders still see the Security Analysis menu via fallback.
  • backup: Backup creation, recovery, deletion related.
  • database: Database connection, synchronization related.
  • vpn: VPN profile management related.
  • audit: Audit log viewing, export related.

Permission Risk Levels

Each permission displays a risk level based on its system impact.

  • Critical: Major system impact. Examples include delete, restore, and terminal access.

  • High: Data impact. Examples include configuration changes and deployment.

  • Medium: General management tasks. Examples include create and modify operations.

  • Low: View-only access. Examples include list viewing and status checks.

Need Help?

  • FAQ - Frequently asked questions and answers.
  • Page Guides - Detailed guides for each page in the left sidebar
  • Scenario Guides - Step-by-step walkthroughs for specific tasks.

For additional inquiries, please contact your organization administrator.