Exec Terminal - Secure Runtime Access, No SSH Required
Quave Cloud provides secure terminal access directly to your running workloads. You can open a browser-based terminal session into any running container to debug issues, inspect files, run one-off commands, or check application state -- all without leaving the dashboard.
This works just like you would SSH into a server, but it is fully Kubernetes-native. There is no SSH server, no exposed ports, and no extra configuration. Access is handled through Kubernetes itself, following your existing permissions and RBAC policies.
What this means for you:
- Debug applications in real time
- Run one-off commands inside containers
- Inspect logs and runtime state instantly
- No need to manage SSH keys or bastion hosts
Everything is secure, auditable, and aligned with Kubernetes best practices.
Prerequisites
- Your account must have the Exec Terminal feature enabled. Contact your account administrator or our support team to enable it.
- The Exec Terminal is available for application containers only. It is not available for database environments.
How to Use
- Navigate to your app environment and go to the Containers view
- Find the running container you want to connect to
- Click the actions dropdown on that container and select Terminal
- A modal opens where you can enter a command and optional arguments
- Click Connect to start the terminal session
Command and Arguments
By default, the terminal opens a shell session. You can optionally specify a command and arguments to run instead.
Arguments support shell-like quoting:
- Spaces separate arguments
- Single quotes preserve literal strings:
'hello world'is one argument - Double quotes also preserve strings:
"hello world"is one argument
When you provide arguments, the command runs and the session closes automatically when the command completes. Without arguments, the shell stays open for interactive use.
Session Behavior
Idle Timeout
Sessions have a 15-minute idle timeout. A countdown timer is displayed in the terminal UI. The timer resets every time you type or interact with the terminal. If the session is idle for the full timeout period, it closes automatically.
Session Isolation
Each terminal session is tied to the user who created it. You can only see and interact with your own sessions. All terminal input and output is encrypted at rest.
Closing a Session
You can close a session in three ways:
- Close the modal -- the session terminates immediately
- Wait for idle timeout -- the session closes after 15 minutes of inactivity
- Command completes -- if you provided arguments, the session closes when the command finishes
Security
The Exec Terminal does not use SSH. Instead, it connects to your containers through the Kubernetes API, the same mechanism used by kubectl exec. This means:
- No SSH server running inside your containers
- No additional ports exposed on your workloads
- No SSH keys to manage or rotate
- Access is governed by your existing Kubernetes RBAC policies
- All sessions are permission-controlled and production-safe
Programmatic Access
The Exec Terminal is currently available through the Quave Cloud UI only. API and MCP tool support is not yet available.