Skip to content



The Punch Console (PConsole) package provides you with the operational commands to manage your applications and platforms. It is designed to interact with with punch running on kubernetes (> 7.x) or on standard VMs (> 6.3).

This chapter only describes the Kubernetes usage.

The PConsole is a punch downloadable package. It comes in two flavors: macos and linux distributions. The PConsole provides resources, shells, libraries and binaries to:

  1. manage punch applications on a remote Kubernetes punch.
  2. develop your own java or python nodes.

In contrast to the standalone, it does not provide any of the third-party COTS. I.e it can only act as a client tool to submit punch application for execution.

Installation Requirements

The requirements to install the PConsole itself are similar to that of the punch standalone:

The following python3 packages are also required:

  • jinja2
  • pyyaml
  • hjson


Simply unzip the PConsole package; i.e.

unzip punch-console-7.0.0-darwin

Enable remote access to Kubernetes cluster

The Punch Console must be able to contact the remote Kubernetes cluster. To achieve this point, please run :

scp user@kube_master:/home/your_local_user/.kube/config $HOME/.kube/config
export KUBECONFIG=$HOME/.kube/config

Then, if your Kubernetes cluster is already deployed, you interact with it using for example :

punch-operator:$ kubectl get nodes
kastmaster     Ready    master   44h   v1.19.7
kastworker-1   Ready    <none>   44h   v1.19.7
kastworker-2   Ready    <none>   44h   v1.19.7
kastworker-3   Ready    <none>   44h   v1.19.7

Platform configuration

Here is the default platform.json which must be update before running :

  "kubernetes": {
    "config": "$HOME/.kube/config"
  "resources_manager": {
    "elasticsearch": {
      "host": "elasticsearch.doc-store:9200"
    "minio": {
      "host": "http://s3.object-store:9000",
      "access_key": "minio",
      "secret_key": "K@st2020*"


  1. Fill the required target punch configuration in the platform.json file.
  2. Run ./ This will unpack binaries and generate two punch configuration files and resolv.yml.
  3. Review the kubernetes settings as explained below.
  4. Run source to set the console environment.

You then have the usual punch punchlinectl and channelctl command line tools ready to use.

Kubernetes Settings


The is a global settings file used by punch tools to communicate with target components (kube, minio, elastic etc..). Its content depends on your use case. For example you may or may not have an exposed Minio S3 service.

However the kubernetes section is (of course) mandatory for you PConsole to interact with your kubernetes cluster.

The default kubernetes section in the is the following :

"kubernetes": {
    "clusters": {
      "kastcluster": {
        "config_path": "$HOME/.kube/config",
        "tenants": {
          "kast": {
            "spark_service_account": "spark-sa",
            "spark_role": "spark-role",
            "sparkline_container": "",
            "init_container": "",
            "stormline_container": "",
            "image_pull_policy": "Always",
            "image_pull_secret": "mysecret"


You must provide a dedicated section for each of your target punch tenant.

Make sure to review these settings before using the PConsole. The parameters are the following:

  • clusters.<clusterId> : String

    The clusterId is a string composed of alphanumeric characters and [-]. It is used by the punch command-line tools and configuration files to refer to the corresponding cluster.

    There can be one or several kubernetes.clusters.[clusterId] sections, depending on your platform(s) setup. Multiple clusters are typically used to define several zones with different security levels and data flows restrictions.

    The clusterIds must be unique in the scope of a punch.

    The cluster name must be the same as the one in the Kubernetes configuration file (i.e config_path file)

  • clusters.<clusterId>.config_path : String

    Kubernetes configuration file which permits you to communicate with the remote Kubernetes cluster

  • clusters.<clusterId>.tenants.<tenantId>.spark_service_account : String

    Service account id used to launch sparklines for this specific tenant.

  • clusters.<clusterId>.tenants.<tenantId>.spark_role : String

    Role binding id used to launch sparklines for this specific tenant.

  • clusters.<clusterId>.tenants.<tenantId>.sparkline_container : String

    Sparkline image used to launch sparklines for this specific tenant.

  • clusters.<clusterId>.tenants.<tenantId>.stormline_container : String

    Stormline image used to launch stormlines for this specific tenant.

  • clusters.<clusterId>.tenants.<tenantId>.init_container : String

    Init container image used to donwload resources for this specific tenant.

  • clusters.<clusterId>.tenants.<tenantId>.image_pull_policy : String

    Image pull policy to apply for all punch images of this specific tenant.

  • clusters.<clusterId>.tenants.<tenantId>.image_pull_secret : String

    Image pull secret id to apply for all punch images of this specific tenant.