Configure Mission Control’s UI

Mission Control deploys the UI as a web service that you access through Kubernetes Ingress.

You can access the UI using the following methods:

  • Use Ingress for production environments to provide secure, resilient access to the UI.

  • Port-forward the web interface with the kubectl tool for development and testing.

Prerequisites

  • Install a Kubernetes Ingress controller in your cluster, such as NGINX Ingress Controller, Traefik, or your cloud provider’s ingress solution.

  • For production deployments, configure DNS to point to your Ingress controller.

  • Configure TLS certificates for HTTPS access (recommended).

  • Port-forward (Development/Testing)

In production environments, access the UI through a Kubernetes Ingress resource. This provides the following benefits:

  • Centralized access control

  • TLS termination

  • Load balancing across UI pods

  • Integration with your existing ingress infrastructure

    1. Configure an Ingress resource for the Mission Control UI:

      apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: mission-control-ui
  namespace: mission-control
  annotations:
    # Add annotations specific to your Ingress controller
    # Example for NGINX:
    # nginx.ingress.kubernetes.io/ssl-redirect: "true"
    # nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
spec:
  ingressClassName: nginx  # Adjust based on your Ingress controller
  tls:
  - hosts:
    - MISSION_CONTROL_HOSTNAME
    secretName: mission-control-ui-tls
  rules:
  - host: MISSION_CONTROL_HOSTNAME
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: mission-control-ui
            port:
              number: 8080

      Replace MISSION_CONTROL_HOSTNAME with the hostname you want to use. For example, mission-control.example.com.

    2. Apply the Ingress configuration:

      kubectl apply -f mission-control-ingress.yaml

    3. Access the UI in a web browser:

      https://MISSION_CONTROL_HOSTNAME/

When using external authentication providers (such as OIDC), you must configure the ui.baseUrl parameter in your Helm values to match your Ingress hostname. See Install with Helm for configuration details.

For development and testing purposes, you can access the UI locally using Kubernetes port-forwarding.

DataStax does not recommend port-forwarding for production use. It provides access only from your local workstation, and it does not support high availability or load balancing.

  1. Run the kubectl port-forward command to forward traffic on local port 8080 to the UI service:

    kubectl port-forward svc/mission-control-ui -n mission-control 8080:8080

    This opens a local port on your workstation and forwards traffic to the UI service.

  2. Open the Mission Control UI in your web browser:

    https://localhost:8080/

    You might see a certificate warning in your browser because the UI uses a self-signed certificate. This behavior is expected for local development.

  3. Press Ctrl+C to terminate the port-forward command. To access the UI again, rerun the port-forward command.

Next steps

After accessing the web interface:

Was this helpful?

Give Feedback

How can we improve the documentation?

© Copyright IBM Corporation 2026 | Privacy policy | Terms of use Manage Privacy Choices

Apache, Apache Cassandra, Cassandra, Apache Tomcat, Tomcat, Apache Lucene, Apache Solr, Apache Hadoop, Hadoop, Apache Pulsar, Pulsar, Apache Spark, Spark, Apache TinkerPop, TinkerPop, Apache Kafka and Kafka are either registered trademarks or trademarks of the Apache Software Foundation or its subsidiaries in Canada, the United States and/or other countries. Kubernetes is the registered trademark of the Linux Foundation.

General Inquiries: Contact IBM