-->

DEVOPSZONES

DEVOPSZONES

    • Recent blogs

    How to Install Kubenetes Dashboard

    Wednesday, March 04, 2020 0

    How to Install Kubenetes  Dashboard 

    How to Install Kubenetes Dashboard

    Dashboard is a web-based Kubernetes user interface. You can use Dashboard to deploy containerized applications to a Kubernetes cluster, troubleshoot your containerized application, and manage the cluster resources. You can use Dashboard to get an overview of applications running on your cluster, as well as for creating or modifying individual Kubernetes resources (such as Deployments, Jobs, DaemonSets, etc). For example, you can scale a Deployment, initiate a rolling update, restart a pod or deploy new applications using a deploy wizard.

     Dashboard also provides information on the state of Kubernetes resources in your cluster and on any errors that may have occurred.

    Kubernetes Dashboard with kops


     We'll add dashboard add-on for kops. We'll be using the official yaml configuration which already works with basic user-authentication.

     1. First run the yaml configuration of kops dashboard add-on:

     kubectl create -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/kubernetes-dashboard/v1.8.3.yaml 
    root:/manasmonitoring$ kubectl create -f https://raw.githubusercontent.com/kubernetes/kops/master/addons/kubernetes-dashboard/v1.8.3.yaml
    secret/kubernetes-dashboard-certs created
    serviceaccount/kubernetes-dashboard created
    role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
    rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
    deployment.apps/kubernetes-dashboard created
    service/kubernetes-dashboard created

     2. Go to URL that got created:To get the URL:

     kubectl cluster-info | grep master
    root:/manasmonitoring$ kubectl cluster-info | grep master
    Kubernetes master is running at https://kubernetes.example.com
    root:/manasmonitoring$

     3. We will create a service account with access to default namespace and do a clusterrolebinding. 

     #To create a service account with access to default namespace
    kubectl create serviceaccount dashboard -n default
      
      
    #To create a cluster role bind. Connecting service account and cluster level access
    kubectl create clusterrolebinding dashboard-admin -n default \
    --clusterrole=cluster-admin \
    --serviceaccount=default:dashboard

     4. To get the login token that you will be asked on the URL:
    kubectl get secret $(kubectl get serviceaccount dashboard -o jsonpath="{.secrets[0].name}") -o jsonpath="{.data.token}" | base64 --decode 

     5. Default login credentials you can get by using following kops command in terminal:
    Username: admin
    Password: (using command)kops get secrets kube --type secret -oplaintext 

     Kubernetes Dashboard URL Will be
    https://kubernetes.example.com/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/overview?namespace=default

    The Kubeadm Way:

    Deploying the Dashboard UI

    The Dashboard UI is not deployed by default. To deploy it, run the following command:
    kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml

    Accessing the Dashboard UI

    To protect your cluster data, Dashboard deploys with a minimal RBAC configuration by default. Currently, Dashboard only supports logging in with a Bearer Token. To create a token follow this procedure:

    Create Service Account

    We are creating Service Account with name admin-user in namespace kubernetes-dashboard first.

     apiVersion: v1
    kind: ServiceAccount
    metadata:
      name: admin-user
      namespace: kubernetes-dashboard
      

    Create ClusterRoleBinding


     In most cases after provisioning our cluster using kops or kubeadm or any other popular tool, the ClusterRole cluster-admin already exists in the cluster. We can use it and create only ClusterRoleBinding for our ServiceAccount.

    apiVersion: rbac.authorization.k8s.io/v1
    kind: ClusterRoleBinding
    metadata:
      name: admin-user
    roleRef:
      apiGroup: rbac.authorization.k8s.io
      kind: ClusterRole
      name: cluster-admin
    subjects:
    - kind: ServiceAccount
      name: admin-user
      namespace: kubernetes-dashboard
      
      

    Bearer Token

    Now we need to find token we can use to log in. Execute following command:

     kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')

     Now copy the token and paste it into Enter token field on login screen.


    Click Sign in button and that's it. You are now logged in as an admin.



    How to access Dashboard:


     You can access Dashboard using the kubectl command-line tool by running the following command:

     kubectl proxy

     Kubectl will make Dashboard available at 
    http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
    Tags:
    Author Image

    About Manas Ranjan Tripathy

    No comments

    Subscribe to: Post Comments ( Atom )