In this article, I am going to install Kubernetes Dashboard which is a general purpose, web-based UI for Kubernetes clusters. It allows users to manage applications running in the cluster and troubleshoot them, as well as manage the cluster itself.
Create the namespace and apply the recommended manifest. This installs Dashboard, metrics-scraper, service accounts, and RBAC roles.
kubectl create namespace kubernetes-dashboard
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml
Create self signed certificate and Kubernetes Secret
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout "C:\Program Files\OpenSSL-Win64\bin\mycerts\dashboard.key" -out "C:\Program Files\OpenSSL-Win64\bin\mycerts\dashboard.crt" -subj "/CN=dashboard.k8s.local/O=dashboard"
kubectl create secret tls dashboard-tls --cert="C:\Program Files\OpenSSL-Win64\bin\mycerts\dashboard.crt" --key="C:\Program Files\OpenSSL-Win64\bin\mycerts\dashboard.key" -n kubernetes-dashboard
Create an Ingress Resource. Save "dashboard-ingress.yaml" file somewhere on the management computer. Then Apply it.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: kubernetes-dashboard
namespace: kubernetes-dashboard
annotations:
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
nginx.ingress.kubernetes.io/secure-backends: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- dashboard.k8s.local
secretName: dashboard-tls
rules:
- host: dashboard.k8s.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: kubernetes-dashboard
port:
number: 443
kubectl apply -f dashboard-ingress.yaml
If you have DNS server create a DNS record for http://dashboard.k8s.local/ that points to HAProxy's VIP. If you don't simply modify your host file on the client computer.
We will create an admin user for the dashboard. So, create a file named "dashboard-admin.yaml" and then apply it.
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard
kubectl apply -f dashboard-admin.yaml
Get the Login Token. Copy the token and use it to log in to the dashboard. We will need that token everytime we need to login until we create persitent authentication using another method. You can always generate another token with the command below.
kubectl -n kubernetes-dashboard create token admin-user
Access the Dashboard via your Browser (https://dashboard.k8s.local)
