4 Steps to Install Kubernetes Dashboard

In this article , We are going to cover Install Kubernetes Dashboard, Configure Kubernetes Dashboard and How to access Kubernetes Dashboard Remotely

What is Kubernetes Dashboard ?

Kubernetes  Dashboard is Web/GUI based User Interface of Kubernetes which is used to see overview of resource running on your cluster like Clusters ,Pods, Deployment, Service, CPU and Memory Usage, etc.,

Prerequisite

  • Kubernetes Cluster Access

If you have not setup Kubernetes Cluster , Follow below articles to setup.

9 Steps to Setup Kubernetes on AWS using KOPS

1. Install Kubernetes Dashboard using Kubectl

First login to Master node using putty OR if you are using Kubernetes KOPS then login to Instance from where you installed Kubernetes KOPS

Deploy Kubernetes Dashboard using Kubectl using below command

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml

Here  we are changing ClusterIP to LoadBalancer to access Kubernetes Dashboard using Loadbalancer

You can also access using IP of Kubernetes Cluster,

Note: If you want to access Kubernetes Dashboard using ClusterIP then Don’t Change

Run below command to edit Kubernetes dashboard service

kubectl edit svc kubernetes-dashboard -n kubernetes-dashboard

Output:

# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
kind: Service
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"k8s-app":"kubernetes-dashboard"},"name":"kubernetes-dashboard","namespace":"kubernetes-dashboard"},"spec":{"ports":[{"port":443,"targetPort":8443}],"selector":{"k8s-app":"kubernetes-dashboard"}}}
  creationTimestamp: "2020-07-22T14:40:47Z"
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
  resourceVersion: "2733310"
  selfLink: /api/v1/namespaces/kubernetes-dashboard/services/kubernetes-dashboard
  uid: a93ce918-7328-4df8-820d-382308b3f0f4
spec:
  clusterIP: 100.66.10.251
  ports:
  - port: 443
    protocol: TCP
    targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard
  sessionAffinity: None
  type: ClusterIP
status:
  loadBalancer: {}

Change Cluster IP to LoadBalancer

# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
kind: Service
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"k8s-app":"kubernetes-dashboard"},"name":"kubernetes-dashboard","namespace":"kubernetes-dashboard"},"spec":{"ports":[{"port":443,"targetPort":8443}],"selector":{"k8s-app":"kubernetes-dashboard"}}}
  creationTimestamp: "2020-07-22T14:40:47Z"
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
  resourceVersion: "2733310"
  selfLink: /api/v1/namespaces/kubernetes-dashboard/services/kubernetes-dashboard
  uid: a93ce918-7328-4df8-820d-382308b3f0f4
spec:
  clusterIP: 100.66.10.251
  ports:
  - port: 443
    protocol: TCP
    targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard
  sessionAffinity: None
  type: LoadBalancer
status:
  loadBalancer: {}

2. Configure Kubernetes Dashboard

By default Kubernetes Dashboard has minimum privileges. To Access with Kubernetes dashboard with full permission, create service account, cluster role binding with cluster admin permission.

Create yml file named k8s-dashboard.yml

sudo nano k8s-dashboard.yml

Paste the below lines into it

apiVersion: v1
kind: ServiceAccount
metadata:
  name: dashboard-admin
  namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: cluster-admin-rolebinding
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: dashboard-admin
  namespace: kubernetes-dashboard

Apply the permission to create Kubernetes dashboard

kubectl create -f  k8s-dashboard.yml

To verify the Kubernetes Dashboard is up and running

kubectl get pod -n kubernetes-dashboard

Verify the Kubernetes dashboard service is running

kubectl get svc -n kubernetes-dashboard

Successfully we have covered Install Kubernetes Dashboard.

3. Access Kubernetes Dashboard using ClusterIP

If you have not changed Cluster IP to LoadBalancer then Run below command to access Kubernetes Dashboard remotely using Cluster IP.

kubectl proxy --address 0.0.0.0 --accept-hosts '.*'

Now hit the below Kubernetes Dashboard URL on browser

https://<IP>:<PORT>/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login

You will see below Kubernetes Dashboard screen

4. Access Kubernetes Dashboard using LoadBalancer

Run below command to access Kubernetes dashboard remotely, You will get LoadBalancer External URL

kubectl get svc -n kubernetes-dashboard

Output:

NAME                        TYPE           CLUSTER-IP      EXTERNAL-IP                                                               PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP      100.64.101.31   <none>                                                                    8000/TCP        25h
kubernetes-dashboard        LoadBalancer   100.70.31.180   ada40491eb69f4a628555676ac977dcd-489540283.ap-south-1.elb.amazonaws.com   443:30446/TCP   25h

Copy the external Load Balancer URL and Paste in Browser

OR

If you have purchased domain and you want access your Kubernetes Dashboard using URL then add CNAME record with AWS Load Balancer URL.

https://ada40491eb69f4a628555676ac977dcd-489540283.ap-south-1.elb.amazonaws.com

You will see below Kubernetes Dashboard screen

kubernetes dashboard-token

You can Login Kubernetes Dashboard using below ways

  • Token
  • Kubeconfig

Login to Kubernetes Dashboard using Token

Enter below to command to get token using kubectl

kubectl describe secrets dashboard-admin -n kubernetes-dashboard

Output:

Name: dashboard-admin-token-5gb8p
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: kubernetes.io/service-account.name: dashboard-admin
kubernetes.io/service-account.uid: 018a95a3-df94-444f-b12c-280af58fba11

Type: kubernetes.io/service-account-token

Data
====
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IkNsdGo5WkRnZUxOM1ZSQnpITGJhVVVRUXNPSnVyT0NIVGFMcjN3RVJrWkEifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tNWdiOHAiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiMDE4YTk1YTMtZGY5NC00NDRmLWIxMmMtMjgwYWY1OGZiYTExIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmVybmV0ZXMtZGFzaGJvYXJkOmRhc2hib2FyZC1hZG1pbiJ9.edmBSZs6jdnWYbiauVPERp4oBSWHv5TdR2OH-lii-5BQmvSk0xAS0suaocOfCkug0-WWtG1psUna5n1lLUQWIawUVn9R3s0CxbG3daGXwkWV4HR7Es4CAOks5bs2QkOBV16uRRHY6tVE_uBDpOvHcHG75gYnzT6Tl349Sik2NagJ_EGlBR7wWbswlF8Lies0E1rDQvRs0Z10g5abTlwy5qSXDKkoHGPojO8OZ-ef2ZvwsvhVqMo65Jux1szq6CisXXnXfopV3mTU8Bh3iALkV3aAN_di5SiNtb1J5OxcongQHCTXJWQmMHwIZPYWJ8XZ3YB7PvH89LGB5LIvPJEeQQ
ca.crt: 1042 bytes
namespace: 20 bytes

Copy the token value and paste on Kubernetes Dashboard login Page in Token value

Once you pasted the token, you will directed to your Kubernetes Web UI Dashboard as shown below

how to access kubernetes dashboard remotely

Increase Kubernetes Dashboard –token-ttl

By default Kubernetes Dashboard token-ttl is for 15 Minutes ,

To increase token-ttl edit the Kubernetes Dashboard deployment

kubectl edit deployment kubernetes-dashboard -n kubernetes-dashboard

Paste the below lines into it and save it

args:
- --tls-key-file=k8sm.key
- --tls-cert-file=k8sm.crt
- --token-ttl=43200

Reload the Kubernetes Dashboard to take effect.

Conclusion

We have covered, How to Install Kubernetes Dashboard, Configure Kubernetes Dashboard using LoadBalancer, Access Kubernetes Dashboard remotely, Generate Kubernetes dashboard-token.

Related Articles:

How to Install Kubernetes Cluster using Kubeadm on Ubuntu

Reference:

Kubernetes Official Guide

Alok Kanakeri

I am Alok Kanakeri working as Senior Site Reliability Engineer(Cloud and DevOps) Likes to share knowledge.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share via
Copy link