Setting up Externally Available Kubernetes Dashboard

This guide will show you how to set up the Kubernetes Dashboard with external access available (For connecting to the Dashboard from your Desktop – Separate to your Kubernetes Cluster.

The guide assumes that your Kubernetes cluster is already set up and deployed.

Setting up the Dashboard:

The first step is to Deploy the Dashboard from the Kubernetes yaml file. Personally I wget these to my cluster but you can deploy directly from the git repository if you so chose:

wget https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml

Now, before creating using kubectl, add the line below to the service section to create a NodePort (To publish the service externally).

 type: NodePort

Now create the file:

kubectl create -f kubernetes-dashboard.yml

Once the service has deployed, you can verify it is running correctly with the below command:

kubectl get services -n kube-system

If you set the Service there correctly and running, you can now browse to the Dashboard:

https://[your-k8s-master-ip]:31737

Logging into the Dashboard:

When you get to the Dashboard login, you will be presented with two options – We will be using the Bearer Token Authentication.

In a later guide I will document how to set up an nginx reverse proxy server to automatically add this Bearer Token into your http headers

To get your token to use to sign into the Kubernetes Dashboard – Run the below command to get the token from one of the built-in Kubernetes accounts:

kubectl -n kube-system describe secrets $(kubectl -n kube-system get secret | grep "dashboard-token" | awk {'print $1'}) | grep "token:" | awk {'print $2'}

Copy this token and paste this into the login screen and you’re in!

NOTE: This default account will not have all admin privilidges on the Kubernetes Dashboard – This is best practice.

If you would like this Dashboard user to have full admin permissions over your cluster (This is not advised in a production environment) you can run the below command to apply these permissions:

kubectl create clusterrolebinding kubernetes-dashboard --clusterrole=cluster-admin --serviceaccount=kube-system:kubernetes-dashboard

Credit for Admin permissions hint: https://github.com/Azure/aks-engine/issues/805 

 

Any comments or questions? Get in touch here or Email me at [email protected]