Kubernetes Dashborad creating - unix1998/technical_notes GitHub Wiki

The Kubernetes Dashboard, which is a web-based UI for managing Kubernetes clusters, is not included by default in Kubernetes installations. need to install and configure it separately. Here's how you can do it:

Installing Kubernetes Dashboard

  1. Deploy the Kubernetes Dashboard: Use the following command to deploy the Kubernetes Dashboard:

    kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml

  2. Create a Service Account: Create a service account and cluster role binding for accessing the Dashboard:

    kubectl create serviceaccount dashboard-admin-sa
kubectl create clusterrolebinding dashboard-admin-sa --clusterrole=cluster-admin --serviceaccount=default:dashboard-admin-sa

  3. Obtain the Bearer Token: Get the bearer token for logging in to the Dashboard:

    kubectl get secret $(kubectl get serviceaccount dashboard-admin-sa -o jsonpath="{.secrets[0].name}") -o go-template="{{.data.token | base64decode}}" > dashboard-token.txt
cat dashboard-token.txt

  4. Access the Dashboard: Use kubectl proxy to access the Dashboard locally:

    kubectl proxy

    Then, open the following URL in your web browser:

    http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/

  5. Login to the Dashboard: Use the token from the previous step to log in.

Steps Breakdown

  1. Deploy the Dashboard: This step deploys the Kubernetes Dashboard using a YAML configuration file that sets up all necessary resources (e.g., pods, services).

  2. Service Account and Role Binding: These commands create a service account and bind it to the cluster-admin role, giving it admin privileges. This is necessary for accessing all features of the Dashboard.

  3. Get the Bearer Token: The token is used for authenticating to the Dashboard. You fetch it from the service account's secret.

  4. Access the Dashboard via Proxy: Running kubectl proxy allows you to securely access the Dashboard from your local machine.

  5. Login: Use the token to log in and start managing your Kubernetes cluster via the web UI.

Important Notes

  • Security: Binding the service account to the cluster-admin role gives it full admin privileges, which is not recommended for production environments. For production, create a role with the least privileges necessary.
  • Access Control: Always use secure methods to handle the token and restrict access to the Dashboard appropriately.
  • Namespace: Ensure you are operating in the correct namespace. The default namespace used in the above example is default.

By following these steps, you can set up and access the Kubernetes Dashboard for your cluster.