Installing Kubernetes Dashboard

After the Kubernetes installation, the following steps should be followed to deploy and make the dashboard accessible.

Deploying the Dashboard UI

The Dashboard UI is not deployed by default. Run the following command to deploy:

To protect your cluster data, Dashboard deploys with at least one RBAC configuration by default. Currently, Dashboard only supports login with Bearer Token. Follow the steps below in order.

vi dashboard-service.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard

YML

vi dashboard-adminuser.yaml

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

YML

kubectl apply -f dashboard-service.yaml
kubectl apply -f dashboard-adminuser.yaml

kubectl create clusterrolebinding permissive-binding --clusterrole=cluster-admin --user=admin --user=kubelet --group=system:serviceaccounts
kubectl create clusterrolebinding kubernetes-dashboard -n kube-system --clusterrole=cluster-admin --serviceaccount=kube-system:kubernetes-dashboard

POWERSHELL

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.1.0/aio/deploy/recommended.yaml

POWERSHELL

NodePort Setting

When the Kubernetes dashboard is installed with the above steps, it will open with ClusterIP by default. For external access, we must change the value in Service as follows.

kubectl -n kubernetes-dashboard edit service kubernetes-dashboard

POWERSHELL

apiVersion: v1
...
  name: kubernetes-dashboard
  namespace: kube-system
  resourceVersion: "343478"
  selfLink: /api/v1/namespaces/kube-system/services/kubernetes-dashboard-head
  uid: 8e48f478-993d-11e7-87e0-901b0e532516
spec:
  clusterIP: <YOUR_CLUSTER_IP>
  externalTrafficPolicy: Cluster
  ports:
  - port: 443
    protocol: TCP
    targetPort: 8443
    nodePort: 32100
  selector:
    k8s-app: kubernetes-dashboard
  sessionAffinity: None
  type: NodePort
status:
  loadBalancer: {}

YML

Next we need to check the port where the Dashboard is located. It should have a service image similar to the one below.

kubectl -n kubernetes-dashboard get service kubernetes-dashboard

NAME                    TYPE       CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE
kubernetes-dashboard   NodePort   <YOUR_CLUSTER_IP>   <none>        443:32469/TCP   13d

POWERSHELL

Dashboard displayed on port 32469 (HTTPS). You can now access it from your browser: https://<YOUR_CLUSTER_IP>:32469.

master-ip can be found by running kubectl cluster-info command. Typically, it's 127.0.0.1 or the IP of your machine, assuming your cluster is running directly on the machine these commands are executed on.

Getting Token:

kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | awk '/^deployment-controller-token-/{print $1}') | awk '$1=="token:"{print $2}'

POWERSHELL