Kubernetes Dashboard is a general-purpose, web-based UI for Kubernetes clusters. It allows users to manage applications running in the cluster and troubleshoot them, as well as manage the cluster itself.
- 2.4.0
| Name | Supported Values | Default Values | Description |
|---|---|---|---|
| k8s-dashboard.namespace | kubernetes-dashboard | The namespace where you want to run the Kubernetes dashboard deployment | |
| k8s-dashboard.clusterRole | Any valid clusterRole from the Kubernetes cluster | k8s-dashboard-readonly | The ClusterRole to be attached to the ServiceAccount which defines RBAC to the cluster resources. |
| By default, a ClusterRole (k8s-dashboard-readonly) with ReadOnly access to most of the resources is deployed. | |||
| k8s-dashboard.certDuration | A Go time.Duration string format in s (seconds), m (minutes), and h (hour) suffixes | 8760h (365 days) | Validity for the Self-signed certificate, specified in hours. |
| k8s-dashboard.certRenewal | A Go time.Duration string format in s (seconds), m (minutes), and h (hour) suffixes | 720h (30 days) | Certificate renew before expiration duration |
| k8s-dashboard.serviceType | ClusterIP, LoadBalancer | ClusterIP | The ServiceType for dashboard. It is highly recommended to use ClusterIP service type to restrict access to the cluster |
| k8s-dashboard.skipLogin | True, False | False | Flag to skip authentications in the Dashboard UI. Enabling this might expose a security risk. Use this only for demo purposes. |
- ClusterIP service type
When connected to the cluster remotely, run the following command to establish a connection to dashboard deployment on port 8080
kubectl port-forward -n kubernetes-dashboard service/kubernetes-dashboard 8080:443
To access Kubernetes Dashboard, go to the below URL in a browser of your choice https://localhost:8080
In the Dashboard login page, to get the bearer token, run the below command from the Terminal window:
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep kubernetes-dashboard-token | awk '{print $1}')
The output of the above command will look like this, where the token value is in the last line
Name: kubernetes-dashboard-token-h4lnfNamespace: kubernetes-dashboardLabels: <none>Annotations: kubernetes.io/service-account.name: kubernetes-dashboardkubernetes.io/service-account.uid: 00e729f1-6638-4e68-8df5-afa2e2e38095Type: kubernetes.io/service-account-tokenData====ca.crt: 1029 bytesnamespace: 20 bytestoken: eyJhbGciOiJSUzI1NiIsImtpZCI6Ilg1bTg3RWM4Y1c3NnhkQ3dXbXNDUXQydVpYQklRUWoxa1BaS0ctVkVTSDQifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi1oNGxuZiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjAwZTcyOWYxLTY2MzgtNGU2OC04ZGY1LWFmYTJlMmUzODA5NSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.JU4GOJNjGpkHabUyxBt_2rvtXNjpR3w238BF2oMCQUNf_ZkUGSMeAAgIKxbAuk62dtJNDaRh5yAZ9J5KthMcU6k4qVmodUOJdlvigBVNjTDEhPM-sqJus62HMtwjpvm0CX-aP_A_BqHs2yJ3OgXSX0uHmkUO1FMoZSVaRpOvx7f5bPswxd87L3npuZt4p-NJIX32-DGjBnxdANAHcWil3YHIUbDgQIdjDfN6stGU_JByvzfCJpNCWWDinr772W7iZ3uA28F8uGS0ZMd1E5e1moEFBY8BM015Qxg2Y_k7lmv9S8GMkBJyTiJNiqnwLwfsiE1ycE4Tgq_vuQfFToIMNw
- LoadBalancer service type
Use the LB service IP & port to connect to the dashboard
Follow below steps to configure Ingress on Kubernetes Dashboard
- Change serviceType from "LoadBalancer" to "ClusterIP" (line #17)
- Ingress (line #23)
- Enable Ingress; Change enabled from false to "true"
- Set Ingress rules like annotations, path, hosts, etc.
With these config changes, you can access Kubernetes Dashboard service on the Ingress Controller LoadBalancer hostname / IP
- If the Dashboard is not accessible, check the dashboard pod for any errors and ensure the Dashboard service is in the 'Running' state.
- When the namespace is customized while deploying Dashboard, make sure to replace the namespace values in the above commands.
https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/ https://github.com/kubernetes/dashboard/tree/master/docs