Skip to main content
Version: latest

Kubernetes Dashboard

The Kubernetes Dashboard add-on pack is a general-purpose, web-based UI that allows you to manage clusters and the applications deployed in them.


Versions Supported

Prerequisites

  • Outbound internet connectivity for port 443 is allowed so that you and your applications can connect with the Spectro Proxy reverse proxy.

  • Users or groups must be mapped to a Kubernetes RBAC role, either a Role or a ClusterRole. You can create a custom role through a manifest and use Palette's roleBinding feature to associate the users or groups with the role. Refer to the Create Role Bindings guide to learn more.

Parameters

NameSupported ValuesDefault ValuesDescription
k8s-dashboard.namespacekubernetes-dashboardThe namespace where you want to run the Kubernetes Dashboard deployment
k8s-dashboard.clusterRoleAny valid clusterRole from the Kubernetes clusterk8s-dashboard-readonlyThe ClusterRole to be attached to the ServiceAccount which defines RBAC to the cluster resources.

By default, a ClusterRole (k8s-dashboard-readonly) with ReadOnly access to most of the resources is deployed.
k8s-dashboard.certDurationA Go time.Duration string format in s (seconds), m (minutes), and h (hour) suffixes8760h (365 days)Validity for the Self-signed certificate, specified in hours.
k8s-dashboard.certRenewalA Go time.Duration string format in s (seconds), m (minutes), and h (hour) suffixes720h (30 days)Certificate renew before expiration duration
k8s-dashboard.serviceTypeClusterIP, LoadBalancerClusterIPThe ServiceType for dashboard. We recommend using ClusterIP service type to restrict access to the cluster.
k8s-dashboard.skipLoginTrue, FalseFalseA flag to skip authentications in the Kubernetes Dashboard UI. We recommend using this only for demo purposes, as enabling it could expose a security risk.
warning

Starting with Kubernetes Dashboard version 2.7.0, the Connect button is no longer available. For an optimized experience, we recommend you use the pre-configured version of this dashboard, called Spectro Kubernetes Dashboard pack. To learn more about it and start using it, check out the Spectro Kubernetes Dashboard guide.

Usage

To use the Kubernetes Dashboard pack, you have to add it to your cluster profile. Use the following information to find the Kubernetes Dashboard pack.

  • Pack Type: Monitoring
  • Registry: Public Repo
  • Pack Name: Kubernetes Dashboard
  • Pack Version: 2.0.x or higher

The Kubernetes Dashboard pack requires the Spectro Proxy pack, which serves as a reverse proxy to expose the Kubernetes dashboard. You must configure the Spectro Proxy pack.

Access Kubernetes Dashboard

When connected to the cluster remotely, issue the following command to establish a connection to deploy the Kubernetes Dashboard on port 8080.


kubectl port-forward -namespace kubernetes-dashboard service/kubernetes-dashboard 8080:443

To access Kubernetes Dashboard, navigate to https://localhost:8080 in a browser of your choice.

From the Dashboard login page, run the following command from the terminal window to obtain the bearer token:


kubectl -namespace kubernetes-dashboard describe secret  \
$(kubectl -namespace kubernetes-dashboard get secret | grep kubernetes-dashboard-token | awk '{print $1}')

The following example shows the command output with the token value.


Name:         kubernetes-dashboard-token-h4lnf
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: kubernetes.io/service-account.name: kubernetes-dashboard
kubernetes.io/service-account.uid: 00e729f1-6638-4e68-8df5-afa2e2e38095

Type: kubernetes.io/service-account-token

Data
====
ca.crt: 1029 bytes
namespace: 20 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6Ilg1bTg3RWM4Y1c3NnhkQ3dXbXNDUXQydVpYQklRUWoxa1BaS0ctVkVTSDQifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi1oNGxuZiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjAwZTcyOWYxLTY2MzgtNGU2OC04ZGY1LWFmYTJlMmUzODA5NSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.JU4GOJNjGpkHabUyxBt_2rvtXNjpR3w238BF2oMCQUNf_ZkUGSMeAAgIKxbAuk62dtJNDaRh5yAZ9J5KthMcU6k4qVmodUOJdlvigBVNjTDEhPM-sqJus62HMtwjpvm0CX-aP_A_BqHs2yJ3OgXSX0uHmkUO1FMoZSVaRpOvx7f5bPswxd87L3npuZt4p-NJIX32-DGjBnxdANAHcWil3YHIUbDgQIdjDfN6stGU_JByvzfCJpNCWWDinr772W7iZ3uA28F8uGS0ZMd1E5e1moEFBY8BM015Qxg2Y_k7lmv9S8GMkBJyTiJNiqnwLwfsiE1ycE4Tgq_vuQfFToIMNw

Configure Ingress

Use the following steps to configure ingress for the Kubernetes Dashboard pack.


  1. Ensure the service.type parameter is set to "ClusterIP".

  2. To enable ingress, set the ingress.enabled parameter to "true".

  3. Set ingress rules, such as annotations, path, hosts, and any other rules.

This allows you to access the Kubernetes Dashboard in hostname or IP format using the IP address that the ingress controller exposes.

Typically you would point a DNS CNAME record to the ingress controller IP. Talk to your system administrator to learn more about which hostname to use.


Configure LoadBalancer

Use the service.loadBalancerIP and service.externalPort parameters to connect to the Kubernetes Dashboard.

Troubleshooting

  • If the Kubernetes Dashboard is not accessible, check the dashboard pod for errors and ensure the dashboard service is in the Running state.

  • When the namespace is customized while deploying the Kubernetes Dashboard, replace the namespace values in the commands shown above.

Terraform

You can reference the Kubernetes Dashboard pack in Terraform with a data resource.


data "spectrocloud_registry" "public_registry" {
name = "Public Repo"
}

data "spectrocloud_pack_simple" "spectro-proxy" {
name = "k8s-dashboard"
version = "2.7.0"
type = "monitoring"
registry_uid = data.spectrocloud_registry.public_registry.id
}

References