Skip to content

Instantly share code, notes, and snippets.

@s-lyn

s-lyn/INSTALL.md

Last active May 1, 2024 18:08
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 3 You must be signed in to fork a gist
  • Save s-lyn/3aba97628c922ddc4a9796ac31a6df2d to your computer and use it in GitHub Desktop.
Save s-lyn/3aba97628c922ddc4a9796ac31a6df2d to your computer and use it in GitHub Desktop.
Download ZIP
Configure Kubernetes Dashboard Web UI hosted with Nginx Ingress Controller
Raw
INSTALL.md

This gist is based on [Kubernetes Dashboard](https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/} deploy docs. I think you have installed the Nginx Iingress Controller.

1) Deploy the Dashboard UI

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml

2) Creating the Service Account and ClusterRoleBinding

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard
EOF

3) Get a Bearer Token

Now we need to find token we can use to log in. Execute following command:

For Bash:

kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')

For Powershell:

kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | sls admin-user | ForEach-Object { $_ -Split '\s+' } | Select -First 1)

It should print the data with line like:

token: <YOUR TOKEN HERE>

Now save it. You need to use it whe login the dashboard.

4) Create the ingress controller

cat <<EOF | kubectl apply -f -
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  namespace: kubernetes-dashboard
  name: kubernetes-dashboard-ingress
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
    # Uncomment next if you use https://cert-manager.io/
    #cert-manager.io/cluster-issuer: "<YOUR CLUSTER ISSUER>"
spec:
  tls:
  - hosts:
    - <YOUR DOMAIN HERE>
    secretName: kubernetes-dashboard-cert
  rules:
  - host: <YOUR DOMAIN HERE>
    http:
      paths:
      - path: /
        backend:
          serviceName: kubernetes-dashboard
          servicePort: 443
EOF

5) Login to dashboard

Go to https://<YOUR DOMAIN> and insert the previous created token into Enter token field.

@chadleywilson
Copy link

Not sure I understand this document

I have tried hostname.mydomian.net
mydomain.net
and just hostname

either way I get this error

error: unable to recognize "STDIN": no matches for kind "Ingress" in version "networking.k8s.io/v1beta1"

@s-lyn
Copy link
Author

s-lyn commented Feb 20, 2023

Not sure I understand this document I have tried hostname.mydomian.net mydomain.net and just hostname

either way I get this error

error: unable to recognize "STDIN": no matches for kind "Ingress" in version "networking.k8s.io/v1beta1"

Hi @chadleywilson!
This gist was created more then 2 years ago, as I see from docs apiVersion was changed from networking.k8s.io/v1beta1 to networking.k8s.io/v1.
I don't have a cluster to check now, but you cought try follow relevant docs for your Ingress controller's version.

@s-lyn
Copy link
Author

s-lyn commented Feb 20, 2023

@chadleywilson Possible version changing is good enought to work in your case.

@chadleywilson
Copy link

chadleywilson commented Feb 20, 2023
edited

turns out it not just a version change there are syntax changes as well:

 apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  namespace: kubernetes-dashboard
  name: kubernetes-dashboard-ingress
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
    # Uncomment next if you use https://cert-manager.io/
    # cert-manager.io/cluster-issuer: "<YOUR CLUSTER ISSUER>"
spec:
  tls:
  - hosts:
    - bw-npe.net
    secretName: kubernetes-dashboard-cert
  rules:
  - http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: kubernetes-dashboard
            port:
               number: 443

@lolpro11
Copy link

lolpro11 commented Jan 9, 2024
edited 

cat <<EOF | kubectl apply -f -
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  namespace: kubernetes-dashboard
  name: kubernetes-dashboard-ingress
  annotations:
    kubernetes.io/spec.ingressClassName.class: "nginx"
    nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
    nginx.ingress.kubernetes.io/auth-type: basic
    nginx.ingress.kubernetes.io/auth-secret: basic-auth
    nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required - lolpro11'
spec:
  rules:
  - host: lolpro11.me
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: kubernetes-dashboard
            port:
              number: 80
EOF

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment