kubectl config set-credentials kubeuser/<project> --username=admin --password=<password>
kubectl config set-cluster <project> --insecure-skip-tls-verify=true --server=https://<IP>:<PORT>
kubectl config set-context default/<project>/admin --user=kubeuser/<project> --namespace=default --cluster=<project>
kubectl config get-contexts
kubectl use-context default/<project>/admin
Check if everything is okay: kubectl cluster-info
.
Run kubectl proxy
so we can ssh tunnel to the machine and run the dashboard locally on port 8001:
http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login
First we need to see kubernetes' default tokens which have various access permissions. We need to grab one of those tokens to log onto the dashboard.
kubectl -n kube-system get secrets
kubectl -n kube-system describe secret <secret>
Copy the token and paste it into the dashboard.
kubectl -n kube-system create serviceaccount tiller
kubectl create clusterrolebinding tiller --clusterrole cluster-admin --serviceaccount=kube-system:tiller
helm init --service-account tiller
Note: If firewall prevents access to Google cloud, it won't be able to pull the Tiller image.
Instead, run helm init
like this:
helm init --service-account tiller --tiller-image registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.13.1
kubectl create secret docker-registry <secret-name> --docker-server=<registry> --docker-username=<user> --docker-password=<pass> --docker-email=<email>