Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Deploy kubernetes-dashboard on Rancher 2.0 cluster exposed using NodePort

Deploy kubernetes-dashboard on Rancher 2.0 cluster exposed using NodePort

Requirements

Step 1: Generate kubeconfig from the UI

Generate the kubeconfig file for your cluster using the Kubeconfig File button in the Cluster view of your cluster. Save the generated file as $HOME/.kube/config and run kubectl get nodes to verify it works.

Step 2: Deploy kubernetes dashboard

Deploy the kubernetes dashboard by using the recommended deployment definition.

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
kubectl rollout status deploy/kubernetes-dashboard -n kube-system

Reference: https://github.com/kubernetes/dashboard/blob/master/README.md

Step 3: Change Service Type to NodePort

For this guide, we are using a NodePort to access the kubernetes dashboard. By default, the Service gets created as ClusterIP. You can change that by using the following command:

kubectl get svc/kubernetes-dashboard  -n kube-system  -o yaml | sed 's/ClusterIP/NodePort/g' | kubectl apply -f -
service "kubernetes-dashboard" configured

Step 4: Create ServiceAccount and token to login

Copy the following YAML content and save it as dashboard.yml:

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system

Run the following command to create the needed resources:

kubectl create -f dashboard.yml

Retrieve the token which can be used to login:

kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

Save the string after token: so you can login into the dashboard.

Example output:

Name:         admin-user-token-6gl6l
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name=admin-user
              kubernetes.io/service-account.uid=b16afba9-dfec-11e7-bbb9-901b0e532516

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1025 bytes
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLTZnbDZsIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJiMTZhZmJhOS1kZmVjLTExZTctYmJiOS05MDFiMGU1MzI1MTYiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.M70CU3lbu3PP4OjhFms8PVL5pQKj-jj4RNSLA4YmQfTXpPUuxqXjiTf094_Rzr0fgN_IVX6gC4fiNUL5ynx9KU-lkPfk0HnX8scxfJNzypL039mpGt0bbe1IXKSIRaq_9VW59Xz-yBUhycYcKPO9RM2Qa1Ax29nqNVko4vLn1_1wPqJ6XSq3GYI8anTzV8Fku4jasUwjrws6Cn6_sPEGmL54sq5R4Z5afUtv-mItTmqZZdxnkRqcJLlg2Y8WbCPogErbsaCDJoABQ7ppaqHetwfM_0yMun6ABOQbIwwl8pspJhpplKwyo700OSpvTT9zlBsu-b35lzXGBRHzv5g_RA

Reference: https://github.com/kubernetes/dashboard/wiki/Creating-sample-user

Step 5: Login to the dashboard

We need to access the IP of one of the nodes added to your cluster, on the randomly chosen NodePort we configured earlier. Below are two command to automatically find these parameters:

NODEPORT=`kubectl get services/kubernetes-dashboard -n kube-system  -o jsonpath="{.spec.ports[0].nodePort}"`
for NODE in `kubectl get no -o jsonpath='{range.items[*].status.addresses[?(@.type=="InternalIP")]}{"https://"}{.address}{"\n"}{end}'`; do echo $NODE:$NODEPORT; done

Use one of the printed URLs to visit the kubernetes dashboard in your browser.

When prompted to sign in, choose Token and use the token you saved in step 4.

Extra: kubectl proxy

kubectl proxy

Access dashboard this URL, replacing CLUSTERID with your clusterid (shown in the address bar of your browser):

http://localhost:8001/k8s/clusters/CLUSTERID/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/

@TimMeade

This comment has been minimized.

Copy link

commented Feb 5, 2019

Step 2 downloading the yaml file from github is throwing a 404

@paulliss

This comment has been minimized.

@gauravmittal80

This comment has been minimized.

Copy link

commented Aug 24, 2019

Hi,

Thanks for providing the steps to configure. Well When I execute the command it gives all private IP that is assined to the Openstack instances. We have assigned the floating Public IP to access these instances. Kindly help or point to a document where we can access the dashboard using the public ip.

ubuntu@rancher:~$ for NODE in `kubectl get no -o jsonpath='{range.items[*].status.addresses[?(@.type=="InternalIP")]}{"https://"}{.address}{"\n"}{end}'`; do echo $NODE:$NODEPORT; done
https://10.0.0.12:32098
https://10.0.0.3:32098
https://10.0.0.15:32098
https://10.0.0.5:32098
https://10.0.0.11:32098
https://10.0.0.13:32098
https://10.0.0.8:32098
ubuntu@rancher:~$

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.