Instantly share code, notes, and snippets.

What would you like to do?
Deploy kubernetes-dashboard on Rancher 2.0 cluster exposed using NodePort

Deploy kubernetes-dashboard on Rancher 2.0 cluster exposed using NodePort


Step 1: Generate kubeconfig from the UI

Generate the kubeconfig file for your cluster using the Kubeconfig File button in the Cluster view of your cluster. Save the generated file as $HOME/.kube/config and run kubectl get nodes to verify it works.

Step 2: Deploy kubernetes dashboard

Deploy the kubernetes dashboard by using the recommended deployment definition.

kubectl apply -f
kubectl rollout status deploy/kubernetes-dashboard -n kube-system


Step 3: Change Service Type to NodePort

For this guide, we are using a NodePort to access the kubernetes dashboard. By default, the Service gets created as ClusterIP. You can change that by using the following command:

kubectl get svc/kubernetes-dashboard  -n kube-system  -o yaml | sed 's/ClusterIP/NodePort/g' | kubectl apply -f -
service "kubernetes-dashboard" configured

Step 4: Create ServiceAccount and token to login

Copy the following YAML content and save it as dashboard.yml:

apiVersion: v1
kind: ServiceAccount
  name: admin-user
  namespace: kube-system
kind: ClusterRoleBinding
  name: admin-user
  kind: ClusterRole
  name: cluster-admin
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system

Run the following command to create the needed resources:

kubectl create -f dashboard.yml

Retrieve the token which can be used to login:

kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

Save the string after token: so you can login into the dashboard.

Example output:

Name:         admin-user-token-6gl6l
Namespace:    kube-system
Labels:       <none>


ca.crt:     1025 bytes
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLTZnbDZsIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJiMTZhZmJhOS1kZmVjLTExZTctYmJiOS05MDFiMGU1MzI1MTYiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.M70CU3lbu3PP4OjhFms8PVL5pQKj-jj4RNSLA4YmQfTXpPUuxqXjiTf094_Rzr0fgN_IVX6gC4fiNUL5ynx9KU-lkPfk0HnX8scxfJNzypL039mpGt0bbe1IXKSIRaq_9VW59Xz-yBUhycYcKPO9RM2Qa1Ax29nqNVko4vLn1_1wPqJ6XSq3GYI8anTzV8Fku4jasUwjrws6Cn6_sPEGmL54sq5R4Z5afUtv-mItTmqZZdxnkRqcJLlg2Y8WbCPogErbsaCDJoABQ7ppaqHetwfM_0yMun6ABOQbIwwl8pspJhpplKwyo700OSpvTT9zlBsu-b35lzXGBRHzv5g_RA


Step 5: Login to the dashboard

We need to access the IP of one of the nodes added to your cluster, on the randomly chosen NodePort we configured earlier. Below are two command to automatically find these parameters:

NODEPORT=`kubectl get services/kubernetes-dashboard -n kube-system  -o jsonpath="{.spec.ports[0].nodePort}"`
for NODE in `kubectl get no -o jsonpath='{range.items[*].status.addresses[?(@.type=="InternalIP")]}{"https://"}{.address}{"\n"}{end}'`; do echo $NODE:$NODEPORT; done

Use one of the printed URLs to visit the kubernetes dashboard in your browser.

When prompted to sign in, choose Token and use the token you saved in step 4.

Extra: kubectl proxy

kubectl proxy

Access dashboard this URL, replacing CLUSTERID with your clusterid (shown in the address bar of your browser):


Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment