Kubernetes dashboard is one of the key components of each cluster deployment. As stated on official GitHub repository of this project, Kubernetes Dashboard is a general purpose, web-based UI for Kubernetes clusters. Although rancher dashboard provides much information about our cluster configuration, its poor in terms of low-level in information about our application deployment, pod status and many other details about our cluster. In this post, I’m going to show you how to configure and access this Web UI.

kubernetes1

The prerequisite to this tutorial is running Kubernetes cluster. If you don’t have already installed, go back to my previous posts and read how to create a new one. For the purpose of this tutorial, I’m using 2 nodes Rancher/AWS EC2 based cluster.

Official documentation to Kubernetes Dashboard project may be found at https://github.com/kubernetes/dashboard.

Before we start, we must have installed and configured kubectl with access to our cluster. In case of Rancher, it’s very simple. Just go to cluster -> Kubeconfig File -> Copy the content. Next paste it into ~/.kube/config. Now type

$ kubect get nodes

If you see the list of your nodes, then the connection to Kubernetes API works!

Now it’s time to deploy the Kubernetes Dashboard. We will use the method recommended by an official guide.

$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml
# Check the rollout status
$ kubectl rollout status deploy/kubernetes-dashboard -n kube-system

Above deployment steps, create a few components. Among others, a deployment which is a definition of our application and service which allows on communication to our application. By default, the service type is ClusterIP, which means that we can connect to this service only from within the cluster. But we need to connect from the external IP. For this purpose, we will use type LoadBalancer and leverage the AWS service.

LoadBalancer type is available only on cloud providers (e.g. AWS), and within the configured cluster to use this method.

$ kubectl get svc/kubernetes-dashboard -n kube-system -o yaml > kubernetes-dashboard.yml
$ kubectl get svc/kubernetes-dashboard -n kube-system -o yaml | sed 's/ClusterIP/LoadBalancer/g' | kubectl apply -f -

Now the Kubernetes cluster is available from the internet (which is not super secure!). You can access it using ELB (Elastic Load Balancer) URL or by creating an entry in Route53 which will direct you straight to the service. Run the below command to get ELB URL

$ kubectl get svc/kubernetes-dashboard -n kube-system -o yaml |grep "hostname:" |awk '{print $3}'
# the output will be similar to:
# <some random letters and numbers>.eu-west-1.elb.amazonaws.com

Now open your browser and go to address https://elb-url/

kubernetes2

You will see the logon screen with two available options – Kubeconfig or Token. Before we login to our dashboard, we need to go back to our console and configure the service account and token to login. Create a new file service-account.yml:

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system

Then run the following command to create the needed resources:

$ kubectl create -f service-account.yml

Retrieve the token which can be used to login:

$ kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

Save the string after “token:” so you can login to the dashboard.

After the first login, you will see the main screen which is similar to one below:

kubernetes3

Let’s go to Nodes tab, where we can see your active Kubernetes nodes

kubernetes4

Our cluster is almost empty at the moment (only core components, under kube-system namespace, are running plus few other related to other services. If we switch to All namespaces view, we can see them:

kubernetes5

That’s all for now. In the next post, I’ll try to deploy the first application which will run on top of the Kubernetes.

I hope you enjoyed the reading and found here some useful information. As always, any feedback is highly appreciated.

See you soon!