Web UI Dashboard for Kubernetes
Kubernetes dashboard provides a web-based UI for the cluster. One can deploy applications on the cluster using the dashboard as well as troubleshoot the existing applications in the cluster. The dashboard also provides insight into the resources in the cluster. The dashboard is officially provided by Kubernetes. One can create, modify, update and delete Kubernetes objects using the dashboard.
In this article, we will install the official dashboard provided by Kubernetes and set up a service account to access it. Before proceeding with this article, it is assumed that you are familiar with Kubernetes and have a Kubernetes Cluster.
Pre-requisites
- Kubernetes Cluster with at least 1 worker node.
If you want to learn to create a Kubernetes Cluster, click here. This guide will help you create a Kubernetes cluster with 1 Master and 2 Worker Nodes on AWS Ubuntu 18.04 EC2 Instances. - Basic understanding of Kubernetes.
What will we do?
- Deploy the Kubernetes Dashboard.
- Set up a ServiceAccount to access the Kubernetes Dashboard.
- Access the Kubernetes Dashboard.
Deploy the Kubernetes Dashboard
To deploy the Kubernetes dashboard, we can download its object file from Github. Use the following command to download the object file. This file contains definitions for Namespace, ServiceAccount, Service, Secret, ConfigMap, Role, ClusterRole, RoleBinding, ClusterRoleBinding, Deployment, and Service.
pwdwget https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended.yaml
Rename the file and change the service type to NodePort. Refer to the following screenshot.
mv recommended.yaml kubernetes-dashboard-deployment.ymlvim kubernetes-dashboard-deployment.yml
Once you have changed the service type to NodePort, it is time to create all the objects responsible to deploy the Kubernetes dashboard.
kubectl apply -f kubernetes-dashboard-deployment.yml
Check the deployment, Pod, and Service which has been created by the above command. The above command also creates Namespace, ServiceAccount, Service, Secret, ConfigMap, Role, ClusterRole, RoleBinding, ClusterRoleBinding, Deployment, and Service.
kubectl get deployments -n kubernetes-dashboardkubectl get svckubectl get podskubectl get pods -n kubernetes-dashboardkubectl get svc -n kubernetes-dashboard
In the above screenshot, you can see that the Kubernetes Dashboard Service with the type “NodePort” has been created. It means the dashboard will be available on any of the IPs of the nodes on NodePort “32304”. You may see a different port for the service on your cluster.
Use the following command to get the IPs of your nodes which you will need in the later steps.
kubectl get nodes -o wide
Setup a ServiceAccount to access the Kubernetes Dashboard
To access the Kubernetes Dashboard you need to have a token. To create a token we first need to create a ServiceAccount
Create a new file and add the following content to it to create a ServiceAccount. You can also download the object file from my Github repo.
vim admin-sa.ymlcat admin-sa.ymlapiVersion: v1
kind: ServiceAccount
metadata:
name: rahul-admin
namespace: kube-system
Once you have the object file, execute the following command to create a ServiceAccount.
kubectl apply -f admin-sa.yml
Now you need to associate the ServiceAccount “rahul-admin” to the cluster role “cluster-admin”. Create a new file with the following content to create a ClusterRoleBinding or click here to download the object file from my Github repo.
vim admin-rbac.ymlcat admin-rbac.ymlapiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: rahul-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: rahul-admin
namespace: kube-system
Execute the following command to create a “ClusterRoleBinding”.
kubectl apply -f admin-rbac.yml
Now we have a “ClusterRole” → “cluster-admin” bound to the “ServiceAccount” → “rahul-admin”.
We are now ready to fetch the token to be used to login into the Kubernetes dashboard. To fetch the token, execute the following commands.
SA_NAME="rahul-admin"kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep $SA_NAME | awk 'print $1')
In the above screenshot, you can see a token to be used to login into the Kubernetes dashboard. Copy this token and hit the dashboard URL on “NodeIP:NodePort”.
Here, NodeIP is the IP of any of the nodes in the cluster and NodePort is the Port(in this case it is 32304, in your case you may have a different port) of the service we created.
Once you hit the URL “NodeIP:NodePort”, you will see a screen as follows. Here, select the “Token” option, enter the Token we fetched in the above step and click on the “Sign in” button.
Access the Kubernetes Dashboard
Once you successfully sign in, you should see the Kubernetes Dashboard as follows.
At the top of the screen, you can even change the Namespace and see resources in it. Now you are all set to explore the Kubernetes Dashboard.
Conclusion
In this article, we deployed all the necessary Kubernetes objects to have the Dashboard in the cluster. We created a ServiceAccount and ClusterRoleBinding to have a Token to access the Kubernetes Dashboard as it cannot be accessed simply. The dashboard can help you get an understanding of the cluster and see all objects it has in it.
https://www.computingpost.com/web-ui-dashboard-for-kubernetes/?feed_id=20925&_unique_id=638b2f725506e