How To Install Kubernetes Dashboard with NodePort in Linux

HX Club
July 10, 2021

How To Install Kubernetes Dashboard with NodePort in Linux

Kubernetes dashboard is a web-user interface & It provides the information on the state of the Kubernetes cluster and the information of any errors that may occur.It can be used to deploy containerized applications to the cluster &troubleshoot the deployed applications.

Using Kubernetes command line & dashboard,we can manage deployment, StatefulSets, DaemonSets, Jobs, Services and Ingress.Scale a Deployment,initiate a rolling update,restart a pod,create a persistent volume and persistent volume claim,we can do all from the Kubernetes dashboard.

Configure kubectl

We needs to configure & manage kubernetes cluster so click on link https://www.hackerxone.com/blog/how-manage-single-multiple-kubernetes-clusters-using-kubectl-kubectx-linux

Deploy Kubernetes Dashboard

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended.yaml

Here is the command output.

namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created

If we want to make some modifications to the file, we needs to download it.

wget https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended.yaml

Here is the command output.

Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 185.199.109.133,
185.199.111.133, ...
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|185.199.109.133|
connected.
HTTP request sent, awaiting response... 200 OK
Length: 7552 (7.4K) [text/plain]
Saving to: ‘recommended.yaml’

recommended.yaml                            100%[===========================
  7.38K  --.-KB/s    in 0s      
(64.4 MB/s) - ‘recommended.yaml’ saved [7552/7552]

Change the file name.

mv recommended.yaml kubernetes-dashboard-deployment.yml

Modify the Kubernetes dashboard service to be of NodePort type.

vim kubernetes-dashboard-deployment.yml

Provide the type.

kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  ports:
    - port: 443
      targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard
  type: NodePort

Apply the changes.

kubectl apply -f kubernetes-dashboard-deployment.yml

Here is the command output.

namespace/kubernetes-dashboard unchanged
serviceaccount/kubernetes-dashboard unchanged
service/kubernetes-dashboard configured
secret/kubernetes-dashboard-certs unchanged
secret/kubernetes-dashboard-csrf unchanged
secret/kubernetes-dashboard-key-holder unchanged
configmap/kubernetes-dashboard-settings unchanged
role.rbac.authorization.k8s.io/kubernetes-dashboard unchanged
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard unchanged
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard unchanged
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard unchanged
deployment.apps/kubernetes-dashboard unchanged
service/dashboard-metrics-scraper unchanged
deployment.apps/dashboard-metrics-scraper unchanged

Check deployment status:

kubectl get deployments -n kubernetes-dashboard

Here is the command output.

NAME                        READY   UP-TO-DATE   AVAILABLE   AGE
dashboard-metrics-scraper   1/1     1            1           86s
kubernetes-dashboard        1/1     1            1           86s

Check dashboard and metrics status.

kubectl get pods -n kubernetes-dashboard

Here is the command output.

NAME                                         READY   STATUS    RESTARTS   AGE
dashboard-metrics-scraper-856586f554-2xdm4   1/1     Running   0          2m4s
kubernetes-dashboard-67484c44f6-n6b6k        1/1     Running   0          2m4s

Check service type status.Change to NodePort.

kubectl get service -n kubernetes-dashboard

Here is the command output.

NAME                        TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.97.177.80    <none>        8000/TCP        2m59s
kubernetes-dashboard        NodePort    10.106.56.191   <none>        443:30038/TCP   3m

Accessing Kubernetes Dashboard.

server-ip:30038

Select Kubeconfig or Provide the Token Otherwise Skip.

Click on Sign in.
Provide User-name & Password.

Fig 1

Create Admin User to Access Kubernetes Dashboard.

Create Admin service account

Creating a Service Account manifest file.

vim admin-sa.yml

Provide the Following lines.

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: user-name
  namespace: kube-system

After creating a file apply the manifest to create objects in kubernetes cluster.

kubectl apply -f admin-sa.yml

Create a Cluster Role Binding

vim admin-rbac.yml

Provide the Following lines.

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: user-name
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
  - kind: ServiceAccount
    name: user-name
    namespace: kube-system

Apply the file.

kubectl apply -f admin-rbac.yml

Get admin user token

We can get the generated token for a service account by using the kubectl command.
Set a variable to store the name of the service account.

SA_NAME="user-name"

Run the command.

kubectl -n kube-system describe secret $(kubectl -n kube-system get secret |
 grep ${SA_NAME} | awk '{print $1}')

Here is the command output.

Name:         user-name-token-mm9jd
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: user-name
              kubernetes.io/service-account.uid: 80fade4b-4270-11ea-9fe4-005056ba45bd

Type:  kubernetes.io/service-account-token

Data
====
token:      eyJhbGciOiJSUzI1NiIsImtpZCI9IiJ9.eyJpc7MiOiJrdWJlcm5ldG
VzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC
9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFj
Y291bnQvc2VjcmV0Lm5hbWUxOiJqa211dG
FpLWFkbWluLXRva2VuLW1tOWpkIiwia3ViZXJuZXdY2dOHh1WZcKhJqfNfB73GYX2
TQlUlurV4Oy0-2CpUUpJ1HAjcSHzKGuSrMUAMAhRwhbZZXhwvbQ6Ei_9Vv2PkD8_Pw
9c-k9x-bblFSAqyFhA
ca.crt:     1025 bytes
namespace:  11 bytes

Copy the contents in token key.
Paste the Token key to access the dashboard.

Fig 1

home/welcome page of Kubernetes.

Fig 2

Admin View

Fig 2

Workloads View

Fig. 5

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Create Admin User to Access Kubernetes Dashboard.

Create a Cluster Role Binding

Get admin user token

Leave a Reply Cancel reply