Kubernetes Dashboard | Kubernetes Admin GUI | Kubernetes Desktop Client
Kubernetes comes really handy with its Kubernetes Dashboard| Kubernetes Admin GUI|Kubernetes Desktop Client.
kubernetes dashboard is a general purpose web-based UI for managing the Kubernetes cluster.
With the help of Kubernetes dashboard you can manage applications running in the cluster as well as it can help you to debug as well.
In this article we will focus on setting up Kubernetes Dashboard| Kubernetes Admin GUI|Kubernetes Desktop Client
1. Setting up kubernetes - dashboard.yaml on Minikube
What you will need?
- kubectl - Kubernets v1.14.0
- minikube - Minikube v1.1.1
Note - For minikube and kubectl installation please refer – Getting started with Kubernets and minikube
Kubernets provides default yaml configurations for the dashboard.
dashboard.yml can be downloaded from here.
Step 1 - Apply dashboard configuration
Please execute following command to apply dashboard configuration
1$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
Step 2 - Access kubernetes dashboard on your local workstation
To access the dashboard on your local workstation you need to create a secure channel to your Kubernetes cluster.
You can run the following command
1$ kubectl proxy
Now you can access the dashboard using the URL - http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/
You should see following on your browser
Note – Kubeconfig Authentication method does not support external identity providers or certificate-based authentication.
Dashboard can only be accessed over HTTPS
Step 3 - Create Service Account : admin-user and namespace : kube-system
Now you need to create a YAML configuration file for adminuser creation.
Create a YAML configuration file - dashboard-adminuser.yaml and put following configuration inside it.
1apiVersion: v1
2kind: ServiceAccount
3metadata:
4 name: admin-user
5 namespace: kube-system
Next you need to apply the adminuser configuration and for that execute the following command.
1$ kubectl apply -f dashboard-adminuser.yaml
Step 4 - Create ClusterRoleBinding for admin-user
In kubernetes ClusterRole admin-Role already exists in the cluster.
We can use it and create only ClusterRoleBinding for our ServiceAccount.
Create one more YAML configuration file with name - adminuser-rolebinding.yaml
1apiVersion: rbac.authorization.k8s.io/v1
2kind: ClusterRoleBinding
3metadata:
4 name: admin-user
5roleRef:
6 apiGroup: rbac.authorization.k8s.io
7 kind: ClusterRole
8 name: cluster-admin
9subjects:
10- kind: ServiceAccount
11 name: admin-user
12 namespace: kube-system
You need to apply the **adminuser-rolebinding.yaml **configuration and for that execute the following command.
1$ kubectl apply -f adminuser-rolebinding.yaml
Step 5 - Create Access/Bearer Token for admin-user
To login into the kubectl dashboard we need to create acceess token using following command.
1$ kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
Once you run the above command you should see something like this -
1kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
2Name: admin-user-token-z9phm
3Namespace: kube-system
4Labels: <none>
5Annotations: kubernetes.io/service-account.name: admin-user
6 kubernetes.io/service-account.uid: 6561d4d0-912d-11e9-b6d7-080027df159a
7
8Type: kubernetes.io/service-account-token
9
10Data
11====
12ca.crt: 1066 bytes
13namespace: 11 bytes
14token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLXo5cGhtIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiI2NTYxZDRkMC05MTJkLTExZTktYjZkNy0wODAwMjdkZjE1OWEiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.mOfoPCHvpzR6ZY5n4pnVlSgdCs1DS3HKx95-yU_i_tiO415rSZlFqL2Mtam9HByg1bsPiON4OtbxWhQNGJ-JUWeUAKNxwOoXeg0O7RWhs8Qoh6PG7IbkjibPFS4z7NJ7wTQA0pxk22cfR7ccBLnzCwn5K3JecBOyfb-VLhaFkuLrP9EQYs9htII5QHKobn3u_OGQoRN-zqNgicAeM-0UyuI_dlo1tq__0fI4sJJa-zC0rDkDAQ1anoS4ujwGD7z22Rvnpi7HCKyRt7Wsl7hBt6HFCyxsi7Hglo5cgDRhEG47-vzKvcm9nUNNM7TpDxKPKIGeOPlB-loyq9JwhPOtLw
From the above console logs you can look for token. Copy the long token string.
Step 6 - Provide the token to kubernetes dashboard
Go back to browser and open kubernetes dashboard.
Now provide the token which you copied from the previous step here -
Step 7 - kubernetes dashboard
Once you clicked the Sign In then you should see following - Kubernetes Admin GUI
2. Setting up Kubernetes Dashboard on Local Kubernetes cluster using Vagrant on Ubuntu
Before you proceed further, I am assuming you have your kubernetes cluster up and running and you have installed with kubectl on your local development machine.
If you do not have kubernetes cluster up and running then I would recommend to follow this guide for setting up your local kubernetes cluster.
Setting Up Local Kubernetes Cluster This guide will help to setup local kubernetes cluster using Vagrant's virtual machine on Ubuntu
Step 1 - Setup/install kubernetes dashboard using kubectl.
Now you have your cluster up and running. Use the following command to install the kubernetes dashbaord
1kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml
1namespace/kubernetes-dashboard created
2serviceaccount/kubernetes-dashboard created
3service/kubernetes-dashboard created
4secret/kubernetes-dashboard-certs created
5secret/kubernetes-dashboard-csrf created
6secret/kubernetes-dashboard-key-holder created
7configmap/kubernetes-dashboard-settings created
8role.rbac.authorization.k8s.io/kubernetes-dashboard created
9clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
10rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
11clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
12deployment.apps/kubernetes-dashboard created
13service/dashboard-metrics-scraper created
14deployment.apps/dashboard-metrics-scraper created
Step 2 - Start kubernetes API server using kubectl
Now we need to start kubernetes API server, so that we can access the kubernetes dashboard.
Run the following command to start kubernetes API server
1$ kubectl proxy
Now after running the above command we can access the kubernetes dashboard using following URL
1$ https://100.0.0.2:6443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/
Once you will open above URL, it will lead you to authentication page. On authenticate page you will be either asked to provide Kubeconfig or Token for the service account.
Since our kubernete cluster is pretty new so we need to create a service account and assign some roles to it.
Step 3 - Create service Account
Use the following command to create a Service Account
1cat <<EOF | kubectl create -f -
2apiVersion: v1
3kind: ServiceAccount
4metadata:
5 name: admin-user
6 namespace: kube-system
7EOF
Step 4 - Create ClusterRoleBinding with the user which we have created in Step 3.
Use the following command to create ClusterRoleBinding
1cat <<EOF | kubectl create -f -
2apiVersion: rbac.authorization.k8s.io/v1
3kind: ClusterRoleBinding
4metadata:
5 name: admin-user
6roleRef:
7 apiGroup: rbac.authorization.k8s.io
8 kind: ClusterRole
9 name: cluster-admin
10subjects:
11- kind: ServiceAccount
12 name: admin-user
13 namespace: kube-system
14EOF
Step 5 - Generate the bearer token/secret token
To authenticate on kubernetes dashboard we need to provide bearer token. Use the following command to generate the bearer token
1$ kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
1Name: admin-user-token-2pt5j
2Namespace: kube-system
3Labels: <none>
4Annotations: kubernetes.io/service-account.name: admin-user
5 kubernetes.io/service-account.uid: d1db9676-1157-4dd4-8989-c104f56eb4aa
6
7Type: kubernetes.io/service-account-token
8
9Data
10====
11namespace: 11 bytes
12token: eyJhbGciOiJSUzI1NiIsImtpZCI6IkdtcW9vT2VGRVNWa3hmc28zMmVUdlAwMlBpVUstc1ltLUF1dF9TV01fWmsifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLTJwdDVqIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJkMWRiOTY3Ni0xMTU3LTRkZDQtODk4OS1jMTA0ZjU2ZWI0YWEiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.eSjUGVNmuCDVh9mcDOexWW65oOmJlkwExwB1NY4QLyWCkTGKKyjj5VxCHL2M9tfam5aD7JjbBBc9OPMKEsnHTVFoXq4QKJ6kPRCO5sxbOL7cGL9iUqLzVwLkApcKyf9l9oGpDz4Br0iQdjmqi4fDkJVrRAVSdYq2Z8bS7lX7gjOlCqvlduAaaVcXskgtmyJYvbFqAFy641NHnKDTzA_le3wx5ja-1blxsmu3m-McXxVhi4sA6mRlTtxn2d4_2Y5XukYbZ9Xh8kaUrc4h2axrDhvhvtn-WomGvlcV_5kf9EQ1HdW0quDxnzEbq5gVMVsY0KS-hV7x1HXd8E4Ty6TNjw
13ca.crt: 1025 bytes
Step 6 - Sign In to Kubernetes Dashboard
Copy the token and go back to browser (http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/). On the authenticate page select the option token and paste the token.
Click “SIGN IN” and you should be able to see your Kubernetes Dashboard fully operational.
Great now you have your dashboard up and running.
3. Setting Up kubernetes Dashboard on GKE(Google Kubernetes Engine) on GCP(Google Cloud Platform)
Setting the kubernetes dashboard on GKE(Google Kubernetes Engine) is fairly simple as compared to setting it up on local kubernetes cluster or in minikube.id
Before that first thing which we need to do is to setup kubernetes cluster on GKE(Google Kubernetes Engine).
Step 1 - Setup kubernetes cluster on GKE(Google Kubernetes Engine)
Goto - https://cloud.google.com/
(Note - If you do not have Google Cloud Account active then you can use the free credit provided by google to utilize its services. Google provides 300$ credit for 1 year and it is sufficient enough to start working with google cloud services)
So I am assuming now you have Google Cloud account, now you can goto My First Project
Then you can create a New Project
In this case I am creating a sample project with name - jhooq-sprinboot-k8s-demo
Now on the left hand navigation menu search for the menu "Kubernetes Engine" then click on "Clusters"
Now click on Create Cluster then it will show up Cluster Basics form where you need to fill in the Cluster Name.
So in our case I am putting the cluster name as - jhooq-kubernetes-dashboard
And after that click on the create cluster.(Cluster creation generally takes little time so be patient.)
After the cluster creation click on the Connect option to access the Cluster Command Line Console
On console it will by default put an command to get the credentials, so you just need to press enter or execute that command.
Step 2 - Setup dashboard or install dashboard
Now you need to run the dahsboard install command using kubectl
1$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml
1namespace/kubernetes-dashboard created
2serviceaccount/kubernetes-dashboard created
3service/kubernetes-dashboard created
4secret/kubernetes-dashboard-certs created
5secret/kubernetes-dashboard-csrf created
6secret/kubernetes-dashboard-key-holder created
7configmap/kubernetes-dashboard-settings created
8role.rbac.authorization.k8s.io/kubernetes-dashboard created
9clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
10rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
11clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
12deployment.apps/kubernetes-dashboard created
13service/dashboard-metrics-scraper created
14deployment.apps/dashboard-metrics-scraper created
Step 3 - Create service Account
Run the following command on the gcloud terminal for creating service account
1cat <<EOF | kubectl create -f -
2apiVersion: v1
3kind: ServiceAccount
4metadata:
5 name: admin-user
6 namespace: kubernetes-dashboard
7EOF
Step 4 - Create ClusterRoleBinding with the user which we have created in Step 3.
1cat <<EOF | kubectl create -f -
2apiVersion: rbac.authorization.k8s.io/v1
3kind: ClusterRoleBinding
4metadata:
5 name: admin-user
6roleRef:
7 apiGroup: rbac.authorization.k8s.io
8 kind: ClusterRole
9 name: cluster-admin
10subjects:
11- kind: ServiceAccount
12 name: admin-user
13 namespace: kubernetes-dashboard
14EOF
Step 5 - Start kubectl proxy
Now we need to start the kubectl proxy server
1$ kubectl proxy
Step 6 - Generate secret token for accessing dashaboard
Use the following command to generate secret token because we need this token to access the dashboard
1$ kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')
It should return something similar
1Name: default-token-sv6pq
2Namespace: kubernetes-dashboard
3Labels: <none>
4Annotations: kubernetes.io/service-account.name: default
5 kubernetes.io/service-account.uid: df19ff8d-b64a-11ea-a6e6-42010a80021d
6
7Type: kubernetes.io/service-account-token
8
9Data
10====
11ca.crt: 1119 bytes
12namespace: 20 bytes
13token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkZWZhdWx0LXRva2VuLXN2NnBxIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImRlZmF1bHQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJkZjE5ZmY4ZC1iNjRhLTExZWEtYTZlNi00MjAxMGE4MDAyMWQiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6ZGVmYXVsdCJ9.A2-J2esIQ4f_lyIdSu7R9r2MAMR2DKMoWQw9qg-TJ3Qx3DyQwYdeTi-bPZgV8LDwoT-jM9mkHTkoh2FKM-FFMysY-HYQCz13DoGGOxUSPwNUpc5bNKP0o1dr14QqwV2ePI6ZWZEP6Tl8M_oYScKxara4md2m7CIy40xUwheVxI-rs8f98GGhCwU4m_sD-CJVP3ViGPpD799Qfi2nrY0rpmwJrs1N1Q6Qs8zVHyK9vRfzi1uNU0Y3j3gUgBvdE0xAkj-WGw4pk7elCn-zaI30bRdb55XKfuW8sCPVfN-snKL7LQr-wBILPIs5IK3vRs3aeDnxB22yZYAhrsXRc-iVIw
Step 7 - Access the dashboard
Since you are working on Google Cloud url will be little different for you.
To get the URL first you need to click on the Web Preview option inside the Google Cloud console.
You need to change few thing in the url for accessing the kubernetes dashboard
Change the port from 8080 to 8001 and replace the end url from /?authuser=0 to /api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login
So the final URL should look like this
Step 8 - Use the token from Step 6
Select the option Token and paste the secret token generated in the Step 6 and then click on sign in.
And you should be able to access the dashboard on Google Kubernetes Engine
Great now you have successfully setup the kubernetes dashboard on Google kubernetes Engine.
Summary
If you are reading this summary it means that you have completed the following tasks -
- kubectl installation, minikube installation and dashbaord setup
- kubernetes dashboard setup on local kubernetes cluster using Vagrant's virtual machine on Ubuntu
- And finally we tried Setting Up kubernetes Dashboard on GKE(Google Kubernetes Engine) on GCP(Google Cloud Platform)
Learn more On Kubernetes -
- Setup kubernetes on Ubuntu
- Setup Kubernetes on CentOs
- Setup HA Kubernetes Cluster with Kubespray
- Setup HA Kubernetes with Minikube
- Setup Kubernetes Dashboard for local kubernetes cluster
- Setup Kubernetes Dashboard On GCP(Google Cloud Platform)
- How to use Persistent Volume and Persistent Volume Claims in Kubernetes
- Deploy Spring Boot Microservice on local Kubernetes cluster
- Deploy Spring Boot Microservice on Cloud Platform(GCP)
- Setting up Ingress controller NGINX along with HAproxy inside Kubernetes cluster
- CI/CD Kubernetes | Setting up CI/CD Jenkins pipeline for kubernetes
- kubectl export YAML | Get YAML for deployed kubernetes resources(service, deployment, PV, PVC....)
- How to setup kubernetes jenkins pipeline on AWS?
- Implementing Kubernetes liveness, Readiness and Startup probes with Spring Boot Microservice Application?
- How to fix kubernetes pods getting recreated?
- How to delete all kubernetes PODS?
- How to use Kubernetes secrets?
- Share kubernetes secrets between namespaces?
- How to Delete PV(Persistent Volume) and PVC(Persistent Volume Claim) stuck in terminating state?
- Delete Kubernetes POD stuck in terminating state?
Posts in this Series
- Kubernetes Cheat Sheet for day to day DevOps operations?
- Delete Kubernetes POD stuck in terminating state?
- How to Delete PV(Persistent Volume) and PVC(Persistent Volume Claim) stuck in terminating state?
- Share kubernetes secrets between namespaces?
- How to use Kubernetes secrets?
- How to delete all kubernetes PODS?
- kubernetes pods getting recreated?
- Implementing Kubernetes liveness, Readiness and Startup probes with Spring Boot Microservice Application?
- kubectl export yaml OR How to generate YAML for deployed kubernetes resources
- Kubernetes Updates
- CI/CD Kubernetes | Setting up CI/CD Jenkins pipeline for kubernetes
- Kubernetes cluster setup with Jenkins
- How to use Persistent Volume and Persistent Claims | Kubernetes
- How to fix ProvisioningFailed persistentvolume controller no volume plugin matched
- Fixing – Cannot bind to requested volume: storageClasseName does not match
- Fixing – pod has unbound immediate persistentvolumeclaims or cannot bind to requested volume incompatible accessmode
- How to fix kubernetes dashboard forbidden 403 error – message services https kubernetes-dashboard is forbidden User
- How to fix Kubernetes – error execution phase preflight [preflight]
- Deploy Spring Boot microservices on kubernetes?
- How to fix – ansible_memtotal_mb minimal_master_memory_mb
- How to use kubespray – 12 Steps for Installing a Production Ready Kubernetes Cluster
- How to setup kubernetes on CentOS 8 and CentOS 7
- How to fix – How to fix - ERROR Swap running with swap on is not supported. Please disable swap
- 14 Steps to Install kubernetes on Ubuntu 20.04(bento/ubuntu-20.04), 18.04(hashicorp/bionic64)
- Kubernetes Dashboard | Kubernetes Admin GUI | Kubernetes Desktop Client
- Install Kubernetes with Minikube