I have been in DevOps related jobs for past 6 years dealing mainly with Kubernetes in AWS and on-premise as well. I spent quite a lot …
Kubernetes dashboard
Kubectl proxy
- creates a proxy server between localhost and the Kubernetes API Server
- uses connection as configured in the kubeconfig
- Run
kubectl proxycommand at your master node cks-master
Kubectl port-forward
Install kubenretes dashboard
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.0/aio/deploy/recommended.yaml
Create SSH tunnel to cks-master
ssh -i ~/.ssh/google_compute_engine -L8001:127.0.0.1:8001 jantoth@35.198.101.56
Find a token belonging to kubernetes-dashboard serviceaccount
kubectl get secret kubernetes-dashboard-token-c7j68 -n kubernetes-dashboard -ojsonpath='{.data.token}' | base64 -d
How to enable insecure HTTP at kubernetes dashboard
hugo % k edit deployments.apps -n kubernetes-dashboard kubernetes-dashboard
deployment.apps/kubernetes-dashboard edited
...
matchLabels:
k8s-app: kubernetes-dashboard
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
k8s-app: kubernetes-dashboard
spec:
containers:
- args:
# - --auto-generate-certificates < ------- disable this option !!!
- --namespace=kubernetes-dashboard
- --insecure-port=9090 < ------- add this option !!!
image: kubernetesui/dashboard:v2.5.0
imagePullPolicy: Always
livenessProbe:
...
PLUS adjust readiness and livenessProbe ...
...
# edit service too
k edit svc -n kubernetes-dashboard kubernetes-dashboard
apiVersion: v1
kind: Service
metadata:
...
...
ports:
- nodePort: 30222
port: 9090
protocol: TCP
targetPort: 9090
selector:
k8s-app: kubernetes-dashboard
sessionAffinity: None
type: NodePort