Rand/eng works

• Setting up the Dashboard in a specific node

Whilst the Kubernetes dashboard is directly setup by environments and tools like Minikube, when setting a Kubernetes instance from scratch, this must be manually enabled.

This is more subtle when deploying within a cluster of Kubernetes nodes, since (as other Kubernetes resources) the dashboard is deployed and accessible from the node where the commands are executed. Attempting to access from other nodes will result into routing issues.

Setting up the Dashboard in a specific node

Following this instructions it will be possible to deploy specific Kubernetes resources that will be accessible on the node where these are requested. In this case, I consider a 3-node deployment, with 1 master and 2 worker nodes. The dashboard will run in the master node, after having enabled the pod scheduling in the master or control plane.

First you have to make sure that the dashboard port (8001) is accessible from your current environment (e.g., localhost) to the Kubernetes node where you will run the dashboard. For Vagrant environments, you could check this file and adapt to your needs.

Then, it is time to create specific resources like Pod, ServiceAccount and Deployment through applying the following YAML manifests. The content is taken from the Kubernetes-dashboard repository itself. It is, however, slightly adapted to force the location of the Deployment resource into the master node, following the indications from the Kubernetes guides.

For instance, this is the list of available nodes, where the current node is “k8s-master”.

1
2
3
4
5
K8S_MASTER_NODE_NAME$ kubectl get nodes
NAME                    STATUS     ROLES                  AGE   VERSION
k8s-master              Ready      control-plane,master   31d   v1.21.2
k8s-node01              Ready      <none>                 31d   v1.21.2
k8s-node02              Ready      <none>                 31d   v1.21.2

The name of the master node will be exported so as to be used in the next step to hint where to create the Deployment resource.

1
export K8S_MASTER_NODE_NAME=$(kubectl get nodes | grep master | cut -d" " -f1)

Now, create all dashboard-related resources. Feel free to have a look at the manifest to understand its content.

1
kubectl apply -f https://raw.githubusercontent.com/CarolinaFernandez/CarolinaFernandez.github.io/master/file/post/2021-04-18-Dashboard-in-Kubernetes/kubernetes-dashboard.yaml

Wait few seconds after this (e.g., 15 seconds) to allow the dashboard to get to run. Check the resources, for instance the Pod resources generated by the Deployment set above:

1
2
3
4
$ kubectl get pods -n kubernetes-dashboard
NAME                                         READY   STATUS    RESTARTS   AGE
dashboard-metrics-scraper-856586f554-7m7bv   1/1     Running   0          15s
kubernetes-dashboard-85b5f4579c-4xhzk        1/1     Running   0          15s

Verify the generated pod is reachable already:

1
2
3
4
kube_dashboard_ns="kubernetes-dashboard"
kube_dashboard_pod_name=$(kubectl get pods -n ${kube_dashboard_ns} | grep "kubernetes-dashboard" | cut -d" " -f1)
kube_dashboard_pod_ip=$(kubectl get pod -n ${kube_dashboard_ns} ${kube_dashboard_pod_name} -o wide | awk -F ' ' '{print $6}' | tail -1)
ping -c 1 ${kube_dashboard_pod_ip}

If so, obtain and copy the token provided by the Secret resource defined above.

1
2
3
TOKEN=$(kubectl -n kubernetes-dashboard get secret $(kubectl -n kubernetes-dashboard get sa/admin-user -o jsonpath="{.secrets[0].name}") -o go-template="")
kubectl config set-credentials admin-user --token="${TOKEN}"
echo $TOKEN

Finally, if you want to access the dashboard from outside the node where this runs, issue a kubectl proxy command.

1
nohup kubectl proxy --kubeconfig=/home/vagrant/.kube/config --address='0.0.0.0' --port=8001 --accept-hosts='.*' > kubectl_proxy_dashboard.log &

Now, the dashboard will be located at http://127.0.0.1:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy, where you will be asked for the token defined in the previous step.

When all above is taken care of, the dashboard will be ready to interact with.