blog icon indicating copy to clipboard operation
blog copied to clipboard

Published 20 hours ago verified publisher icon Qingquan-Li

Run Kubernetes Dashboard

Open qingquan-li opened this issue 11 months ago • 0 comments

1. Run Kubernetes Dashboard Locally

(Use case: run Kubernetes Dashboard on a local macOS or Windows machine.)

  1. Enable Kubernetes on Docker Desktop: https://docs.docker.com/desktop/kubernetes/

    Or setup a Kubernetes cluster with minikube: https://minikube.sigs.k8s.io/docs/start/ (recommended)

  2. Deploy and Access the Kubernetes Dashboard: https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/

Kubernetes dashboard user creating

Reference: https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md

Getting a long-lived Bearer Token for ServiceAccount

dashboard-adminuser.yaml:

apiVersion: v1
kind: Secret
metadata:
  name: admin-user
  namespace: kubernetes-dashboard
  annotations:
    kubernetes.io/service-account.name: "admin-user"
type: kubernetes.io/service-account-token

Create a token with the secret which bound the service account and the token will be saved in the Secret:

$ cd path/to/k8s-dashboard-user-creating
k8s-dashboard-user-creating $ kubectl apply -f dashboard-adminuser.yaml
secret/admin-user created

Check the details (including the token) about the admin-user secret:

$ kubectl describe secret admin-user -n kubernetes-dashboard

After Secret is created, we can execute the following command to get the token which saved in the Secret:

kubectl get secret admin-user -n kubernetes-dashboard -o jsonpath={".data.token"} | base64 -d

2. Run kubernetes-dashboard-7.1.1 in Developer Mode

Reference: https://github.com/kubernetes/dashboard/blob/release/7.1.1/DEVELOPMENT.md

Kuberbetes dashboard updated from v2.7.0 to kubernetes-dashboard-7.0.0 (release/7.0.0), learn more: https://github.com/kubernetes/dashboard/releases

  1. Make sure the following software is installed and added to your path:

    • Docker
    • Go (check the required version in modules/go.work)
    • Node.js (check the required version in modules/web/package.json)
    • Yarn (check the required version in modules/web/.yarnrc.yml)
      • kubernetes-dashboard-7.1.1 use yarn@3.3.0: yarn set version 3.3.0

  2. After cloning the repository git clone --branch release/7.1.1 --single-branch --depth 1 [email protected]:kubernetes/dashboard.git, install web dependencies with cd modules/web && yarn.

  3. cd path/to/dashboard/root/directory, then you can start the development version of the application with make serve. It will create local kind cluster and run all the modules with Docker compose. (It takes time. If it takes more than 10 minutes, try to re-run make serve.) Note: You might need to set the GOPATH environment variable and install kind before running make serve. Set the GOPATH: Add export GOPATH=$HOME/go to your ~/.bash_profile, ~/.zshrc, or the configuration file for your shell. Then run source ~/.zshrc (or the equivalent command for your shell), or restart your terminal.

  4. Open a browser and access the dashboard under http://localhost:8080/. It will ask for a bearer token to login: You can generate token for service account with: kubectl -n NAMESPACE create token.

  5. Generate a token associated with a Service Account

    1. Create a Service Account in the kube-system or default namespace: kubectl create serviceaccount dashboard-admin -n kube-system.
    2. Bind the Service Account to a Cluster Role that grants the required permissions. For example, bind the dashboard-admin service account to the cluster-admin role, granting it full control over the cluster: kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin.
    3. Generate a token for the dashboard-admin service account: kubectl create token dashboard-admin -n kube-system.
    4. Copy the generated token and paste it into the Bearer Token field on the Kubernetes Dashboard login page.
kubernetes-dashboard-7 1 1

Optional: Deploy a service to the Kubernetes cluster using the dashboard

For example, delpoy a Nginx service: nginx-deployment-and-service.ymal:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
        ports:
        - containerPort: 80

---
apiVersion: v1
kind: Service
metadata:
  name: nginx-service
spec:
  type: NodePort
  selector:
    app: nginx
  ports:
  - protocol: TCP
    port: 80
    nodePort: 30080

Since kind (kubernetes-dashboard-7.1.1 uses kind) runs Kubernetes nodes inside Docker containers, you are not able to access the service through localhost:30080 on a browser. But you can use kubectl port-forward for temporary access to your service:

kubectl port-forward service/nginx-service 8081:80

This command forwards port 8081 on your local machine to port 80 of the nginx-service service, allowing you to access Nginx by visiting http://localhost:8080 in your browser.

3. Run Kubernetes Dashboard v2.7.0 in Developer Mode

(Use case: develop or test Kubernetes Dashboard)

Reference: https://github.com/kubernetes/dashboard/blob/v2.7.0/docs/developer/getting-started.md

  1. Make sure the following software is installed and added to the $PATH variable:

    • Curl 7+
    • Git 2.13.2+
    • Docker 1.13.1+
    • Golang 1.19+
    • Node.js 16.14.2+ and npm 8.5.0+

  2. git clone --branch v2.7.0 --depth 1 [email protected]:kubernetes/dashboard.git

  3. Install the dependencies: npm ci

  4. Install minikube (sets up a local Kubernetes cluster), then start the cluster: minikube start

  5. Create a proxy: kubectl proxy. kubectl will handle authentication with Kubernetes and create an API proxy with the address localhost:8080.

  6. Serving dashboard for development: npm start. In the background, npm start makes a concurrently call to start the golang backend server and the angular development server. Open a browser and access the UI under localhost:8080.

4. Run MicroK8s Kubernetes Dashboard

(Use case: run Kubernetes Dashboard on a Linux Server.)

  1. Install MicroK8s: https://microk8s.io/#install-microk8s
  2. Run dashboard: 
    $ microk8s enable dashboard

# Run it:
$ microk8s dashboard-proxy
Checking if Dashboard is running.
Infer repository core for addon dashboard
Waiting for Dashboard to come up.
Trying to get token from microk8s-dashboard-token
Waiting for secret token (attempt 0)
Dashboard will be available at https://127.0.0.1:10443
Use the following token to login:
[Token]
  3. For local port forwarding via SSH from another machine, you can use a command like: 
    ssh -L 10443:localhost:10443 user@your-server-ip

qingquan-li avatar Mar 05 '24 16:03 qingquan-li