Bobcares

Getting Started: OVH Kubernetes Dashboard Setup

by | Jun 21, 2024

Monitor clusters easily via the OVH Kubernetes Dashboard with a little help from our experts. Our OVH Support team is here to help you with your questions and concerns.

Getting Started: OVH Kubernetes Dashboard Setup

The Kubernetes Dashboard is a web-based user interface that simplifies the management and monitoring of Kubernetes clusters. It offers a graphical representation of the state of our Kubernetes resources.

In other words, it lets us visualize and interact with the cluster. Today we will take a quick look at deploying the Kubernetes Dashboard, creating an authentication token, and accessing the Dashboard.

  • Deploy the Dashboard in a Cluster
  • Create an Authentication Token (RBAC)
  • Retrieve the Bearer Token
  • Access the Dashboard
  • Delete All Kubernetes Dashboard Resources

How to Deploy the Dashboard in a Cluster

To deploy the Dashboard, we have to choose the version that matches the Kubernetes version to avoid incompatibilities. Here’s how we can deploy the Dashboard:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml

After that, we will see an output similar to the following:

namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created

How to Create an Authentication Token (RBAC)

To access the Dashboard, we need to create a new user with the service account mechanism in Kubernetes. This user must have admin permissions and use a bearer token for login.

  1. First, create a service account named `admin-user` in the `kubernetes-dashboard` namespace.
  2. Then, save the following YAML to a file named `dashboard-service-account.yml`:

    Getting Started: OVH Kubernetes Dashboard Setup

  3. Next, apply the file to the cluster:

    kubectl apply -f dashboard-service-account.yml

    As a result, we will see the following message:

    serviceaccount/admin-user created

  4. Then, create a RoleBinding using the `cluster-admin` role to bind the cluster to your service account. We need to save the following YAML to a file named `dashboard-cluster-role-binding.yml`:

    RoleBinding

  5. Next, apply the file to the cluster:

    kubectl apply -f dashboard-cluster-role-binding.yml

    As a result, we will see the following message:

    clusterrolebinding.rbac.authorization.k8s.io/admin-user created

  6. Since Kubernetes v1.24.0, Secret API objects containing service account tokens are not auto-generated. So, we have to create it manually. Hence, save the following YAML to a file named `service-account-token.yml`:

    service account token

  7. Then, apply the file to the cluster:

    kubectl apply -f service-account-token.yml

    As a result, we will see the following message:

    secret/admin-user-token created

How to Retrieve the Bearer Token

To log into the Dashboard, we have to retrieve the bearer token with this command:

kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user-token | awk '{print $1}')

Then, we will see output like this:

Bearer Token

Now, copy and securely store the token. This is the key to accessing the Dashboard.

How to Access the Dashboard

To access the Dashboard from the local workstation we have to create a secure channel to the Kubernetes cluster using `kubectl proxy`:

kubectl proxy

Then we will see this message:

Starting to serve on 127.0.0.1:8001

We can open the Dashboard at:

http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/

On the login page, select authentication by token and use the bearer token we saved earlier. This will take us directly to the Dashboard.

How to Delete All Kubernetes Dashboard Resources

We can easily remove all resources created by the Dashboard deployment with these commands:

kubectl delete ns kubernetes-dashboard
kubectl delete -f dashboard-cluster-role-binding.yml

[Need assistance with a different issue? Our team is available 24/7.]

Conclusion

In brief, our Support Experts demonstrated how to deploy the Kubernetes Dashboard, create an authentication token, and access the Dashboard.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.