Using Dashboard To Access Kubernetes Cluster Post Deployment On ESA HPC OpenStack Magnum

After the Kubernetes cluster has been created, you can access it through command line tool, kubectl, or you can access it through a visual interface, called the Kubernetes dashboard. This article shows how to install it.

What We Are Going To Cover

  • How to install Kubernetes Dashboard

Prerequisites

No. 1 Hosting

You need a ESA HPC hosting account with Horizon interface https://horizon.eohpc.net/auth/login/?next=/.

No. 2 Cluster and kubectl should be already operational

To eventually set up a cluster and connect it to the kubectl tool, see this article How To Access Kubernetes Cluster Post Deployment Using Kubectl On ESA HPC OpenStack Magnum.

Dashboard is a visual interface to Kubernetes cluster. It can be used interchangeably with kubectl as the CLI tool.

Step 1 Deploying the Dashboard

Install it with the following command:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.4.0/aio/deploy/recommended.yaml

The result is

../_images/dashboard_installed.png

Step 2 Creating a Sample User

Next, you create a bearer token which will serve as an authorization token for the Dashboard. To that end, you will create two local files and “send” them to the cloud using the kubectl command. The first file is called dashboard-adminuser.yaml and its contents are

apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard

Use a text editor of your choice to create that file, on MacOS or Linux you can use nano, like this:

nano dashboard-adminuser.yaml

Install that file on the Kubernetes cluster with this command:

kubectl apply -f dashboard-adminuser.yaml

The second file to create is

nano dashboard-clusterolebinding.yaml

and its contents should be:

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

The command to send it to the cloud is

kubectl apply -f dashboard-clusterolebinding.yaml

Step 3 Get the bearer token for authentication to dashboard

The final step is to get the bearer token, which is a long string that will authenticate calls to Dashboard:

kubectl -n kubernetes-dashboard \
get secret $(kubectl -n kubernetes-dashboard get sa/admin-user -o jsonpath="{.secrets[0].name}") \
-o go-template="{{.data.token | base64decode}}"

The bearer token string will be printed in terminal screen. Copy it to a text editor, it will be needed after you access the Dashboard UI through a HTTPS call.

Note

If the last character of the bearer token string is %, it may be a character that denotes the end of the string but is not a part of it. If you copy the bearer string and it is not recognized, try copying it without this ending character %.

Step 4 Create a separate terminal window

To enable the connection, start a separate terminal window and execute the following command in it:

kubectl proxy

The result will be something like this:

../_images/starting_to_server.png

Step 5 See the dashboard in browser

Then enter this address into the browser:

http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
../_images/dashboard2.png

Enter the token, click on Sign In and get the Dashboard UI for the Kubernetes cluster.

../_images/dashboard_view.png

The Kubernetes Dashboard organizes working with the cluster in a visual and interactive way. For instance, click on Nodes on the left sides to see the nodes that the k8s-cluster has.

What To Do Next

You can still use kubectl or alternate with using the Dashboard. Either way, you can

  • deploy apps on the cluster,

  • access multiple clusters,

  • create load balancers,

  • access applications in the cluster using port forwarding,

  • use Service to access application in a cluster,

  • list container images in the cluster

  • use Services, Deployments and all other resources in a Kubernetes cluster.