CentOS Stream 9
Sponsored Link

MicroK8s : Enable Dashboard
2022/07/28
 
To enable Dashboard on MicroK8s Cluster, Configure like follows.
[1] Enable Dashboard add-on on primary Node.
[root@dlp ~]#
microk8s enable dashboard dns

Infer repository core for addon dashboard
Infer repository core for addon dns
Enabling Kubernetes Dashboard
Infer repository core for addon metrics-server
Enabling Metrics-Server
serviceaccount/metrics-server created
clusterrole.rbac.authorization.k8s.io/system:aggregated-metrics-reader created
clusterrole.rbac.authorization.k8s.io/system:metrics-server created
rolebinding.rbac.authorization.k8s.io/metrics-server-auth-reader created
clusterrolebinding.rbac.authorization.k8s.io/metrics-server:system:auth-delegator created
clusterrolebinding.rbac.authorization.k8s.io/system:metrics-server created
service/metrics-server created
deployment.apps/metrics-server created
apiservice.apiregistration.k8s.io/v1beta1.metrics.k8s.io created
clusterrolebinding.rbac.authorization.k8s.io/microk8s-admin created
Metrics-Server is enabled
Applying manifest
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created

If RBAC is not enabled access the dashboard by creating a default token with:

microk8s kubectl create token -n kube-system default --duration=8544h

Use this token in the https login UI of the kubernetes-dashboard service.

In an RBAC enabled setup (microk8s enable RBAC) you need to create a user with restricted
permissions as shown in:
https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md

Enabling DNS
Applying manifest
serviceaccount/coredns created
configmap/coredns created
deployment.apps/coredns created
service/kube-dns created
clusterrole.rbac.authorization.k8s.io/coredns created
clusterrolebinding.rbac.authorization.k8s.io/coredns created
Restarting kubelet
DNS is enabled

[root@dlp ~]#
microk8s kubectl get services -n kube-system

NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                  AGE
metrics-server              ClusterIP   10.152.183.229   <none>        443/TCP                  61s
kubernetes-dashboard        ClusterIP   10.152.183.83    <none>        443/TCP                  55s
dashboard-metrics-scraper   ClusterIP   10.152.183.207   <none>        8000/TCP                 55s
kube-dns                    ClusterIP   10.152.183.10    <none>        53/UDP,53/TCP,9153/TCP   54s

[root@dlp ~]#
microk8s kubectl -n kube-system get pods -o wide

NAME                                         READY   STATUS    RESTARTS        AGE     IP            NODE            NOMINATED NODE   READINESS GATES
metrics-server-5f8f64cb86-fc7t9              0/1     Running   0               2m31s   10.1.142.70   dlp.srv.world   <none>           <none>
calico-kube-controllers-7697884475-sxlvf     1/1     Running   1 (7m38s ago)   145m    10.1.142.69   dlp.srv.world   <none>           <none>
calico-node-hkwhp                            1/1     Running   1 (7m38s ago)   145m    10.0.0.30     dlp.srv.world   <none>           <none>
coredns-66bcf65bb8-t2nw6                     1/1     Running   0               67s     10.1.142.72   dlp.srv.world   <none>           <none>
kubernetes-dashboard-765646474b-nbql2        1/1     Running   0               67s     10.1.142.71   dlp.srv.world   <none>           <none>
dashboard-metrics-scraper-6b6f796c8d-6424f   1/1     Running   0               67s     10.1.142.73   dlp.srv.world   <none>           <none>

# confirm security token

[root@dlp ~]#
microk8s config | grep token

    token: YVdYMmZzbzE5T0JHK0thOEtXbER5c1RtUDJiY1JjZ0pqZEV0aWZWd3RKOD0K

# set port-forwarding to enable external access

[root@dlp ~]#
microk8s kubectl port-forward -n kube-system service/kubernetes-dashboard --address 0.0.0.0 10443:443

Forwarding from 0.0.0.0:10443 -> 8443
# if Firewalld is running, allow ports

[root@dlp ~]#
firewall-cmd --add-port=10443/tcp

[root@dlp ~]#
firewall-cmd --runtime-to-permanent

[2] Access to [https://(MicroK8s primary node's Hostname or IP address):10443/] with an web browser on any Client computer in local network. Copy and paste the security token you confirmed on [1] to [Enter token] section and Click [Sing In] button.
[3] After authentication successfully passed, MicroK8s Cluster Dashboard is displayed.
Matched Content