Kubernetes – Dashboard Setup is a web-based user interface that offers a summary of your Kubernetes cluster. You may manage your resources using a graphical interface and view information about your pods, deployments, services, and more with the dashboard. How do you maintain track of all the containers you deploy using Kubernetes when there are hundreds of them? That won’t work with a command-line interface. Everything must be represented visually. Welcome to the Kubernetes dashboard. The official web-based UI for Kubernetes, known as Kubernetes Dashboard, consists of a collection of services that make cluster management easier. You will discover how to set up the Kubernetes Dashboard on an Ubuntu computer step-by-step in this guide.
What Is The Kubernetes Dashboard UI(User Interface)?
Kubernetes Dashboard is used to represent all the cluster components and resources in the form of User Interface(UI). Instead of using kubectl (Command line interface) to list the cluster resources you can use the Kubernetes dashboard and watch in the form of UI. You can view the resources in the cluster and the Kubernetes dashboard will allow you to interact with the resources like pods, services, deployments, and some other resources.
It is not an replacement of kubectl.
Kubernetes Dashboard UI(User Interface) Features
- Manage Pods: You can view the pods and manage the Kubernetes pods. Without the need for Kubectl, you can view the pods manage the ods, and edit the pod’s configuration according to your requirement. You can perform most of the operations performed by the Kubernetes kubectl command.
- Manage Services: Service is the resource used in Kubernetes to expose the pod to the internet from where the end users can access the application. It can be managed with the help of the Kubernetes dashboard. You can create new services, edit the existing services, and changes the configurations.
- Manage Deployments: You view the no.of deployments that you have deployed so far and also you can also see the current working status of the Kubernetes deployments you have deployed till now also edit the configuration of deployment yaml files like you change the no.of replicas required and so on.
- Manage Resources: You can manage some other resources which are present in the Kubernetes cluster like
- ConfigMaps.
- Secrets.
- Namespaces.
Other than the features mentioned above you can also you can check the logs and status of the resources which you are using in the kubernetes cluster.
Access the Kubernetes Dashboard UI(User Interface) Using Token
Follow the steps that mentioned below to access the kuebernetes dashboard by the token.
Step 1: First you need to get the token to access the kubernetes dashboard for that using the following command.
kubectl -n kube-system get secret $(kubectl -n kube-system get serviceaccount dashboard -o jsonpath='{.secrets[0].name}')
-o go template='{{.data.token}}'
Step 2: After getting the access token know copy and paste the token in the kubernetes dashboard Dialuge box from where you can access the kubernetes dashboard.
Deploy and Access the Kubernetes Dashboard UI(User Interface)
If you want to set up a Kubernetes dashboard for your application then you need to create the following.
- Deployment.
- Service.
In this, the deployment is going to take care of the pod and the service is going to take care to expose the pod to the internet. After deploying the Kubernetes dashboard you can access it from the internet by using localhost (http://localhost:8080.)
Deploying Kubernetes Dashboard UI(User Interface)
- First, open your SSH client and connect to your Kubernetes master node.
- To install the Kubernetes dashboard, you can use Kubectl to apply the recommended deployment manifest. kubectl command-line interface tool that manages a Kubernetes Dashboard installation and many other Kubernetes tasks.
Kubernetes Dashboard UI(User Interface) Setup
Save the below code in any file and execute it
kubectl apply -f (mention file name)
apiVersion: v1
kind: Namespace
metadata:
name: kubernetes-dashboard
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
---
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
ports:
- port: 443
targetPort: 8443
selector:
k8s-app: kubernetes-dashboard
---
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-certs
namespace: kubernetes-dashboard
type: Opaque
---
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-csrf
namespace: kubernetes-dashboard
type: Opaque
data:
csrf: ""
---
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-key-holder
namespace: kubernetes-dashboard
type: Opaque
---
kind: ConfigMap
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-settings
namespace: kubernetes-dashboard
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
rules:
# Allow Dashboard to get, update and delete Dashboard exclusive secrets.
- apiGroups: [""]
resources: ["secrets"]
resourceNames: ["kubernetes-dashboard-key-holder",
"kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"]
verbs: ["get", "update", "delete"]
# Allow Dashboard to get and update
'kubernetes-dashboard-settings' config map.
- apiGroups: [""]
resources: ["configmaps"]
resourceNames: ["kubernetes-dashboard-settings"]
verbs: ["get", "update"]
# Allow Dashboard to get metrics.
- apiGroups: [""]
resources: ["services"]
resourceNames: ["heapster", "dashboard-metrics-scraper"]
verbs: ["proxy"]
- apiGroups: [""]
resources: ["services/proxy"]
resourceNames: ["heapster", "http:heapster:",
"https:heapster:", "dashboard-metrics-scraper",
"http:dashboard-metrics-scraper"]
verbs: ["get"]
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
rules:
# Allow Metrics Scraper to get metrics from the Metrics server
- apiGroups: ["metrics.k8s.io"]
resources: ["pods", "nodes"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kubernetes-dashboard
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kubernetes-dashboard
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kubernetes-dashboard
---
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
spec:
containers:
- name: kubernetes-dashboard
image: kubernetesui/dashboard:v2.4.0
imagePullPolicy: Always
ports:
- containerPort: 8443
protocol: TCP
args:
- --auto-generate-certificates
- --namespace=kubernetes-dashboard
# Uncomment the following line to manually
specify Kubernetes API server Host
# If not specified, Dashboard will attempt
to auto discover the API server and connect
# to it. Uncomment only if the default does not work.
# - --apiserver-host=http://my-address:port
volumeMounts:
- name: kubernetes-dashboard-certs
mountPath: /certs
# Create on-disk volume to store exec logs
- mountPath: /tmp
name: tmp-volume
livenessProbe:
httpGet:
scheme: HTTPS
path: /
port: 8443
initialDelaySeconds: 30
timeoutSeconds: 30
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsUser: 1001
runAsGroup: 2001
volumes:
- name: kubernetes-dashboard-certs
secret:
secretName: kubernetes-dashboard-certs
- name: tmp-volume
emptyDir: {}
serviceAccountName: kubernetes-dashboard
nodeSelector:
"kubernetes.io/os": linux
# Comment the following tolerations if Dashboard must not be deployed on master
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
---
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: dashboard-metrics-scraper
name: dashboard-metrics-scraper
namespace: kubernetes-dashboard
spec:
ports:
- port: 8000
targetPort: 8000
selector:
k8s-app: dashboard-metrics-scraper
---
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
k8s-app: dashboard-metrics-scraper
name: dashboard-metrics-scraper
namespace: kubernetes-dashboard
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: dashboard-metrics-scraper
template:
metadata:
labels:
k8s-app: dashboard-metrics-scraper
spec:
securityContext:
seccompProfile:
type: RuntimeDefault
containers:
- name: dashboard-metrics-scraper
image: kubernetesui/metrics-scraper:v1.0.7
ports:
- containerPort: 8000
protocol: TCP
livenessProbe:
httpGet:
scheme: HTTP
path: /
port: 8000
initialDelaySeconds: 30
timeoutSeconds: 30
volumeMounts:
- mountPath: /tmp
name: tmp-volume
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsUser: 1001
runAsGroup: 2001
serviceAccountName: kubernetes-dashboard
nodeSelector:
"kubernetes.io/os": linux
# Comment the following tolerations if Dashboard must not be deployed on master
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
volumes:
- name: tmp-volume
emptyDir: {}
This will generate the deployment, service, and secret that are required by Kubernetes for the dashboard to function. After executing the command, kubectl creates a namespace, service account, Kubernetes configMap, pods, cluster role, service, RBAC, and deployments resources representing the Kubernetes dashboard.
Kubernetes Dashboard UI(User Interface) Resources
After executing the command, kubectl creates a namespace, service account, config map, pods, cluster role, service, RBAC, and deployments resources representing the Kubernetes dashboard.
- Namespace: Within a Kubernetes cluster, a namespace enables resource organization and isolation. The “Kubernetes-dashboard” namespace is established in this instance to house all resources related to the dashboard.
- Service Account: A service account gives a pod or group of pods an identity to communicate with the Kubernetes API server. In this instance, the dashboard pod will utilize the “Kubernetes-dashboard” service account to access the Kubernetes API.
- Secret: In a Kubernetes cluster, private information like TLS keys and certificates is kept in a secret. The TLS certificate and key used by the dashboard pod to secure its web traffic are created in this instance and stored in the “Kubernetes-dashboard-certs” secret
- ConfigMap: A config map is used to store configuration data that can be accessed by a pod or group of pods running in a Kubernetes cluster. In this case, the “Kubernetes-dashboard-settings” config map is created to store the configuration settings for the Kubernetes dashboard.
- Pods: The smallest deployable unit in Kubernetes, or pod, stands for a single instance of a process that is currently operating in a cluster. The Kubernetes dashboard is configured as a pod in this example, running in the “Kubernetes-dashboard” namespace, connecting to the Kubernetes API server using the “Kubernetes-dashboard-certs” secret and the “Kubernetes-dashboard-settings” config map, and being deployed as a pod.
- Cluster Role: A cluster role is used to specify a set of permissions that can be given to a user or group of users throughout the whole Kubernetes cluster. To specify the rights needed by the dashboard to access and manage Kubernetes resources, the “Kubernetes-dashboard” cluster role is created in this instance.
- Services: A group of pods running in a Kubernetes cluster are exposed as a network service using a service. In this instance, the dashboard pod executing in the “Kubernetes-dashboard” namespace is given network access by the “Kubernetes-dashboard” service.
- RBAC: A technique for restricting access to Kubernetes resources based on user roles and permissions is called role-based access control (RBAC). In this instance, RBAC rules are made to provide access to and management of the Kubernetes resources needed by the dashboard by the “Kubernetes-dashboard” service account.
- Deployments: A deployment is used to control the scaling, rolling updates, and rollbacks of a group of pods in a Kubernetes cluster. In this instance, the dashboard pod running in the “Kubernetes-dashboard” namespace is managed through the creation of the “Kubernetes-dashboard” deployment.
Run the kubectl get command to see if all the resources were successfully installed.
kubectl get all -n Kubernetes-dashboard
Kubernetes Cluster Role Binding For Kubernetes Dashboard UI(User Interface)
The dashboard runs with restricted access by default; to provide it with the required permissions, you must create a service account and cluster role binding.
kubectl create serviceaccount dashboard-admin-sa
Next, create a cluster role binding that grants the service account the cluster-admin role:
kubectl create cluster role binding dashboard-admin-sa \
--clusterrole=cluster-admin \
--serviceaccount=default:dashboard-admin-sa
Keeping the token used for dashboard authentication secure will prevent the dashboard from doing any action on your cluster.
Execute the file on the master node using the below command:
kubectl apply -f sa-dashboard.yaml
Get the Token for the Service Account
To log in to the dashboard, you will need the token for the service account you created in Step 2. You can retrieve the token using the following command:
- Use the below command to obtain the service account; for reference, check the image below.
kubectl get sa -n kube-system
- Use the below command to obtain the secret; for reference, check the image below.
kubectl describe sa dashboard-admin -n kube-system
- Get the token by using the below command for reference, check the image below.
kubectl describe secret dashboard-admin-token-v5g7h -n kube-system
.jpg)
- Start Kubernetes proxy in order to access the Kubernetes dashboard from your local machine.
kubectl proxy
This command will create the proxy servers and you can access the dashboard.
Accessing the Kubernetes localhost Dashboard UI(User Interface)
Now that the proxy has been started, you can use your web browser to access the Kubernetes dashboard URL:
http://localhost:8001/api/v1/namespaces/
kubernetes-dashboard/services
/https:kubernetes-dashboard:/proxy/
This URL is for the Kubernetes dashboard login. Enter the token that you receive while login into the dashboard (step 3). Now, the Kubernetes dashboard setup is complete, you can now use it to manage your Kubernetes cluster from GUI.
For security reasons, it is recommended that you access the Kubernetes dashboard over a secure connection (HTTPS) rather than HTTP. To set up HTTPS, you will need to create a TLS certificate and configure your Kubernetes API server to use the certificate. You can find more information on how to set up HTTPS for the Kubernetes dashboard in the official Kubernetes.
Deploying Containerized Applications
Deploying the Dashboard in the form of containerized application on kubernetes will give you the flexibility to scale the application with easier way and the availability of the application is also going to increase.
Specifying Application Details For Kubernetes Dashboard
- Name: The name of your application.
- Image: The image that your application is running.(Docker Image).
- Port: The port that your application is listening on.
- Replicas: The number of Pods that you want to create for your application.
- Selector: A label selector that is used to match Pods to your application.
- Template: The template that is used to create Pods for your application.
FAQs On Kubernetes Dashboard UI(User Interface)
1. Is The Kubernetes Dashboard UI(User Interface) Free?
Yes kubernetes dashboard is free to use it is part of kubernetes eco-system.
2. What Is The Difference Between Kubernetes Dashboard UI(User Interface) And Rancher?
The Kubernetes Dashboard and Rancher are both tools for managing Kubernetes clusters. Kubernetes dashboard is more user convience and rancher is more advanced than kubernetes dashboard.
3. kubernetes Dashboard for Helm
A general-purpose web-based UI for managing Kubernetes clusters is called Kubernetes Dashboard. Helm chart management is one of its possible uses, however this is not its intended usage.
The community-maintained Helm Dashboard project offers a user-friendly interface for controlling Helm charts. Users may examine chart information, search charts, manage chart dependencies, and install, uninstall, update, and rollback charts.
4. kubernetes Dashboard UI(User Interface) for Grafana
Together, Kubernetes Dashboard and Grafana can offer Kubernetes clusters a complete monitoring solution. Grafana may be used to visualise cluster metrics and other data, while Kubernetes Dashboard can be used to see and manage clusters and resources.
Share your thoughts in the comments
Please Login to comment...