Dashboard: How allow access to Kubernetes-Dashboard from master real routed IP address?
Environment
Dashboard version: 1.8.2
Kubernetes version: 1.9
Operating system: Ubuntu server 16.04 LTE
Node.js version:
Go version:
Steps to reproduce
I installed dashboard :
kubectl create secret generic kubernetes-dashboard-certs --from-file=$HOME/certs -n kube-system
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml
Observed result
From Kubernetes cluster work well, but from real master and node subnet no!
Expected result
Maybe is possible get a command example, how to!
Comments
itkroplis
All 19 comments
Describe the issue better. I don't understand what you need.
floreks
on 31 Jan 2018
I have Kubernetes cluster. Master + nodes
Master real routed IP is eth0 = 172.24.48.109
Kubernete-Dashboard work to https://10.101.209.226 (only into cluster)
I want to access to Kubernete-Dashboard from IP=172.24.48.22 (nearby Master server but not the cluster member). How to allow access piem. from https://172.24.48.22:8443 ?
itkroplis
on 1 Feb 2018
You can't access it through master directly without manually installing user certificates in the browser. This is a kubernetes configuration issue not Dashboard itself.
floreks
on 1 Feb 2018
Or Can not define port similar as docker? When the internal port is sent to the external port
itkroplis
on 1 Feb 2018
You can access Dashboard with any of the following options:
- kubectl proxy
- master-ip/dashboard-url (in case apiserver authentication is setup to accept browser)
- loadbalancer-ip of Dashboard (in case Dashboard is exposed like any other web application)
cheld
on 2 Feb 2018
Yes kubectl proxy. Do you can give example?
itkroplis
on 2 Feb 2018
I have the same problem, but I think kubectl proxy will not work for external browsers, it will expose proxy form master node for a cluster, and you will access to a dashboard in the cluster's nodes through localhost.
lagoshny
on 26 Feb 2018
Ok kubectl proxy. I want example.
I try
kubectl proxy --address 0.0.0.0 --accept-hosts '.*'
Dashboard webpage can open but not work token. The same token from 127.0.0.1 work well.
itkroplis
on 26 Feb 2018
Read kubectl proxy section: https://github.com/kubernetes/dashboard/wiki/Accessing-Dashboard---1.7.X-and-above#kubectl-proxy
floreks
on 26 Feb 2018
Ok kubectl proxy. I want example.
I try
kubectl proxy --address 0.0.0.0 --accept-hosts '.*'
Dashboard webpage can open but not work token. The same token from 127.0.0.1 work well.
I have this exact issue. The wiki linked below it does not work anymore.
Haribo112
on 2 Oct 2019
It won't work by design. Do not expose Dashboard over HTTP. Login will not work. Only authorization header will.
floreks
on 2 Oct 2019
It won't work by design. Do not expose Dashboard over HTTP. Login will not work. Only authorization header will.
Okay, so can anyone tell me this IS supposed to work? My Kubernetes cluster is running on Ubuntu Server 18.04, it does not have a web browser or any kind of graphical interface. How am I supposed to use this product then.
Haribo112
on 2 Oct 2019
You can use it on localhost with kubectl proxy. If you want to expose it to the world, then you have to securely configure it with some kind of reverse proxy (i.e. nginx).
floreks
on 2 Oct 2019
im install kubernetes-dashboard not work in ubuntu 18.04
using test
http://ip-public:8001
http://ip-public:8443
not work please help me
and off firewall ufw
rezabojnordi
on 21 Dec 2019
my config
kubectl -n kube-system edit service kubernetes-dashboard
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
kind: Service
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"k8s-app":"kubernetes-dashboard"},"name":"kubernetes-dashboard","namespace":"kube-system"},"spec":{"ports":[{"port":443,"targetPort":8443}],"selector":{"k8s-app":"kubernetes-dashboard"}}}
creationTimestamp: "2019-12-21T05:54:38Z"
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
resourceVersion: "348035"
selfLink: /api/v1/namespaces/kube-system/services/kubernetes-dashboard
uid: 83e34eb2-8ce5-4a53-afbd-225b57161207
spec:
clusterIP: 10.96.0.60
ports:
- port: 443
protocol: TCP
targetPort: 8443
selector:
k8s-app: kubernetes-dashboard
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
im using ip public for web browser
rezabojnordi
on 21 Dec 2019
You needs after dashboard made change type to NodePort
Quick example:
kubectl edit pod kubernetes-dashboard --output=yaml --namespace=kube-system
This:
ports:
- port: 443
protocol: TCP
targetPort: 8443
Change to:
ports:
- nodePort: 30573
port: 443
protocol: TCP
targetPort: 8443
:qa
kubectl delete pods kubernetes-dashboard -n kube-system
I hope this example helps you.
itkroplis
on 26 Dec 2019
I'm run kubeadm install dashboard in master im, not login to dashboard with the token
rezabojnordi
on 28 Dec 2019
im using website for kubeadm
step by step
https://www.katacoda.com/courses/kubernetes/getting-started-with-kubeadm
rezabojnordi
on 28 Dec 2019
I don't know what you do. Katacoda wants login!
I think you need to find correct token for dashboard. For test you can make dashboard as http, without ssl and token.
https://gist.github.com/jpetazzo/c53a28b5b7fdae88bc3c5f0945552c04
https://github.com/kubernetes/dashboard
itkroplis
on 6 Jan 2020
Related issues
donspaulding
路
5Comments
dzoeteman
路
4Comments
MichaelJCole
路
5Comments
Fohlen
路
4Comments
maciaszczykm
路
4Comments
Most helpful comment
Ok kubectl proxy. I want example.
I try
kubectl proxy --address 0.0.0.0 --accept-hosts '.*'
Dashboard webpage can open but not work token. The same token from 127.0.0.1 work well.