I recently installed Kubernetes using Kubernetes Operations tool, but when I installed Kubernetes Dashboard using this script, the dashboard endpoints were in a private cluster.
Is there a way I can expose this dashboard over a public network using something like a service type LoadBalancer and put it behind a password or a secure authentication?
There is a lot that can be done with such a Dashboard, which is why I would like it behind a secure endpoint.
You can easily accomplish that with Ingress coupled with NginX IngressController
if you use something like :
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: dashboard.mydomain.tld
namespace: kube-system
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/auth-type: basic
ingress.kubernetes.io/auth-realm: "Auth required"
ingress.kubernetes.io/auth-secret: htpasswd
spec:
rules:
- host: dashboard.mydomain.tld
http:
paths:
- path: /
backend:
serviceName: <dashsvc>
servicePort: <dashport>alongside with a proper htpasswd secret as indicated by auth-secret annotation
apiVersion: v1
kind: Secret
metadata:
name: htpasswd
namespace: kube-system
type: Opaque
data:
auth: <your htpasswd base64>note: You need a working ingress controller setup prior to using this for exposing your service to the world. You can also easily combine it with kube-lego for automated https support so your service is exposed over secured channel.