I configured kubernetes cluster with one master and 4 worker nodes using KUBEADM tool IN LOCAL. All nodes are running fine. deployed an app and able access that app from browser. I have tried many ways to create a dashboard using kubectl but i am failed.
TRY1: tried directly with the below command:
$ sudo kubectl proxy --address="172.20.22.101" -p 8001 tried to access the dashboard using the url http://172.20.22.101:8001/api/v1, but it is saying unauthorized.
TRY2: created dashboard-admin.yaml file with the below content:
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard
labels:
k8s-app: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kube-systemAnd run the below command:
$ kubectl create -f dashboard-admin.yamlIt's shown me: clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created.
Running the below command:
$ sudo kubectl proxy --address="172.20.22.101" -p 443its running fine. I am accessing the http://172.20.22.101:443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/ URL from browser. it's showing same unauthorized error.
run kubectl proxy command with --accept-hosts option
kubectl proxy --address="172.20.22.101" -p 8001 --accept-hosts="^*quot;and it will work fine.
Note: this is not recommended for production grade kubernetes clusters, since you're accessing the dashboard through plain http.
More secure alternative is to run access the dashboard through ssh tunnel like this.
in one terminal run:
kubectl proxy in another terminal run a ssh tunnel to localhost:8001 (the default kubernetes dashboard port)
ssh -NT -l SSH_USER -p SSH_PORT K8S_CONTROLLER_IP_ADDR -L 8001:localhost:8001