Enable access to Kubernetes Dashboard without kubectl proxy

12/24/2018

If I move a relevant config file and run kubectl proxy it will allow me to access the Kubernetes dashboard through this URL:

http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/

However if I try to access the node directly, without kubectl proxy, I will get a 403 Forbidden.

http://dev-master:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login

Our kubernetes clusters are hidden inside a private network that users need to VPN in to; furthermore only some of us can talk to the master node of each of our clusters after authenticating to the VPN. As such, running kubectl proxy is a redundant step, and choosing the appropriate config file for each cluster is an additional pain, especially when we want to compare the state of different clusters.

What needs to be changed to allow "anonymous" HTTP access to the dashboard of these already-secured kubernetes master nodes?

-- Ekevoo
kube-apiserver
kube-proxy
kubectl
kubernetes
kubernetes-dashboard

1 Answer

12/24/2018

You would want to set up a Service (either NodePort or LoadBalancer) for the dashboard pod(s) to expose it to the outside world (well, outside from the PoV of the cluster, which is still an internal network for you).

-- coderanger
Source: StackOverflow