Kubernetes Dashboard with multi-node Kubernetes on a laptop.

The Kubernetes web based dashboard can make it easy to see the health and activity in your Kubernetes container environment. I'l show you how to run the Kubernetes monitoring dashboard on a local multi-node cluster using this guide. All this work was done on a local machine and not in a cloud environment.

The Kubernetes container orchestration environment is primarily command line and API based. They do have a graphical dashboard that can be used to surf through your Kubernetes cluster, the deployments and other information.  The dashboard is not difficult to install but it does have a few hidden corners.  

Topology

We're going to run a 3 worker node Kubernetes cluster.  We'll deploy 6 replicant copies of Nginx into the cluster along with the dashboard components.  Note that the dashboard installs agents into each of the nodes.

Video


Install Docker, Kubernetes, and Kind. Then deploy containers

You must have Docker and Kubernetes installed. You get more interesting information if you have at least one application deployed. This walk-through creates a Multi-node Kubernetes cluster on a single machine with Docker-in-Docker. You can do all of this with fewer steps using Docker Desktop and its Kubernetes integration.  That would give you a single-node Kubernetes cluster.

Install Docker
Windows users should run Docker Desktop with WSL2 integration enabled.
Install Kubernetes https://joe.blog.freemansoft.com/2020/07/multi-node-kubernetes-with-kind-and.html
Install Kind and run a 3-worker node cluster
https://joe.blog.freemansoft.com/2020/07/multi-node-kubernetes-with-kind-and.html
$ kind create cluster --name dev --config ./3workers.yaml
$ kubectl get nodes
Run a 6-node nginx-deploymenthttps://joe.blog.freemansoft.com/2020/07/deploying-and-exposing-stateless-app.html
$ kubectl apply -f nginx-6-node-deployment.yaml
Verify
$ kubectl get deployments --namespace nginx-dev

Install and Run the Kubernetes Dashboard

We're going to install the dashboard and enable it with the default service account. This section is lifted with minor changes from https://www.replex.io/blog/how-to-install-access-and-add-heapster-metrics-to-the-kubernetes-dashboard

By default, the default Kubernetes Service Account does not have dashboard permissions.  You can add add roles to to the default service role or create a new account and attach the permissions to it.  This example creates a new account that is grated the necessary permissions.

Install the dashboard
Download and install
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.3/aio/deploy/recommended.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
Create an account with dashboard permissions and find the service account token
Find the list of service accounts
$ kubectl get serviceaccounts
NAME      SECRETS   AGE
default   1         3m37s
Create a service account called dashboard-admin-sa
$ kubectl create serviceaccount dashboard-admin-sa
serviceaccount/dashboard-admin-sa created
Find the list of service accounts
$ kubectl get serviceaccounts
NAME                 SECRETS   AGE
dashboard-admin-sa   1         9s
default              1         4m3s
Bind the new service account the dashboard admin role
$ kubectl create clusterrolebinding dashboard-admin-sa --clusterrole=cluster-admin \
--serviceaccount=default:dashboard-admin-sa
clusterrolebinding.rbac.authorization.k8s.io/dashboard-admin-sa created
Find the secret name for the default service account role
~$ kubectl get serviceaccounts dashboard-admin-sa -o yaml
apiVersionv1
kindServiceAccount
metadata:
  creationTimestamp"2020-07-28T01:23:27Z"
  namedashboard-admin-sa
  namespacedefault
  resourceVersion"1439"
  selfLink/api/v1/namespaces/default/serviceaccounts/dashboard-admin-sa
  uid8dbabf40-eb70-43fc-8d3a-b42680690dad
secrets:
namedashboard-admin-sa-token-6fqwt

$ kubectl describe secret dashboard-admin-sa-token-6fqwt
Name:         dashboard-admin-sa-token-6fqwt
Namespace:    default
Labels:       <none>
Annotations:  kubernetes.io/service-account.namedashboard-admin-sa
              kubernetes.io/service-account.uid8dbabf40-eb70-43fc-8d3a-b42680690dad

Type:  kubernetes.io/service-account-token

Data
====
token:      <a long string>
ca.crt:     1025 bytes
namespace:  7 bytes

Save the token
Copy the value in the token: field value into the dashboard in the next section
Connect to the dashboard
Expose API server / dashboard to host
$ kubectl proxy
Starting to serve on 127.0.0.1:8001
Hit the endpoint. The URL has changed over time.  It is currently
http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login

Authenticate to the dashboard
Select Token based authentication.
Paste the token from the previous into the Kubernetes Dashboard token entry field.

Destroy cluster

You can destroy the Kubernetes Cluster and all of the deployed applications and infrastructure with a single command.
$ kind delete cluster --name dev
Deleting cluster "dev" ...

kubectl command cheat sheet

  • kubectl version
  • kubectl get nodes
  • kubectl config get-contexts
  • kubectl get all --all-namespaces
  • kubectl get po --all-namespaces
  • kubectl config use-context docker-desktop
  • kubectl config use-context <context>
  • kubectl get serviceaccounts
  • kubectl get serviceaccounts dashboard-admin-sa -o yaml
  • kubectl create serviceaccount
  • kubectl create clusterrolebinding dashboard-admin-sa --clusterrole=cluster-admin --serviceaccount=default:dashboard-admin-sa
  • kubectl describe secret dashboard-admin-sa-token-t8xfs
  • kubectl proxy

References used in creating this

    KinD 

    Comments

    Popular posts from this blog

    Understanding your WSL2 RAM and swap - Changing the default 50%-25%

    Installing the RNDIS driver on Windows 11 to use USB Raspberry Pi as network attached

    DNS for Azure Point to Site (P2S) VPN - getting the internal IPs