So you want to access the kubernetes desktop on microk8s
15/07/20 15:05 Filed in: Systems Administation
Microk8s comes with a graphical dashboard. While not wanting to be dependent on a GUI I did want to see what it could do for me. Unfortunately this is another learning cliff.
For good security reasons the dashboard is only easily accessible on a local machine and there are several ways of providing access to the dashboard; but choose wisely as how you provide access to the dashboard affects how you authenticate to it.
The simplest approach I have found is to:
For good security reasons the dashboard is only easily accessible on a local machine and there are several ways of providing access to the dashboard; but choose wisely as how you provide access to the dashboard affects how you authenticate to it.
The simplest approach I have found is to:
- port forward the application to your hosts external addresses
- use token login
Steps to get access to your dashboard:
1. Enable the dashboard
2. Get a token for logging in
List your secrets
You want one that looks like
Get the token
3. start port forwarding your dashboard
the port forward command does not return until complete so put it in background
4. go to port 8080 on you microk8s host with a URL like
https://microk8s.castro.aus.net:8080/
Select token and supply your token
Note: The examples do not contain real secrets
1. Enable the dashboard
microk8s enable dashboard2. Get a token for logging in
List your secrets
microk8s.kubectl -n kube-system get secretYou want one that looks like
default-token-ky5cj kubernetes.io/service-account-token 3 83dGet the token
microk8s.kubectl -n kube-system describe secret default-token-ky5cjName: default-token-ky5cj
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: default
kubernetes.io/service-account.uid: cecc4b8d-ce01-45dc-9e8f-42790c12efae
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1103 bytes
namespace: 11 bytes
token: eyJhbGci0iJSUzI1NiIsImtpZCI6Ilo5Q052VzZQRVBNaF9qdkFvQkZNVk1Zcld2V
1RpazhCVzVkQUZMakRzdUUifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwi
a3ViZXJuZXRlcy5pby9zZXJ2aVblYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsIm
t1YmVybmV0ZXMuaW8vc2VydmljZvFjYL91bnqvc2VjcmV0Lm5hbWUiOiJkZWZhdWx0LXRva2Vu
LWt6OGtqIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubm
FtZSI6ImRlZmF1bHQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNj
b3VudC51aWQiOiJjZWNjNGI4ZC1jZTAxLT11ZGMtOWU4Zi00Mjc5MGMxMmVmYWUiLCJzdWIi5i
JzeXN0ZW06c2VydmljZWFjY291bnQ6a3Vixy1zeXN0ZW06ZGVmYXVsdCJ9.f4z6H_CglnPdDPM
9wctVvUrdaL1pXVBvI837jsOYiaINeSU5e5AuH8zX0w.UAVcgS_ip6C4nyKhVmcuxBYmxeuGpI
884R9Ss5PUmxG43vA1Wdy.O_naddz8IOS5ea6KtBwzGBWLQg7WZBB8xn9tv_ErEYQ5JtlKOuWY
a_AOH28qsHdxllvTmL88tGpMLRKPQC5miW0ZDxNvX0DmQZsfJOujSqnI4oqX3N1K0Ogyzs36G7
eBSEiVOhnNFkdVB3fV0NIagtVHYtBHpI5DiJsJ3UIU4g0nSzu_u8N8lXywPXSCasg0yxNh37oe
6hKBHty3CWDwiA1y30aae2D69Zv
3. start port forwarding your dashboard
microk8s.kubectl port-forward --address 0.0.0.0 -n kube-system service/kubernetes-dashboard 8080:443 &the port forward command does not return until complete so put it in background
4. go to port 8080 on you microk8s host with a URL like
https://microk8s.castro.aus.net:8080/
Select token and supply your token
Note: The examples do not contain real secrets