Kubernetes Dashboard not reachable (error 404)

Question

What I'm trying to do is launching the Kubernetes Dashboard on my cluster.

The Dashboard was installed using Kubespray, so I'm pretty sure it's installed correctly (at least its pods run without errors).

Cluster's setup overview is the following:

$ kubectl get svc --all-namespaces
NAMESPACE     NAME                        TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                  AGE
default       kubernetes                  ClusterIP   10.65.0.1      <none>        443/TCP                  2d
kube-system   coredns                     ClusterIP   10.65.0.3      <none>        53/UDP,53/TCP,9153/TCP   2d
kube-system   dashboard-metrics-scraper   ClusterIP   10.65.43.101   <none>        8000/TCP                 2d
kube-system   kubernetes-dashboard        ClusterIP   10.65.10.7     <none>        443/TCP                  2d

$ kubectl get ingress --all-namespaces
NAMESPACE     NAME        CLASS    HOSTS   ADDRESS   PORTS   AGE
kube-system   dashboard   <none>   *                 80      4m22s

$ cat dash_ingress.yml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  namespace: kube-system
  name: dashboard
  selfLink: /api/dashboard
spec:
  defaultBackend:
    service:
      name: kubernetes-dashboard
      port:
        number: 443

Assuming that my server runs on IP 10.11.12.13, when I try to reach http://10.11.12.13/api/dashboard, I get error 404. When trying with https:// instead, Chrome reports ERR_CONNECTION_TIMED_OUT. Beside that, all http:// calls to the IP without any suffixes also end up with error 404.

The nginx's error 404 is a pretty positive thing, since at least the nginx seems to work correctly, but how to reach the Dashboard or how to expose it to be reachable? Should I try other ports (8443 checked - ends up like all https:// calls) or anything else?

EDIT:

After reconfiguring the Ingress object as follows (adding annotations):

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  namespace: kube-system
  name: dashboard
  selfLink: /api/dashboard
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/service-upstream: "true"
spec:
  defaultBackend:
    service:
      name: kubernetes-dashboard
      port:
        number: 443

I found out that calling https://10.11.12.13:6443/ gives error 403 with the following Status object returned:

{
  "kind": "Status",
  "apiVersion": "v1",
  "metadata": {},
  "status": "Failure",
  "message": "forbidden: User \"system:anonymous\" cannot get path 
\"/api/dashboard\"",
  "reason": "Forbidden",
  "details": {},
  "code": 403
}

Not sure though, if this comes from the Dashboard or some other Kubernetes service (the Ingress was configured for the Dashboard, but I miss knowledge on this topic yet).

EDIT #2:

Calling http://10.11.12.13 redirects to http://10.11.12.13/#/login page and the page asks for a token or a config file. Signing in is disabled due to missing https communication though...

Hello @AbreQueVoy Do you want to access your dashboard only through Ingress? Since there are other [possible ways](https://github.com/kubernetes/dashboard/tree/master/docs/user/accessing-dashboard) — Andrew Skorkin, Nov 05 '21 at 15:40
Hi @AndrewSkorkin. Ingress is the only option considered so far. — AbreQueVoy, Nov 05 '21 at 19:46
Currently I managed to launch it temporarily using NodePort, but in the long term Ingress will be the permanent option. So no success using Ingress yet. — AbreQueVoy, Dec 08 '21 at 10:39

Kubernetes Dashboard not reachable (error 404)

0 Answers0