2

I use this command to install and enable Kubernetes dashboard on a remote host:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.6.1/aio/deploy/recommended.yaml


kubectl proxy --address='192.168.1.132' --port=8001 --accept-hosts='^*$'

http://192.168.1.132:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login

But I get:

Insecure access detected. Sign in will not be available. Access Dashboard securely over HTTPS or using localhost. Read more here .

Is it possible to enable SSL connection on the Kubernetes host so that I can access it without this warning message and enable login?

Peter Penzov
  • 1,126
  • 134
  • 430
  • 808

2 Answers2

5

From the service definition

kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  ports:
    - port: 443
      targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard

Which exposes port 443 (aka https). So it's already preconfigured. First, use https instead of http in your URL.

Then, instead of doing a kubectl proxy, why not simply

kubectl port-forward -n kubernetes-dashboard services/kubernetes-dashboard 8001:443

Access endpoint via https://127.0.0.1:8001/#/login

Now it's going to give the typical "certificate not signed" since the certificate are self signed (arg --auto-generate-certificates in deployment definition). Just skip it with your browser. See an article like https://vmwire.com/2022/02/07/running-kubernetes-dashboard-with-signed-certificates/ if you need to configure a signed certificate.

etiennnr
  • 305
  • 5
  • 12
  • Where I need to enter this `yml` configuration? – Peter Penzov Aug 26 '22 at 16:27
  • Nowhere, it's from what you're applying (https://raw.githubusercontent.com/kubernetes/dashboard/v2.6.1/aio/deploy/recommended.yaml) – etiennnr Aug 26 '22 at 16:32
  • You simply need to do `kubectl port-forward -n kubernetes-dashboard services/kubernetes-dashboard 8001:443` and then access the dashboard via https://127.0.0.1:8001/#/login – etiennnr Aug 26 '22 at 16:33
0

Try this

First do a port forward to your computer, this will forward 8443 of your computer (first port) to the 8443 port in the pod (the one that is exposed acording to the manifest)

kubectl port-forward pod/kubernetes-dashboard 8443:8443 # Make sure you switched to the proper namespace

In your browser go to http://localhost:8443 based on the error message it should work.

if the kubernetes dashboard pod implements ssl in its web server then go to https://localhost:8443

Mariano Billinghurst
  • 57
  • 5