0

I have deployed K8S Dashboard using https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml.

I want to expose it on the Kong Ingress.

This is my Ingress spec:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: dev-dashboard
  namespace: kubernetes-dashboard
  annotations:
    kubernetes.io/ingress.class: "kong"
    konghq.com/strip-path: "true"
    konghq.com/override: https-only
spec:
  rules:
  - host: dev.dashboard.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: kubernetes-dashboard
            port:
              number: 443

I have already made a host entry on the machine where I am trying to access the dashboard.

I get HTTP ERROR 400 when I try to access https://dev.dashboard.com/ on the machine.

What am I doing wrong here?

Ajinkya Bapat
  • 619
  • 1
  • 10
  • 26

1 Answers1

0

You can follow this guide from Kong: https://docs.konghq.com/kubernetes-ingress-controller/2.10.x/guides/cert-manager/. You will need to deploy cert-manager in your kubernetes cluster first.

In my case, I commented the kubernetes-dashboard-certs part from the default script

# apiVersion: v1
# kind: Secret
# metadata:
#   labels:
#     k8s-app: kubernetes-dashboard
#   name: kubernetes-dashboard-certs
#   namespace: kubernetes-dashboard
# type: Opaque

and using selfsigned cert-mananger:

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: selfsigned-cluster-issuer
  namespace: kubernetes-dashboard
spec:
  selfSigned: {}

---

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: dashboard-ca
  namespace: kubernetes-dashboard
spec:
  isCA: true
  commonName: dashboard-ca
  secretName: dashboard-ca
  issuerRef:
    name: selfsigned-cluster-issuer
    kind: ClusterIssuer
    group: cert-manager.io

---

apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
  name: ca-cluster-issuer
  namespace: kubernetes-dashboard
spec:
  ca:
    secretName: dashboard-ca

---

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    cert-manager.io/cluster-issuer: ca-cluster-issuer
  name: kubernetes-dashboard-ingress
  namespace: kubernetes-dashboard
spec:
  rules:
  - host: dev.dashboard.com
    http:
      paths:
      - path: /
        backend:
          serviceName: kubernetes-dashboard
          servicePort: 8443
  tls:
  - hosts:
    - dev.dashboard.com
    secretName: kubernetes-dashboard-certs
Hiếu Trần
  • 1
  • 2