Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Enable access to Kubernetes Dashboard without kubectl proxy

If I move a relevant config file and run kubectl proxy it will allow me to access the Kubernetes dashboard through this URL:

http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/

However if I try to access the node directly, without kubectl proxy, I will get a 403 Forbidden.

http://dev-master:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login

Our kubernetes clusters are hidden inside a private network that users need to VPN in to; furthermore only some of us can talk to the master node of each of our clusters after authenticating to the VPN. As such, running kubectl proxy is a redundant step, and choosing the appropriate config file for each cluster is an additional pain, especially when we want to compare the state of different clusters.

What needs to be changed to allow "anonymous" HTTP access to the dashboard of these already-secured kubernetes master nodes?

like image 936
Ekevoo Avatar asked Oct 16 '22 09:10

Ekevoo


1 Answers

You would want to set up a Service (either NodePort or LoadBalancer) for the dashboard pod(s) to expose it to the outside world (well, outside from the PoV of the cluster, which is still an internal network for you).

like image 95
coderanger Avatar answered Oct 26 '22 01:10

coderanger