Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to access Kubernetes UI via browser?

Tags:

https

ssl

kubernetes

I have installed Kubernetes using contrib/ansible scripts. When I run cluster-info:

[osboxes@kube-master-def ~]$ kubectl cluster-info
Kubernetes master is running at http://localhost:8080
Elasticsearch is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/elasticsearch-logging
Heapster is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/heapster
Kibana is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/kibana-logging
KubeDNS is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/kube-dns
kubedash is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/kubedash
Grafana is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/monitoring-grafana
InfluxDB is running at http://localhost:8080/api/v1/proxy/namespaces/kube-system/services/monitoring-influxdb

The cluster is exposed on localhost with insecure port, and exposed on secure port 443 via ssl

kube 18103 1 0 12:20 ? 00:02:57 /usr/bin/kube-controller-manager --logtostderr=true --v=0 --master=https://10.57.50.161:443 -- kubeconfig=/etc/kubernetes/controller-manager.kubeconfig --service-account-private-key-file=/etc/kubernetes/certs/server.key --root-ca-file=/etc/kubernetes/certs/ca.crt kube 18217 1 0 12:20 ? 00:00:15 /usr/bin/kube-scheduler --logtostderr=true --v=0 --master=https://10.57.50.161:443 --kubeconfig=/etc/kubernetes/scheduler.kubeconfig root 27094 1 0 12:21 ? 00:00:00 /bin/bash /usr/libexec/kubernetes/kube-addons.sh kube 27300 1 1 12:21 ? 00:05:36 /usr/bin/kube-apiserver --logtostderr=true --v=0 --etcd-servers=http://10.57.50.161:2379 --insecure-bind-address=127.0.0.1 --secure-port=443 --allow-privileged=true --service-cluster-ip-range=10.254.0.0/16 --admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota --tls-cert-file=/etc/kubernetes/certs/server.crt --tls-private-key-file=/etc/kubernetes/certs/server.key --client-ca-file=/etc/kubernetes/certs/ca.crt --token-auth-file=/etc/kubernetes/tokens/known_tokens.csv --service-account-key-file=/etc/kubernetes/certs/server.crt

I have copied the certificates from kube-master machine to my local machine, I have installed the ca root certificate. The chrome/safari browsers are accepting the ca root certificate. When I'm trying to access the https://10.57.50.161/ui I'm getting the 'Unauthorized'

How can I access the kubernetes ui?

like image 263
Romande Avatar asked Mar 28 '16 20:03

Romande

People also ask

How do I access Kubernetes dashboard from outside?

Ans: In a terminal window, enter kubectl proxy to make the Kubernetes Dashboard available. Open a browser and go to http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes–dashboard:/proxy/#!/login to display the Kubernetes Dashboard that was deployed when the cluster was created.

How do I access Kubernetes service from the Internet?

To enable access from the public Internet to a Kubernetes service running in a Tanzu Kubernetes Grid cluster, publish the service internally, then give it a public IP address and create a DNAT rule that exposes the published service at an IP address in the ingress CIDR.

Is there a Kubernetes GUI?

Kubernetes Dashboard is the most popular and mature for Kubernetes GUI client. This web UI dashboard gives an overview of applications running on your cluster, as well as for creating or modifying individual Kubernetes resources. Compared to other clients like Lens and Octant, its filtering ability is limited.

What is Webui in Kubernetes?

Deploy the web UI (Kubernetes Dashboard) and access it. Dashboard is a web-based Kubernetes user interface. You can use Dashboard to deploy containerized applications to a Kubernetes cluster, troubleshoot your containerized application, and manage the cluster resources.

2 Answers

You can use kubectl proxy.

Depending if you are using a config file, via command-line run

kubectl proxy

or

kubectl --kubeconfig=kubeconfig proxy

You should get a similar response

Starting to serve on 127.0.0.1:8001

Now open your browser and navigate to

http://127.0.0.1:8001/ui/ (deprecated, see kubernetes/dashboard)
http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/

You need to make sure the ports match up.

like image 90
Bcf Ant Avatar answered Oct 10 '22 02:10

Bcf Ant

This works for me that you can access from network

kubectl proxy --address 0.0.0.0 --accept-hosts '.*'
like image 39
j3ffyang Avatar answered Oct 10 '22 02:10

j3ffyang
Sign in to Comment

Related questions

Node.js https.get via proxy generates SSL3_GET_RECORD wrong version number error
Receiving SSLHandshakeException: handshake_failure despite my client ignoring all certs
Not able to connect to outlook.com SMTP using Nodemailer
Docker behind proxy that changes ssl certificate
javax.net.ssl.SSLException: SSL handshake aborted Connection reset by peer while calling webservice Android
curl: how to specify target hostname for https request
Where should you enable SSL?
making CSR certificates in Windows (7)
How do I disable SSL Requirement in MySQL Workbench?
Swift SSL error with self signed certificate
How to connect to a secure website using SSL in Java with a pkcs12 file?
Mutual authentication with Tomcat 7
Running SSL node.js server with godaddy gd_bundle.crt
Create a Certificate Signing Request (CSR) with an email address in Go
Chrome - You connection to this site is not fully secure [closed]
How to enable https (localhost) url in WAMP server (v2.5)? [duplicate]
Passing .PEM and .KEY as string in Curl using PHP
ASP.NET Core redirect http to https
Python referencing old SSL version
Using client certificates with urllib2

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!