CODEWITHSUNDEEP
kuberneteskubernetes-dashboard
Peter Penzov
Peter Penzov

Reputation: 1626

Enable SSL connection for Kubernetes Dashboard

I use this command to install and enable Kubernetes dashboard on a remote host:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.6.1/aio/deploy/recommended.yaml


kubectl proxy --address='192.168.1.132' --port=8001 --accept-hosts='^*$'

http://192.168.1.132:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login

But I get:

Insecure access detected. Sign in will not be available. Access Dashboard securely over HTTPS or using localhost. Read more here .

Is it possible to enable SSL connection on the Kubernetes host so that I can access it without this warning message and enable login?

Upvotes: 3

Views: 3470

Answers (2)

Mariano Billinghurst
Mariano Billinghurst

Reputation: 87

Try this

First do a port forward to your computer, this will forward 8443 of your computer (first port) to the 8443 port in the pod (the one that is exposed acording to the manifest)

kubectl port-forward pod/kubernetes-dashboard 8443:8443 # Make sure you switched to the proper namespace

In your browser go to http://localhost:8443 based on the error message it should work.

if the kubernetes dashboard pod implements ssl in its web server then go to https://localhost:8443

Upvotes: -1

etiennnr
etiennnr

Reputation: 314

From the service definition

kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  ports:
    - port: 443
      targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard

Which exposes port 443 (aka https). So it's already preconfigured. First, use https instead of http in your URL.

Then, instead of doing a kubectl proxy, why not simply

kubectl port-forward -n kubernetes-dashboard services/kubernetes-dashboard 8001:443

Access endpoint via https://127.0.0.1:8001/#/login

Now it's going to give the typical "certificate not signed" since the certificate are self signed (arg --auto-generate-certificates in deployment definition). Just skip it with your browser. See an article like https://vmwire.com/2022/02/07/running-kubernetes-dashboard-with-signed-certificates/ if you need to configure a signed certificate.

Upvotes: 5

Related Questions