kuberneteskubernetes-dashboard

Enable SSL connection for Kubernetes Dashboard


I use this command to install and enable Kubernetes dashboard on a remote host:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.6.1/aio/deploy/recommended.yaml


kubectl proxy --address='192.168.1.132' --port=8001 --accept-hosts='^*$'

http://192.168.1.132:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login

But I get:

Insecure access detected. Sign in will not be available. Access Dashboard securely over HTTPS or using localhost. Read more here .

Is it possible to enable SSL connection on the Kubernetes host so that I can access it without this warning message and enable login?


Solution

  • From the service definition

    kind: Service
    apiVersion: v1
    metadata:
      labels:
        k8s-app: kubernetes-dashboard
      name: kubernetes-dashboard
      namespace: kubernetes-dashboard
    spec:
      ports:
        - port: 443
          targetPort: 8443
      selector:
        k8s-app: kubernetes-dashboard
    

    Which exposes port 443 (aka https). So it's already preconfigured. First, use https instead of http in your URL.

    Then, instead of doing a kubectl proxy, why not simply

    kubectl port-forward -n kubernetes-dashboard services/kubernetes-dashboard 8001:443
    

    Access endpoint via https://127.0.0.1:8001/#/login

    Now it's going to give the typical "certificate not signed" since the certificate are self signed (arg --auto-generate-certificates in deployment definition). Just skip it with your browser. See an article like https://vmwire.com/2022/02/07/running-kubernetes-dashboard-with-signed-certificates/ if you need to configure a signed certificate.