3engines_doc/docs/kubernetes/Using-Dashboard-To-Access-Kubernetes-Cluster-Post-Deployment-On-connectVM-Cloud-connectVM-Magnum.html.md

Using Dashboard To Access Kubernetes Cluster Post Deployment On connectVM Cloud connectVM Magnum[🔗](#using-dashboard-to-access-kubernetes-cluster-post-deployment-on-brand-name-connectVM-magnum "Permalink to this headline")
===============================================================================================================================================================================================================================

After the Kubernetes cluster has been created, you can access it through command line tool, **kubectl**, or you can access it through a visual interface, called the **Kubernetes dashboard**. *Dashboard* is a GUI interface to Kubernetes cluster, much the same as **kubectl** as a CLI interface to the Kubernetes cluster.

This article shows how to install Kubernetes dashboard.

What We Are Going To Cover[🔗](#what-we-are-going-to-cover "Permalink to this headline")
---------------------------------------------------------------------------------------

> * Deploying the dashboard
> * Creating a sample user
> * Creating secret for admin-user
> * Getting the bearer token for authentication to dashboard
> * Creating a separate terminal window for proxy access
> * Running the dashboard in browser

Prerequisites[🔗](#prerequisites "Permalink to this headline")
-------------------------------------------------------------

No. 1 **Hosting**

You need a connectVM Cloud hosting account with Horizon interface <https://console.connectvm.com/>.

No. 2 **Cluster and kubectl should be already operational**

To eventually set up a cluster and connect it to the **kubectl** tool, see this article [How To Access Kubernetes Cluster Post Deployment Using Kubectl On connectVM Cloud connectVM Magnum](How-To-Access-Kubernetes-Cluster-Post-Deployment-Using-Kubectl-On-connectVM-Cloud-connectVM-Magnum.html.md).

The important intermediary result of that article is a command like this:

```
export KUBECONFIG=/home/user/k8sdir/config

```

Note the exact command which in your case sets up the value of **KUBECONFIG** variable as you will need it to start a new terminal window from which the dashboard will run.

Step 1 Deploying the Dashboard[🔗](#step-1-deploying-the-dashboard "Permalink to this headline")
-----------------------------------------------------------------------------------------------

Install it with the following command:

```
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.4.0/aio/deploy/recommended.yaml

```

The result is

![dashboard_installed.png](../_images/dashboard_installed.png)

Step 2 Creating a sample user[🔗](#step-2-creating-a-sample-user "Permalink to this headline")
---------------------------------------------------------------------------------------------

Next, you create a bearer token which will serve as an authorization token for the Dashboard. To that end, you will create two local files and “send” them to the cloud using the **kubectl** command. The first file is called *dashboard-adminuser.yaml* and its contents are

```
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard

```

Use a text editor of your choice to create that file, on MacOS or Linux you can use *nano*, like this:

```
nano dashboard-adminuser.yaml

```

Install that file on the Kubernetes cluster with this command:

```
kubectl apply -f dashboard-adminuser.yaml

```

The second file to create is

```
nano dashboard-clusterolebinding.yaml

```

and its contents should be:

```
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

```

The command to send it to the cloud is

```
kubectl apply -f dashboard-clusterolebinding.yaml

```

Step 3 Create secret for admin-user[🔗](#step-3-create-secret-for-admin-user "Permalink to this headline")
---------------------------------------------------------------------------------------------------------

We have to manually create token for admin user.

Create file **admin-user-token.yaml**

```
nano  admin-user-token.yaml

```

Enter the following code:

```
apiVersion: v1
kind: Secret
metadata:
  name: admin-user-token
  namespace: kubernetes-dashboard
  annotations:
    kubernetes.io/service-account.name: "admin-user"
type: kubernetes.io/service-account-token

```

Execute it with

```
kubectl apply -f admin-user-token.yaml

```

Step 4 Get the bearer token for authentication to dashboard[🔗](#step-4-get-the-bearer-token-for-authentication-to-dashboard "Permalink to this headline")
---------------------------------------------------------------------------------------------------------------------------------------------------------

The final step is to get the bearer token, which is a long string that will authenticate calls to Dashboard:

```
kubectl -n kubernetes-dashboard get secret admin-user-token -o jsonpath="{.data.token}" | base64 --decode

```

The bearer token string will be printed in terminal screen.

![new-s3cmd-download-69.png](../_images/new-s3cmd-download-69.png)

Copy it to a text editor, it will be needed after you access the Dashboard UI through a HTTPS call.

Note

If the last character of the bearer token string is *%*, it may be a character that denotes the end of the string but is not a part of it. If you copy the bearer string and it is not recognized, try copying it without this ending character *%*.

Step 5 Create a separate terminal window for proxy access[🔗](#step-5-create-a-separate-terminal-window-for-proxy-access "Permalink to this headline")
-----------------------------------------------------------------------------------------------------------------------------------------------------

We shall now use a proxy server for Kubernetes API server. The proxy server

> * handles certificates automatically when accessing Kubernetes API,
> * connects to API extensions or dashboards (like in this article),
> * enables testing of API calls locally before automating them in scripts.

To enable the connection, start a **separate** terminal window and first set up the config command for that window:

```
export KUBECONFIG=/home/user/k8sdir/config

```

*Change that address to point to your own config file on your computer.*

The next command in that new window is:

```
kubectl proxy

```

The server is activated on port **8001**:

![starting_to_server.png](../_images/starting_to_server.png)

Step 6 See the dashboard in browser[🔗](#step-6-see-the-dashboard-in-browser "Permalink to this headline")
---------------------------------------------------------------------------------------------------------

Then enter this address into the browser:

```
http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/

```

![dashboard2.png](../_images/dashboard2.png)

Enter the token, click on **Sign In** and get the Dashboard UI for the Kubernetes cluster.

![dashboard_view.png](../_images/dashboard_view.png)

The Kubernetes Dashboard organizes working with the cluster in a visual and interactive way. For instance, click on *Nodes* on the left sides to see the nodes that the *k8s-cluster* has.

What To Do Next[🔗](#what-to-do-next "Permalink to this headline")
-----------------------------------------------------------------

You can still use **kubectl** or alternate with using the **Dashboard**. Either way, you can

> * deploy apps on the cluster,
> * access multiple clusters,
> * create load balancers,
> * access applications in the cluster using port forwarding,
> * use Service to access application in a cluster,
> * list container images in the cluster
> * use Services, Deployments and all other resources in a Kubernetes cluster.