Open in app

Sign in

Write

Sign in

Kubernetes dashboard and metrics server installation on Docker Desktop/minikube

Ramesh Sahoo
4 min readJun 16, 2023

Dashboard is a web-based Kubernetes user interface. You can use Dashboard to deploy containerized applications to a Kubernetes cluster, troubleshoot your containerized application, and manage the cluster resources. You can use Dashboard to get an overview of applications running on your cluster, as well as for creating or modifying individual Kubernetes resources (such as Deployments, Jobs, DaemonSets, etc). For example, you can scale a Deployment, initiate a rolling update, restart a pod or deploy new applications using a deploy wizard.

Prerequisites to enable Kubernetes dashboard UI

  • docker-desktop must be installed on the system.
  • Kubernetes standalone cluster is enabled and running inside docker-desktop.
  • This procedure should be same for the minikube installation of kubernetes but I have not tested this yet.
  • Kubernetes version 1.25+

Install Kubernetes Dashboard

Install the latest kubernetes dashboard from the kubernetes github and for specific dashboard version browse the dashboard release page.

# Latest dashboard version on June 2023
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml

Accessing Kubernetes Dashboard UI

Currently, Dashboard only supports logging in with a Bearer Token. To get a bearer token, create a service account and grant cluster-admin privileges to the service account. In the following example, webadmin is the service account created in kubernetes-dashboard namespace and cluster-admin privileges has been granted to this service account. Also, refer to the kubernetes sample user create doc for more insights.

# Create service account webadmin
$ kubectl create sa webadmin -n kubernetes-dashboard

# grant cluster-admin priviledges to the webadmin service account
$ kubectl create clusterrolebinding webadmin-sa-crb - clusterrole=cluster-admin - serviceaccount=kubernetes-dashboard:webadmin

Dashboard UI can’t be accessed directly through the dashboard URL with above configuration however we can access the dashboard UI though kube proxy. Execute the following kubectl command-line tool to open a proxy connection to the kubernetes API Server.

$ kubectl proxy 
Starting to serve on 127.0.0.1:8001

Now access the kubernetes dashboard at → http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/.

The UI can only be accessed from the machine where the command is executed. See kubectl proxy --help for more options. Now the dashboard UI looks like as below.

Now generate an access token for the webadmin service account to login to the dashboard using Token method.

# Create access token
$ kubectl create token webadmin -n kubernetes-dashboard

Sample output:
eyJhbGciOiJSUzI1NiIsImtpZCI6IkEwZDZadzRxeVVac3RzZjMxeEN0cWtmSjdHSTZSdEJNcmMtektQS0pvQXMifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNjg2ODg5MDcyLCJpYXQiOjE2ODY4ODU0NzIsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJ3ZWJhZG1pbiIsInVpZCI6ImEzMTRiMWY4LTMxOGEtNDAyOC05ZTQ1LWFiZDZhOTZlYzAzNCJ9fSwibmJmIjoxNjg2ODg1NDcyLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6d2ViYWRtaW4ifQ.SDB0AqNSvTTqYcl9h6EPTZ1HWicW_5ZyMgj2RjXaa6y0HhdVylNxTQkTFq32JVis8-OWYi--TKwOmf6xwTXPZ2ry0C9EBXPAMdqKd_KDjHf9nR4PqU2esd0ooZLLgPsoEEL5dsAI2i5w6AJpJWC-2ufIDvNqZvnPVhwn_kqaCPCDbcSB3KzQEMBojIo3tGn6oAoWsbCcUT12G76r6S9BNph4hqblC0NOgbpRXeeQKbDHYE_sgibTpuGPH1c5yuIjpnDfE0dwyE8cOifw49Gcq0jym2NhCcybVaAp-cra-H7sX2k8KRDL5ooXA5vk1G9lLbMeUEPFbLG85KIWUnabJA

Accessing Kubernetes Dashboard UI using nodePort

It may not be always possible to always use the above complex URL to access the Kubernetes dashboard on Minikube or on the docker-desktop provided Kubernetes. To resolve the complexity, use the nodePort service type and a nodePort for the dashboard deployment. In the following patch command, we patched the service kubernetes-dashboard to forward the traffic received on the nodePort 30443 to the dashboard application pod.

## Enable nodePort 30443 to directly access the dashboard 
$ kubectl patch svc kubernetes-dashboard -n kubernetes-dashboard --type='json' -p '[{"op":"replace","path":"/spec/type","value":"NodePort"},{"op":"replace","path":"/spec/ports/0/nodePort","value":30443}]'

Now we can access the kubernetes dashboard with the URL https://localhost:30443/#/login

Getting a skip login option in Kubernetes Dashboard

We can also configure the kubernetes dashboard to allow guest users to login to the dashboard without a password but it provides limited access functionality and can be used as view mode. To enable this add an additional argument --enable-skip-login to the dashboard deployment configuration.

# Patch command to update the deployment
$ kubectl patch deployment kubernetes-dashboard -n kubernetes-dashboard --type 'json' -p '[{"op": "add", "path": "/spec/template/spec/containers/0/args/-", "value": "--enable-skip-login"}]'

# After patch deployemnt configuration looks like this
spec:
  template:
    spec:
      containers:
      - args:
        - --auto-generate-certificates
        - --namespace=kubernetes-dashboard
        - --enable-skip-login

Now we see the dashboard screen provides a skip button. Here you can click the skip button to login to the dashboard as a guest user.

Installing Kubernetes Metrics Server

Metrics Server is a scalable, efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines.

Metrics Server collects resource metrics from Kubelets and exposes them in Kubernetes apiserver through Metrics API for use by Horizontal Pod Autoscaler and Vertical Pod Autoscaler. Metrics API can also be accessed by kubectl top, making it easier to debug autoscaling pipelines.

# Install latest metrics-server in the kube-system namespace
$ kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml

# for older release browse https://github.com/kubernetes-sigs/metrics-server/releases

We need to add the --kubelet-insecure-tls argument to the metrics-server deployment, otherwise we’ll see an error saying something like unable to fetch metrics from node docker-desktop.

# Patch command to add --kubelet-insecure-tls
$ kubectl patch deployment metrics-server -n kube-system --type 'json' -p '[{"op": "add", "path": "/spec/template/spec/containers/0/args/-", "value": "--kubelet-insecure-tls"}]'

Now UI will shows uses details of the PODs deployed in Kubernetes.

References
- https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/
- https://github.com/kubernetes-sigs/metrics-server
- https://github.com/kubernetes/dashboard

Kubernetes
Docker Desktop
Minikube
Linux
DevOps

--

--

Ramesh Sahoo

Written by Ramesh Sahoo

50 Followers

I describe myself as a troubleshooter, problem solver, techie, quick learner, and good mentor. I have 13+ years of IT industry experience in many MNCs.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams