Kubernetes Cluster Monitoring UI
helm repo add kubernetes-dashboard <https://kubernetes.github.io/dashboard/>
helm upgrade --install kubernetes-dashboard kubernetes-dashboard/kubernetes-dashboard --create-namespace --namespace kubernetes-dashboard
Untuk skrg, dia bakal punya kong ingress sendiri, yang di expose itu kong proxynya yak:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes-dashboard-api ClusterIP 10.233.48.166 <none> 8000/TCP 21m
kubernetes-dashboard-auth ClusterIP 10.233.21.80 <none> 8000/TCP 21m
kubernetes-dashboard-kong-manager NodePort 10.233.22.24 <none> 8002:32237/TCP,8445:32286/TCP 21m
**kubernetes-dashboard-kong-proxy LoadBalancer 10.233.46.206 192.168.100.201 443:31622/TCP 21m**
kubernetes-dashboard-metrics-scraper ClusterIP 10.233.31.162 <none> 8000/TCP 21m
kubernetes-dashboard-web ClusterIP 10.233.59.227 <none> 8000/TCP 21m
Untuk skrg gw masi port forwarding di proxmoxnya, cuma sapa tau bisa diimplementasi sama traefik gateway api.
Create service account buat bearer token buat masuk kubernetes dashboardnya:
apiVersion: v1
kind: ServiceAccount
metadata:
name: dashboard-user
namespace: kubernetes-dashboard
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: dashboard-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: dashboard-user
namespace: kubernetes-dashboard
apiVersion: v1
kind: Secret
metadata:
name: dashboard-user-token
namespace: kubernetes-dashboard
annotations:
kubernetes.io/service-account.name: "dashboard-user"
type: kubernetes.io/service-account-token
Harusnya bakal ada secret yang udah kebuat
k get secrets -n kubernetes-dashboard
# Output
NAME TYPE DATA AGE
dashboard-user-token kubernetes.io/service-account-token 3 7m41s
kubernetes-dashboard-csrf Opaque 1 22m
sh.helm.release.v1.kubernetes-dashboard.v1 helm.sh/release.v1 1 22m
Kalo misalnya coba masuk ke secretnya:
k edit secrets dashboard-user-token -n kubernetes-dashboard