Difference between revisions of "Install k3s with dashboard in Rocky9"
Jump to navigation
Jump to search
| Line 5: | Line 5: | ||
| − | + | =Setup K3S= | |
== Step 1: Upgrade and install necessary packages == | == Step 1: Upgrade and install necessary packages == | ||
<pre> | <pre> | ||
| Line 31: | Line 31: | ||
</pre> | </pre> | ||
| − | + | ||
| − | + | ||
| − | + | ||
== Step 4: Install k3s == | == Step 4: Install k3s == | ||
| Line 58: | Line 58: | ||
Log out and back in to apply changes, then proceed with Helm setup. | Log out and back in to apply changes, then proceed with Helm setup. | ||
| − | == Step | + | =Setup Dashboard= |
| + | == Step 1: Add the Kubernetes Dashboard Helm repo and install the Dashboard == | ||
<pre> | <pre> | ||
helm repo add kubernetes-dashboard https://kubernetes.github.io/dashboard/ | helm repo add kubernetes-dashboard https://kubernetes.github.io/dashboard/ | ||
| Line 64: | Line 65: | ||
</pre> | </pre> | ||
| − | == Step | + | == Step 2: Expose Dashboard via NodePort == |
<pre> | <pre> | ||
kubectl patch service kubernetes-dashboard-kong-proxy -n kubernetes-dashboard --type='merge' -p '{ | kubectl patch service kubernetes-dashboard-kong-proxy -n kubernetes-dashboard --type='merge' -p '{ | ||
| Line 91: | Line 92: | ||
</pre> | </pre> | ||
| − | == Step | + | == Step 3: Create Service Account and RoleBinding for Admin Access == |
<pre> | <pre> | ||
echo 'apiVersion: v1 | echo 'apiVersion: v1 | ||
| Line 123: | Line 124: | ||
</pre> | </pre> | ||
| − | == Step | + | == Step 4: Retrieve the Admin User Token == |
<pre> | <pre> | ||
kubectl get secret admin-user -n kubernetes-dashboard -o jsonpath={".data.token"} | base64 -d | kubectl get secret admin-user -n kubernetes-dashboard -o jsonpath={".data.token"} | base64 -d | ||
| Line 131: | Line 132: | ||
| − | = | + | = Uninstall Dashboard = |
To remove the Kubernetes Dashboard, run the following commands: | To remove the Kubernetes Dashboard, run the following commands: | ||
<pre> | <pre> | ||
Revision as of 07:45, 22 September 2024
Contents
1 Kubernetes Dashboard via NodePort and Auth Token on K3S
1.1 Description
The goal is to install and expose the Kubernetes Dashboard using NodePort and an authentication token, allowing LAN users to access it without port forwarding.
2 Setup K3S
2.1 Step 1: Upgrade and install necessary packages
dnf -y upgrade dnf -y install setroubleshoot-server curl lsof wget tar vim git bash-completion
2.2 Step 2: Disable swap
sed -i '/swap/d' /etc/fstab swapoff -a
2.3 Step 3: Open necessary firewall ports
systemctl disable firewalld --now # it is recomended to disable firewalld, so do not use this if you do not know how to handle firewall-cmd --permanent --add-port=30443/tcp # dashboard firewall-cmd --permanent --add-port=443/tcp # ingress controller firewall-cmd --permanent --add-port=6443/tcp # API server firewall-cmd --permanent --zone=trusted --add-source=10.42.0.0/16 # pods firewall-cmd --permanent --zone=trusted --add-source=10.43.0.0/16 # services firewall-cmd --reload reboot
2.4 Step 4: Install k3s
curl -sfL https://get.k3s.io | sh grep 'kubectl completion bash' $HOME/.bashrc || echo 'source <(kubectl completion bash)' >> $HOME/.bashrc
Check k3s version:
k3s -v # Expected output: # k3s version v1.30.4+k3s1 (98262b5d) # go version go1.22.5
2.5 Step 5: Install Helm
curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | sh helm completion bash > /etc/bash_completion.d/helm grep KUBECONFIG $HOME/.bashrc || echo 'export KUBECONFIG=/etc/rancher/k3s/k3s.yaml' >> $HOME/.bashrc
Log out and back in to apply changes, then proceed with Helm setup.
3 Setup Dashboard
3.1 Step 1: Add the Kubernetes Dashboard Helm repo and install the Dashboard
helm repo add kubernetes-dashboard https://kubernetes.github.io/dashboard/ helm upgrade --install kubernetes-dashboard kubernetes-dashboard/kubernetes-dashboard --create-namespace --namespace kubernetes-dashboard
3.2 Step 2: Expose Dashboard via NodePort
kubectl patch service kubernetes-dashboard-kong-proxy -n kubernetes-dashboard --type='merge' -p '{
"spec": {
"type": "NodePort",
"ports": [
{
"name": "kong-proxy-tls",
"port": 443,
"protocol": "TCP",
"targetPort": 8443,
"nodePort": 30443
}
],
"selector": {
"app.kubernetes.io/component": "app",
"app.kubernetes.io/instance": "kubernetes-dashboard",
"app.kubernetes.io/name": "kong"
},
"sessionAffinity": "None"
},
"status": {
"loadBalancer": {}
}
}'
3.3 Step 3: Create Service Account and RoleBinding for Admin Access
echo 'apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard
---
apiVersion: v1
kind: Secret
metadata:
name: admin-user
namespace: kubernetes-dashboard
annotations:
kubernetes.io/service-account.name: "admin-user"
type: kubernetes.io/service-account-token
' | kubectl apply -f -
3.4 Step 4: Retrieve the Admin User Token
kubectl get secret admin-user -n kubernetes-dashboard -o jsonpath={".data.token"} | base64 -d
Use the retrieved token to log in to the Kubernetes Dashboard at https://your.cluster.fqdn:30443
4 Uninstall Dashboard
To remove the Kubernetes Dashboard, run the following commands:
helm uninstall kubernetes-dashboard --namespace kubernetes-dashboard kubectl get all -n kubernetes-dashboard kubectl delete namespace kubernetes-dashboard helm repo remove kubernetes-dashboard
