Exposing the Kubernetes Dashboard with Istio Service Mesh
Written by Sigal Zigelboim   
Thursday, 24 November 2022
Article Index
Exposing the Kubernetes Dashboard with Istio Service Mesh
Save and Edit the Definition File

Step 2: Save and Edit the Definition File

Download the Kubernetes-dashboard.yaml definition file using the wget command:  

wget  https://raw.githubusercontent.com/kubernetes/
   dashboard/v2.0.5/aio/deploy/recommended.yaml>
                                -O kubernetes-dashboard.yaml

Here is how to implement the Namespace specification. It requires us to define the API version, its kind, spec and metadata as follows: 

apiVersion: v1
kind: Namespace       
metadata:
  name: kubernetes-dashboard
spec:
  ports:
  —port: 90
     targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard

Let’s implement the dashboard secret. In order to avoid certificate errors that can occur in several web browsers, we will develop it manually. We define API version, its kind, type and metadata as follows: 

apiVersion: v1
kind: Secret
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-certs
  namespace: kube-system
type: Opaque

Step 3: Create Namespaces and Certificates

This stage involves the generation of Namespaces and Certificates.

  1. All other dashboard elements for the K8 will come under the Namespace category. In this step, we will first create the kubernetes-dashboard namespace using kubectl:

kub1

  1. Next, we will create the Certificates using kubectl:

kub2

 

Step 4: Deployment of the Configuration 

In this step, we will deploy the Kubernetes-deployment.yaml file using the create command: 

kub3

A Kubernetes Namespace defines the scope of the cluster's Pods, Services, and Deployments. We can analyze the Pods and Services using the get commands: 

kub4

 

Step 5: Implement the Kubernetes Dashboard 

Here we build ClusterRoleBinding and a ServiceAccount. Create a ServiceAccount using dashboard-admin.yaml:

apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: dashboard-admin
  namespace: kubernetes-dashboard
spec:
 ports:
  —port: 80

Now create ClusterRoleBinding using

dashboard-admin-bind-cluster-role.yaml:

 kub5

To implement a Kubernetes Dashboard, users need to apply the ClusterRoleBinding and a ServiceAccount using the apply command in their cluster: 

kubectl apply -f dashboard-admin.yaml
kubectl apply -f dashboard-admin-bind-cluster-role.yaml 

Users can access the dashboard by opening the host url, which we defined in the VirtualService. In our case, navigate to k8sdashboard.example.com

Create a connection between the default cluster administrator and the cluster administrator by establishing a ServiceAccount using the create command as follows:

kub6 

Lastly, users can log in to the Kubernetes dashboard using the newly acquired token.

Conclusion

In this article, I explained the basics of Istio for Kubernetes clusters, and showed how you can use Istio to easily expose your Kubernetes dashboard to users and administrators of your cluster. This involves: 

  1. Creating a new dashboard Gateway and Virtual Service.

  2. Saving and editing the definition file.

  3. Generating Namespaces and Certificates.

  4. Deploying the Kubernetes-deployment.yaml file using the create command.

  5. Creating a ClusterRoleBinding and ServiceAccount. 

I hope this will be useful as you make better use of Istio for managing cluster communications. 

itsiosq

More Information

Istio

Related Articles

Istio 1.7 Expands Capabilities for the Hybrid Cloud

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

 

Banner


Valkey's Expanding Ecosystem
10/10/2024

Valkey, heralded as a better alternative to Redis, has taken the industry by storm. Reinforcing its superiority, a rapidly growing ecosystem is being built around it.



Android Apps Can Block Being Sideloaded
17/09/2024

Android developers now have a way to prevent users sideloading their apps, and users are seeing the effects. Google Play Integrity API, which was released in June, blocks sideloading.


More News

kotlin book

 

Comments




or email your comment to: comments@i-programmer.info



Last Updated ( Friday, 25 November 2022 )