The fastest way of deploying Dashboard has been described in our README. It is destined for people that are new to Kubernetes and want to quickly start using Dashboard. Other possible setups for more experienced users, that want to know more about our deployment procedure can be found below.
To access Dashboard directly (without kubectl proxy
) valid certificates should be used to establish a secure HTTPS connection. They can be generated using public trusted Certificate Authorities like Let's Encrypt, optionally Cert-Manager can auto-issue and auto-renew them. Use them to replace the auto-generated certificates from Dashboard.
By default self-signed certificates are generated and stored in-memory. In case you would like to use your custom certificates follow the below steps, otherwise skip directly to the Dashboard deploy part.
Custom certificates have to be stored in a secret named kubernetes-dashboard-certs
in the same namespace as Kubernetes Dashboard. Assuming that you have tls.crt
and tls.key
files stored under $HOME/certs
directory, you should create secret with contents of these files:
kubectl create secret generic kubernetes-dashboard-certs --from-file=$HOME/certs -n kubernetes-dashboard
For Dashboard to pickup the certificates, you must pass arguments --tls-cert-file=/tls.crt
and --tls-key-file=/tls.key
to the container. You can edit YAML definition and deploy Dashboard in one go:
kubectl create --edit -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.1/aio/deploy/recommended.yaml
Under Deployment section, add arguments to pod definition, it should look as follows:
containers:
- args:
- --tls-cert-file=/tls.crt
- --tls-key-file=/tls.key
--auto-generate-certificates
can be left in place, and will be used as a fallback.
This setup is not fully secure. Certificates are not used and Dashboard is exposed only over HTTP. In this setup access control can be ensured only by using Authorization Header feature.
To deploy Dashboard execute following command:
kubectl create -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.1/aio/deploy/alternative.yaml
Besides official releases, there are also development releases, that are pushed after every successful master build. It is not advised to use them on production environment as they are less stable than the official ones. Following sections describe installation and discovery of development releases.
In most of the use cases you need to execute the following command to deploy latest development release:
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.1/aio/deploy/head.yaml
Once installed, the deployment is not automatically updated. In order to update it you need to delete the deployment's pods and wait for it to be recreated. After recreation, it should use the latest image.
Delete all Dashboard pods (assuming that Dashboard is deployed in kubernetes-dashboard namespace):
kubectl -n kubernetes-dashboard delete $(kubectl -n kubernetes-dashboard get pod -o name | grep dashboard)
pod "dashboard-metrics-scraper-fb986f88d-gnfnk" deleted
pod "kubernetes-dashboard-7d8b9cc8d-npljm" deleted
Copyright 2019 The Kubernetes Dashboard Authors