How to create a Kubernetes Dashboard service account?

Creating a Kubernetes Dashboard Service Account

The Kubernetes Dashboard is a web-based user interface for managing Kubernetes clusters. To access the Dashboard, you need to create a service account with the appropriate permissions. Here's how you can create a Kubernetes Dashboard service account:

Step 1: Create a Service Account

First, you need to create a service account in your Kubernetes cluster. You can do this by running the following command:

kubectl create serviceaccount dashboard-admin-sa -n kubernetes-dashboard

This command creates a service account named dashboard-admin-sa in the kubernetes-dashboard namespace.

Step 2: Grant the Service Account Permissions

Next, you need to grant the service account the necessary permissions to access the Kubernetes Dashboard. You can do this by creating a ClusterRoleBinding:

kubectl create clusterrolebinding dashboard-admin-rb --clusterrole=cluster-admin --serviceaccount=kubernetes-dashboard:dashboard-admin-sa

This command creates a ClusterRoleBinding named dashboard-admin-rb that grants the cluster-admin role to the dashboard-admin-sa service account in the kubernetes-dashboard namespace.

Step 3: Retrieve the Service Account Token

To access the Kubernetes Dashboard, you'll need to retrieve the token for the service account you created. You can do this by running the following command:

kubectl -n kubernetes-dashboard get secret $(kubectl -n kubernetes-dashboard get sa/dashboard-admin-sa -o jsonpath="{.secrets[0].name}") -o go-template="{{.data.token | base64decode}}"

This command retrieves the secret associated with the dashboard-admin-sa service account, and then decodes the token field from the secret.

Step 4: Access the Kubernetes Dashboard

Now that you have the service account token, you can access the Kubernetes Dashboard by following these steps:

  1. Start the Kubernetes Dashboard:

    kubectl proxy

    This command starts the Kubernetes Dashboard proxy, which allows you to access the Dashboard from your local machine.

  2. Open your web browser and navigate to the following URL:

    http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/

    This URL will take you to the Kubernetes Dashboard login page.

  3. Select the "Token" login option and paste the service account token you retrieved in the previous step.

  4. Click "Sign In" to access the Kubernetes Dashboard.

By following these steps, you have created a Kubernetes Dashboard service account with the necessary permissions to access the Dashboard. This allows you to manage your Kubernetes cluster through the web-based interface.

graph TD A[Create Service Account] --> B[Grant Permissions] B --> C[Retrieve Service Account Token] C --> D[Access Kubernetes Dashboard]

The Mermaid diagram above illustrates the steps involved in creating a Kubernetes Dashboard service account and accessing the Dashboard.

0 Comments

no data
Be the first to share your comment!