๐Ÿ“Œ Part 3 Efficient Kubernetes Management: Secure Your Cluster with the Dashboard

Vikas SurveVikas Surve
3 min read

1๏ธโƒฃ Overview

The Kubernetes Dashboard is a web-based user interface that empowers you to efficiently manage and monitor your Kubernetes clusters. With this tool, you can:

  • Monitor cluster resources such as pods, deployments, and services

  • Manage workloads by scaling applications and restarting pods

  • Inspect logs and troubleshoot issues

  • Access real-time cluster metrics

By the end of this guide, you'll have a fully configured Kubernetes Dashboard with secure access and role-based authentication (RBAC).

2๏ธโƒฃ Deploying the Kubernetes Dashboard

๐Ÿ”น Why is this important?

  • The Dashboard provides a graphical interface to manage Kubernetes.

  • It helps track resource usage and diagnose issues quickly.

๐Ÿ”น Step 1: Deploy the Dashboard

Kubernetes provides an official YAML file to deploy the Dashboard:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml

โœ… Sample Output:

namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created

๐Ÿ”น Step 2: Verify the Deployment

Check if the Dashboard pods are running:

kubectl get pods -n kubernetes-dashboard

โœ… Expected Output:

NAME                                         READY   STATUS    RESTARTS   AGE
kubernetes-dashboard-6b7d8f5c89-xyz12        1/1     Running   0          1m

๐Ÿ”น Step 3: Expose the Dashboard Service

By default, the Dashboard is exposed as a ClusterIP service (internal only). To access it externally, you need to use kubectl proxy:

kubectl proxy

Now, open the Dashboard in a browser:

http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/

๐Ÿ“Œ Problem: By default, access is restricted. Letโ€™s set up authentication.

3๏ธโƒฃ Configuring Secure Access (RBAC Authentication)

๐Ÿ”น Why is RBAC Needed?

  • Kubernetes restricts Dashboard access by default.

  • Role-Based Access Control (RBAC) grants fine-grained permissions.

๐Ÿ”น Step 1: Create an Admin Service Account

Create a YAML file for the admin user:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

Apply it:

kubectl apply -f admin-user.yaml

โœ… Sample Output:

serviceaccount/admin-user created
clusterrolebinding.rbac.authorization.k8s.io/admin-user created

๐Ÿ”น Step 2: Get the Authentication Token

Run the following command to get the bearer token:

kubectl get secret $(kubectl get sa admin-user -n kubernetes-dashboard -o jsonpath="{.secrets[0].name}") -n kubernetes-dashboard -o jsonpath="{.data.token}" | base64 --decode

Copy the token and save it. You will need it to log in.

๐Ÿ”น Step 3: Access the Dashboard

1๏ธโƒฃ Start the Dashboard Proxy:

kubectl proxy

2๏ธโƒฃ Open the Dashboard in your browser:

http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/

3๏ธโƒฃ Select "Token Authentication" and paste the copied token.

โœ… Dashboard Sample Output:

Kubernetes Dashboard

4๏ธโƒฃ Managing Workloads via Dashboard

Now that the Dashboard is set up, you can:

โœ… View running applications: Pods, Deployments, Services
โœ… Scale applications: Increase or decrease replicas
โœ… Check logs: Debug issues with pod logs
โœ… Delete & restart pods: Manage application lifecycle

5๏ธโƒฃ Troubleshooting & Common Issues

๐Ÿ”น Issue: "Forbidden" when accessing the Dashboard

Solution: Ensure the correct RBAC roles are assigned:

kubectl describe clusterrolebinding admin-user

๐Ÿ”น Issue: Dashboard pods stuck in "Pending"

Solution: Check cluster resources:

kubectl get events -n kubernetes-dashboard
kubectl describe pod -n kubernetes-dashboard <pod-name>

๐ŸŽฏ Conclusion

๐Ÿš€ Kubernetes Dashboard is fully deployed and secured!
โœ… Web-based Kubernetes management is now available
โœ… RBAC authentication is configured
โœ… Cluster monitoring & troubleshooting is easier

๐Ÿ“Œ Next Step: Advanced Kubernetes Monitoring with Prometheus, Grafana, Node Exporter & cAdvisor

0
Subscribe to my newsletter

Read articles from Vikas Surve directly inside your inbox. Subscribe to the newsletter, and don't miss out.

kubernetesdashboard kubernetes RBAC

Written by

Vikas Surve
Vikas Surve

I am an ๐— ๐—ฆ ๐—–๐—ฒ๐—ฟ๐˜๐—ถ๐—ณ๐—ถ๐—ฒ๐—ฑ ๐——๐—ฒ๐˜ƒ๐—ข๐—ฝ๐˜€ ๐—˜๐—ป๐—ด๐—ถ๐—ป๐—ฒ๐—ฒ๐—ฟ ๐—˜๐˜…๐—ฝ๐—ฒ๐—ฟ๐˜ and ๐—”๐˜‡๐˜‚๐—ฟ๐—ฒ ๐—”๐—ฑ๐—บ๐—ถ๐—ป๐—ถ๐˜€๐˜๐—ฟ๐—ฎ๐˜๐—ผ๐—ฟ ๐—”๐˜€๐˜€๐—ผ๐—ฐ๐—ถ๐—ฎ๐˜๐—ฒ with over ๐Ÿญ๐Ÿฌ ๐˜†๐—ฒ๐—ฎ๐—ฟ๐˜€ ๐—ผ๐—ณ ๐—ฒ๐˜…๐—ฝ๐—ฒ๐—ฟ๐—ถ๐—ฒ๐—ป๐—ฐ๐—ฒ in designing, implementing, and optimizing DevOps solutions. My expertise includes ๐—–๐—œ/๐—–๐—— ๐—ฎ๐˜‚๐˜๐—ผ๐—บ๐—ฎ๐˜๐—ถ๐—ผ๐—ป ๐˜‚๐˜€๐—ถ๐—ป๐—ด ๐—š๐—ถ๐˜๐—Ÿ๐—ฎ๐—ฏ, ๐—๐—ฒ๐—ป๐—ธ๐—ถ๐—ป๐˜€, ๐—ฎ๐—ป๐—ฑ ๐—”๐˜‡๐˜‚๐—ฟ๐—ฒ ๐——๐—ฒ๐˜ƒ๐—ข๐—ฝ๐˜€, as well as ๐—–๐—ผ๐—ป๐˜๐—ฎ๐—ถ๐—ป๐—ฒ๐—ฟ ๐—ผ๐—ฟ๐—ฐ๐—ต๐—ฒ๐˜€๐˜๐—ฟ๐—ฎ๐˜๐—ถ๐—ผ๐—ป ๐˜„๐—ถ๐˜๐—ต ๐——๐—ผ๐—ฐ๐—ธ๐—ฒ๐—ฟ ๐—ฎ๐—ป๐—ฑ ๐—ž๐˜‚๐—ฏ๐—ฒ๐—ฟ๐—ป๐—ฒ๐˜๐—ฒ๐˜€. ๐Ÿ”น ๐—˜๐˜…๐—ฝ๐—ฒ๐—ฟ๐˜ ๐—ถ๐—ป ๐—ฑ๐—ฒ๐˜€๐—ถ๐—ด๐—ป๐—ถ๐—ป๐—ด ๐—ฎ๐—ป๐—ฑ ๐—บ๐—ฎ๐—ป๐—ฎ๐—ด๐—ถ๐—ป๐—ด ๐—ฒ๐—ป๐—ฑ-๐˜๐—ผ-๐—ฒ๐—ป๐—ฑ ๐—–๐—œ/๐—–๐—— ๐—ฝ๐—ถ๐—ฝ๐—ฒ๐—น๐—ถ๐—ป๐—ฒ๐˜€ ๐Ÿ”น ๐—›๐—ฎ๐—ป๐—ฑ๐˜€-๐—ผ๐—ป ๐—ฒ๐˜…๐—ฝ๐—ฒ๐—ฟ๐—ถ๐—ฒ๐—ป๐—ฐ๐—ฒ ๐˜„๐—ถ๐˜๐—ต ๐—”๐˜‡๐˜‚๐—ฟ๐—ฒ, ๐—ž๐˜‚๐—ฏ๐—ฒ๐—ฟ๐—ป๐—ฒ๐˜๐—ฒ๐˜€ (๐—”๐—ž๐—ฆ), ๐—ฎ๐—ป๐—ฑ ๐—ง๐—ฒ๐—ฟ๐—ฟ๐—ฎ๐—ณ๐—ผ๐—ฟ๐—บ ๐—ณ๐—ผ๐—ฟ ๐˜€๐—ฐ๐—ฎ๐—น๐—ฎ๐—ฏ๐—น๐—ฒ ๐—ฑ๐—ฒ๐—ฝ๐—น๐—ผ๐˜†๐—บ๐—ฒ๐—ป๐˜๐˜€ ๐Ÿ”น ๐—ฃ๐—ฎ๐˜€๐˜€๐—ถ๐—ผ๐—ป๐—ฎ๐˜๐—ฒ ๐—ฎ๐—ฏ๐—ผ๐˜‚๐˜ ๐—ฎ๐˜‚๐˜๐—ผ๐—บ๐—ฎ๐˜๐—ถ๐—ผ๐—ป, ๐˜€๐—ฒ๐—ฐ๐˜‚๐—ฟ๐—ถ๐˜๐˜†, ๐—ฎ๐—ป๐—ฑ ๐—ฐ๐—น๐—ผ๐˜‚๐—ฑ-๐—ป๐—ฎ๐˜๐—ถ๐˜ƒ๐—ฒ ๐˜๐—ฒ๐—ฐ๐—ต๐—ป๐—ผ๐—น๐—ผ๐—ด๐—ถ๐—ฒ๐˜€ ๐Ÿ›  ๐—ฆ๐—ธ๐—ถ๐—น๐—น๐˜€ & ๐—ง๐—ผ๐—ผ๐—น๐˜€ โœ… ๐——๐—ฒ๐˜ƒ๐—ข๐—ฝ๐˜€ & ๐—–๐—œ/๐—–๐——: Azure DevOps, GitLab, Jenkins โœ… ๐—–๐—น๐—ผ๐˜‚๐—ฑ & ๐—œ๐—ป๐—ณ๐—ฟ๐—ฎ๐˜€๐˜๐—ฟ๐˜‚๐—ฐ๐˜๐˜‚๐—ฟ๐—ฒ: Azure, AWS โœ… ๐—œ๐—ป๐—ณ๐—ฟ๐—ฎ๐˜€๐˜๐—ฟ๐˜‚๐—ฐ๐˜๐˜‚๐—ฟ๐—ฒ ๐—ฎ๐˜€ ๐—–๐—ผ๐—ฑ๐—ฒ (๐—œ๐—ฎ๐—–): Terraform, Bicep โœ… ๐—–๐—ผ๐—ป๐˜๐—ฎ๐—ถ๐—ป๐—ฒ๐—ฟ๐˜€ & ๐—ข๐—ฟ๐—ฐ๐—ต๐—ฒ๐˜€๐˜๐—ฟ๐—ฎ๐˜๐—ถ๐—ผ๐—ป: Docker, Kubernetes (AKS) โœ… ๐—–๐—ผ๐—ป๐—ณ๐—ถ๐—ด ๐— ๐—ฎ๐—ป๐—ฎ๐—ด๐—ฒ๐—บ๐—ฒ๐—ป๐˜: PowerShell, Shell Scripting โœ… ๐— ๐—ผ๐—ป๐—ถ๐˜๐—ผ๐—ฟ๐—ถ๐—ป๐—ด & ๐—ข๐—ฏ๐˜€๐—ฒ๐—ฟ๐˜ƒ๐—ฎ๐—ฏ๐—ถ๐—น๐—ถ๐˜๐˜†: Grafana, Prometheus, Azure Monitor โœ… ๐—ฆ๐—ฒ๐—ฐ๐˜‚๐—ฟ๐—ถ๐˜๐˜† & ๐—ก๐—ฒ๐˜๐˜„๐—ผ๐—ฟ๐—ธ๐—ถ๐—ป๐—ด: Load Balancers, Firewalls, ClusterIP โœ… ๐—ข๐—ฝ๐—ฒ๐—ฟ๐—ฎ๐˜๐—ถ๐—ป๐—ด ๐—ฆ๐˜†๐˜€๐˜๐—ฒ๐—บ๐˜€: Linux, Mac ๐Ÿ’ก ๐—ž๐—ฒ๐˜† ๐—ฆ๐˜๐—ฟ๐—ฒ๐—ป๐—ด๐˜๐—ต๐˜€ โœ” ๐—–๐—น๐—ผ๐˜‚๐—ฑ ๐—”๐—ฟ๐—ฐ๐—ต๐—ถ๐˜๐—ฒ๐—ฐ๐˜๐˜‚๐—ฟ๐—ฒ & ๐—”๐˜‚๐˜๐—ผ๐—บ๐—ฎ๐˜๐—ถ๐—ผ๐—ป โ€“ Designing and managing scalable cloud solutions โœ” ๐—–๐—œ/๐—–๐—— & ๐——๐—ฒ๐˜ƒ๐—ข๐—ฝ๐˜€ ๐—Ÿ๐—ฒ๐—ฎ๐—ฑ๐—ฒ๐—ฟ๐˜€๐—ต๐—ถ๐—ฝ โ€“ Implementing robust and automated software delivery pipelines โœ” ๐—ง๐—ฒ๐—ฎ๐—บ ๐—Ÿ๐—ฒ๐—ฎ๐—ฑ๐—ฒ๐—ฟ๐˜€๐—ต๐—ถ๐—ฝ & ๐— ๐—ฒ๐—ป๐˜๐—ผ๐—ฟ๐˜€๐—ต๐—ถ๐—ฝ โ€“ Leading a 5-member team, fostering collaboration and growth โœ” ๐—ฆ๐—ฒ๐—ฐ๐˜‚๐—ฟ๐—ถ๐˜๐˜† & ๐—–๐—ผ๐—บ๐—ฝ๐—น๐—ถ๐—ฎ๐—ป๐—ฐ๐—ฒ โ€“ Ensuring cloud security, compliance, and best practices โœ” ๐—ฃ๐—ฟ๐—ผ๐—ฏ๐—น๐—ฒ๐—บ ๐—ฆ๐—ผ๐—น๐˜ƒ๐—ถ๐—ป๐—ด & ๐—ข๐—ฝ๐˜๐—ถ๐—บ๐—ถ๐˜‡๐—ฎ๐˜๐—ถ๐—ผ๐—ป โ€“ Driving efficiency through automation and DevOps practices โœ” ๐—–๐—ผ๐—ป๐˜๐—ถ๐—ป๐˜‚๐—ผ๐˜‚๐˜€ ๐—Ÿ๐—ฒ๐—ฎ๐—ฟ๐—ป๐—ถ๐—ป๐—ด & ๐—œ๐—ป๐—ป๐—ผ๐˜ƒ๐—ฎ๐˜๐—ถ๐—ผ๐—ป โ€“ Exploring emerging technologies and best practices