Added Dashboard for kubernetes cluster

2026-03-08 13:24:06 +01:00
parent ef43cde916
commit 8db7202686
4 changed files with 85 additions and 2 deletions
--- a/README.md
+++ b/README.md
@@ -94,3 +94,19 @@ After the playbook completes:
   kubectl get pods -A
   ```
   Ensure `coredns` and `kube-flannel` are running.
+
+## Kubernetes Dashboard
+
+A dashboard has been installed and is accessible via NodePort on the master node.
+
+1. **Get the Token**:
+   Run this command on the master node to get your login token:
+   ```bash
+   kubectl get secret admin-user-token -n kubernetes-dashboard -o jsonpath={".data.token"} | base64 -d
+   ```
+
+2. **Access the Dashboard**:
+   Open your browser and navigate to:
+   `https://<master-ip>:30443`
+
+   *Note: Since it uses a self-signed certificate, you will need to bypass the browser security warning (usually click "Advanced" -> "Proceed").*
--- a/roles/dashboard/tasks/main.yml
+++ b/roles/dashboard/tasks/main.yml
@@ -0,0 +1,64 @@
+---
+- name: Install Metrics Server
+  command: kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
+  environment:
+    KUBECONFIG: /etc/kubernetes/admin.conf
+
+- name: Patch Metrics Server for self-signed certs (RPi workaround)
+  command: >
+    kubectl patch deployment metrics-server -n kube-system --type='json'
+    -p='[{"op": "add", "path": "/spec/template/spec/containers/0/args/-", "value": "--kubelet-insecure-tls"}]'
+  environment:
+    KUBECONFIG: /etc/kubernetes/admin.conf
+
+- name: Install Kubernetes Dashboard
+  command: kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml
+  environment:
+    KUBECONFIG: /etc/kubernetes/admin.conf
+
+- name: Create Dashboard Admin Service Account
+  shell: |
+    cat <<EOF | kubectl apply -f -
+    apiVersion: v1
+    kind: ServiceAccount
+    metadata:
+      name: admin-user
+      namespace: kubernetes-dashboard
+    ---
+    apiVersion: rbac.authorization.k8s.io/v1
+    kind: ClusterRoleBinding
+    metadata:
+      name: admin-user
+    roleRef:
+      apiGroup: rbac.authorization.k8s.io
+      kind: ClusterRole
+      name: cluster-admin
+    subjects:
+    - kind: ServiceAccount
+      name: admin-user
+      namespace: kubernetes-dashboard
+    EOF
+  environment:
+    KUBECONFIG: /etc/kubernetes/admin.conf
+
+- name: Create Dashboard Admin Token Secret (for K8s 1.24+)
+  shell: |
+    cat <<EOF | kubectl apply -f -
+    apiVersion: v1
+    kind: Secret
+    metadata:
+      name: admin-user-token
+      namespace: kubernetes-dashboard
+      annotations:
+        kubernetes.io/service-account.name: admin-user
+    type: kubernetes.io/service-account-token
+    EOF
+  environment:
+    KUBECONFIG: /etc/kubernetes/admin.conf
+
+- name: Change Dashboard service to NodePort
+  command: >
+    kubectl patch svc kubernetes-dashboard -n kubernetes-dashboard 
+    -p '{"spec": {"type": "NodePort", "ports": [{"port": 443, "nodePort": 30443}]}}'
+  environment:
+    KUBECONFIG: /etc/kubernetes/admin.conf
--- a/roles/master/tasks/main.yml
+++ b/roles/master/tasks/main.yml
@@ -26,13 +26,15 @@

 - name: Install Flannel Pod Network
  command: kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
-  become: yes
-  become_user: "{{ ansible_user }}"
+  environment:
+    KUBECONFIG: /etc/kubernetes/admin.conf
  when: kubeadm_init.changed

 - name: Get join command
  command: kubeadm token create --print-join-command
  register: join_command_raw
+  environment:
+    KUBECONFIG: /etc/kubernetes/admin.conf

 - name: Add dummy host with variable
  add_host:
--- a/site.yml
+++ b/site.yml
@@ -10,6 +10,7 @@
  become: yes
  roles:
    - master
+    - dashboard

 - name: Setup Worker Nodes
  hosts: workers