Kubernetes newbie (or rather basic networking) question: Installed single node minikube (0.23 release) on a ubuntu box running in my lan (on IP address 192.168.0.20) with virtualbox.

minikube start command completes successfully as well

minikube start
Starting local Kubernetes v1.8.0 cluster...
Starting VM...
Getting VM IP address...
Moving files into cluster...
Setting up certs...
Connecting to cluster...
Setting up kubeconfig...
Starting cluster components...
Kubectl is now configured to use the cluster.

minikube dashboard also comes up successfully. (running on 192.168.99.100:30000)

what i want to do is access minikube dashboard from my macbook (running on 192.168.0.11) in the same LAN.

Also I want to access the same minikube dashboard from the internet.

For LAN Access: Now from what i understand i am using virtualbox (the default vm option), i can change the networking type (to NAT with port forwarding) using vboxnet command

VBoxManage modifyvm "VM name" --natpf1 "guestssh,tcp,,2222,,22"

as listed here

In my case it will be something like this

VBoxManage modifyvm "VM name" --natpf1 "guesthttp,http,,30000,,8080"

Am i thinking along the right lines here?

Also for remotely accessing the same minikube dashboard address, i can setup a no-ip.com like service. They asked to install their utility on linux box and also setup port forwarding in the router settings which will port forward from host port to guest port. Is that about right? Am i missing something here?

I was able to get running with something as simple as:

kubectl proxy --address='0.0.0.0' --disable-filter=true

@Jeff provided the perfect answer, put more hints for newbies.

1. Start a proxy using @Jeff's script, as default it will open a proxy on '0.0.0.0:8001'.

   kubectl proxy --address='0.0.0.0' --disable-filter=true
   

2. Visit the dashboard via the link below:

   curl http://your_api_server_ip:8001/api/v1/namespaces/kube-system/services/http:kubernetes-dashboard:/proxy/
   

More details please refer to the officially doc.

The ssh way

Assuming that you have ssh on your ubuntu box.

First run kubectl proxy & to expose the dashboard on http://localhost:8001

Then expose the dashboard using ssh's port forwarding, executing:

ssh -R 30000:127.0.0.1:8001 $USER@192.168.0.20

Now you should access the dashboard from your macbook in your LAN pointing the browser to http://192.168.0.20:30000

To expose it from outside, just expose the port 30000 using no-ip.com, maybe change it to some standard port, like 80.

Note that isn't the simplest solution but in some places would work without having superuser rights ;) You can automate the login after restarts of the ubuntu box using a init script and setting public key for connection.

I had the same problem recently and solved it as follows:

1. Get your minikube VM onto the LAN by adding another network adapter in bridge network mode. For me, this was done through modifying the minikube VM in the VirtualBox UI and required VM stop/start. Not sure how this would work if you're using hyperkit. Don't muck with the default network adapters configured by minikube: minikube depends on these. https://github.com/kubernetes/minikube/issues/1471
2. If you haven't already, install kubectl on your mac: https://kubernetes.io/docs/tasks/tools/install-kubectl/

3. Add a cluster and associated config to the ~/.kube/config as below, modifying the server IP address to match your newly exposed VM IP. Names can also be modified if desired. Note that the insecure-skip-tls-verify: true is needed because the https certificate generated by minikube is only valid for the internal IP addresses of the VM.

   clusters:
   - cluster:
       insecure-skip-tls-verify: true
       server: https://192.168.0.101:8443
     name: mykubevm
   contexts:
   - context:
       cluster: mykubevm
       user: kubeuser
     name: mykubevm
   users:
   - name: kubeuser
     user:
       client-certificate: /Users/myname/.minikube/client.crt
       client-key: /Users/myname/.minikube/client.key
   

4. Copy the ~/.minikube/client.* files referenced in the config from your linux minikube host. These are the security key files required for access.

5. Set your kubectl context: kubectl config set-context mykubevm. At this point, your minikube cluster should be accessible (try kubectl cluster-info).

6. Run kubectl proxy http://localhost:8000 to create a local proxy for access to the dashboard. Navigate to that address in your browser.

It's also possible to ssh to the minikube VM. Copy the ssh key pair from ~/.minikube/machines/minikube/id_rsa* to your .ssh directory (renaming to avoid blowing away other keys, e.g. mykubevm & mykubevm.pub). Then ssh -i ~/.ssh/mykubevm docker@<kubevm-IP>

Slight variation on the approach above.

I have an http web service with NodePort 30003. I make it available on port 80 externally by running:

sudo ssh -v -i ~/.ssh/id_rsa -N -L 0.0.0.0:80:localhost:30003 ${USER}@$(hostname)

Jeff Prouty added useful answer:

I was able to get running with something as simple as:

kubectl proxy --address='0.0.0.0' --disable-filter=true

But for me it didn't worked initially.

I run this command on the CentOS 7 machine with running kubectl (local IP: 192.168.0.20).

When I tried to access dashboard from another computer (which was in LAN obviously):

http://192.168.0.20:8001/api/v1/namespaces/kube-system/services/kubernetes-dashboard/proxy/

then only timeout was in my web browser.

The solution for my case is that in CentOS 7 (and probably other distros) you need to open port 8001 in your OS firewall.

So in my case I need to run in CentOS 7 terminal:

 sudo firewall-cmd --zone=public --add-port=8001/tcp --permanent
 sudo firewall-cmd --reload

And after that. It works! :)

Of course you need to be aware that this is not safe solution, because anybody have access to your dashbord now. But I think that for local lab testing it will be sufficient.

In other linux distros, command for opening ports in firewall can be different. Please use google for that.

Thanks for your valuable answers, If you have to use the kubectl proxy command unable to view permanently, using the below "Service" object in YAML file able to view remotely until you stopped it. Create a new yaml file minikube-dashboard.yaml and write the code manually, I don't recommend copy and paste it.

apiVersion : v1
kind: Service
metadata:
  labels:
    app: kubernetes-dashboard
  name: kubernetes-dashboard-test
  namespace: kube-system
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 9090
    nodePort: 30000
  selector:
    app: kubernetes-dashboard
  type: NodePort

Execute the command,

$ sudo kubectl apply -f minikube-dashboard.yaml

Finally, open the URL: http://your-public-ip-address:30000/#!/persistentvolume?namespace=default