I am following the instructions as given here
I used the command to get a running cluster, in gcloud console I typed: curl -sS https://get.k8s.io | bash
as described in the link, after that I ran the command kubectl cluster-info
from that I got:
kubernetes-dashboard is running at https://35.188.109.36/api/v1/proxy/namespaces/kube-
system/services/kubernetes-dashboard
but when I go to that url from firefox, the message that comes is:
User "system:anonymous" cannot proxy services in the namespace
"kube-system".: "No policy matched."
Expected behaviour: Should ask for admin name and password to connect to the dashboard.
I dont understand why its so difficult to even access the kubernetes dashboad in google compute engine. I have seen other issues as well like these but no great help. I also deleted the whole service of dashboard (which was cluster ip type by default) and made it NodePort type to expose it as mentioned in the last answer of Unable to access Kubernetes Dashboard but no help. Please help.
Is there a reason why you did not use GKE (Google Kubernetes Engine) which provides the dashboard add-on installed out of the box?
In your case, simply:
- the kubernetes-dashboard addon might not be installed (but logs say so, so I think this is not the problem)
- network configuration that makes
kubectl proxy
work might not be there
- the
curl .. | sh
script you used probably did not configure the authentication properly.
I recommend using GKE as this works out of the box. You can find documentation here: https://cloud.google.com/kubernetes-engine/docs/oss-ui
If you still want to use GCE, I recommend running kubectl proxy
on your workstation (not your kubernetes nodes) and visiting http://127.0.0.1:8001/ui
on your browser to see if it works.
If you get an error about not having enough permissions, you might be using a Kubernetes version new enough that enforces RBAC policies on pods like dashboard which access the API. You can grant those permissions by running:
kubectl create clusterrolebinding add-on-cluster-admin \
--clusterrole=cluster-admin \
--serviceaccount=kube-system:default
I also recommend trying out GKE UI in Google Cloud Console: https://console.cloud.google.com/kubernetes
you can run kubectl proxy
locally and access it at http://localhost:8001/ui