Browse Source

fixed about

master
Whit Huntley 9 months ago
parent
commit
99ae5b393d
Signed by: colm <rwx@whits.io> GPG Key ID: B5B5EEA464CA97AB
2 changed files with 42 additions and 8 deletions
  1. +2
    -2
      content/about.md
  2. +40
    -6
      content/blog/k8s/k8sPart0.md

+ 2
- 2
content/about.md View File

@@ -6,9 +6,9 @@ draft: false

Hello, World! I'm Whit Huntley a student, programmer, and activist.

{{< figure src="/gpgqr.png" alt="OPENPGP4FPR URI" position="center" style="border-radius: 8px;" caption="OpenPGP Key" captionPosition="center" >}}
{{< figure src="/gpgqr.png" alt="OPENPGP4FPR URI" position="center" style="border-radius: 8px;" caption="OpenPGP Key Fingerprint" captionPosition="center" >}}

>`2CE2 F0FA 3F3E 8078 1544 7A06 B5B5 EEA4 64CA 97AB`
>`0xB5B5EEA464CA97AB`

## Programming



+ 40
- 6
content/blog/k8s/k8sPart0.md View File

@@ -186,24 +186,58 @@ sysctl net.bridge.bridge-nf-call-iptables=1

### Hello, Dashboard

Currently I could only access my k8s from ssh, which is difficult and clunky. I installed a dashboard and started crackin
Currently I could only access my k8s from bash/ssh, which is difficult and clunky. I installed a dashboard and started crackin

```bash
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta6/aio/deploy/recommended.yaml
```

Then I had to publish it (by default kubectl is only available on localhost):
Then I had to create an admin user to be able to access the dashboard:

```
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard

---

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard

```

Before publishing, I had to SSH back into the cluster in a way that port forwarded :8001, which is the port where the dashboard will be published on (which is only available on localhost in any useful capacity):

```bash
kubectl proxy --port 9999 --address $EXTERNAL_IP --accept-hosts="^*$"
ssh -L 8001:localhost:8001 root@$IP_ADDRESS
kubectl proxy
```

Finally I got the webui at `http://$EXTERNAL_IP:9999/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login`
Finally I got the webui at `http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login`

Then I had to figure out how to log in. I did this with the following one-liner:

```bash
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | awk '/^deployment-controller-token-/{print $1}') | awk '$1=="token:"{print $2}'
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')
```

This gave me a massive thing of text but hey, it works. So that's nice.
This gave me a massive thing of text but hey, it works. So that's nice. I pasted it in the 'token' field on the dash and finally, I'm at a dashboard. It's showtime.

## The Cloud ~~as a~~ at your service.

All of my previous work with cloud... things have been through docker swarm on on a standard Ubuntu server.

And by god this blows all of that out of the water.


Loading…
Cancel
Save