Kubernetes: Non-HA - Configurando o acesso/exposição ao Dashboard do Kubernetes fora do cluster
Procedimento
Listando os services
# kubectl get services --all-namespaces
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 205d
kube-system calico-typha ClusterIP 10.111.66.183 <none> 5473/TCP 205d
kube-system heapster ClusterIP 10.104.12.27 <none> 80/TCP 196d
kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 205d
kube-system kubernetes-dashboard ClusterIP 10.100.166.52 <none> 443/TCP 196d
kube-system monitoring-grafana ClusterIP 10.109.117.74 <none> 80/TCP 196d
kube-system monitoring-influxdb ClusterIP 10.104.206.228 <none> 8086/TCP 196d
kube-system tiller-deploy ClusterIP 10.109.59.226 <none> 44134/TCP 197d
Expondo o serviço
Edite
kubectl -n kube-system edit service kubernetes-dashboard
Altere type: ClusterIP para
type: NodePort
Salvar
Confirmando o acesso
Através do kubectl describe services
kubectl describe services kubernetes-dashboard --namespace=kube-system | grep NodePort Type: NodePort NodePort: <unset> 31202/TCP
Confirmando com o netstat
# netstat -anp | grep 31202 tcp6 0 0 :::31202 :::* LISTEN 15512/kube-proxy
Confirmando com o lsof
# lsof -i tcp:31202 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME kube-prox 15512 root 7u IPv6 156493583 0t0 TCP *:31202 (LISTEN)
Kubernetes Console --> https://ip_master:31202
Vai ser necessário o token, você obtém ele através do comando:
kubectl -n kube-system describe $(kubectl -n kube-system get secret -n kube-system -o name | grep namespace) | grep token: token: e2.....