Would you like to learn how to install the Kubernetes Dashboard, configure Apache as a proxy, and control the user authentication using Apache? In this tutorial, we are going to show you how to install the Kubernetes Dashboard and enable the use of Apache as the authentication proxy on a computer running Ubuntu Linux.
• Ubuntu 20
• Ubuntu 19
• Ubuntu 18
• Kubernetes 1.18
This tutorial will install a single-node Kubernetes cluster.
In our example, The Kubernetes master node IP address is 192.168.15.200.
Kubernetes - Tutorials
On this page, we offer quick access to a list of tutorials related to Kubernetes.
Tutorial Kubernetes - Master node Installation
Install the list of required packages.
Install the Docker service.
Enable the Docker service during boot.
Edit the Docker service configuration file.
Add the following configuration at the end of the item named: EXECSTART
Here is the file before our configuration.
Here is the file after our configuration.
Create a System configuration file.
Here is the file content.
Enable the System configuration file.
Edit the configuration file named: MODULES.CONF
Add the following configuration at the end of this file.
Edit the FSTAB configuration file and disable the use of Swap memory.
Here is the file before our configuration.
Here is the file after our configuration.
Set a unique hostname.
Create a file to configure the required environment variables.
Here is the file content.
Reboot the computer.
Download and install the Kubernetes repository key.
Add the official Kubernetes repository.
Install the Kubernetes packages.
Download the required Kubernetes images.
Here is the command output.
Initialize the Kubernetes cluster.
Here is the command output.
Take note of the command to add nodes to the Kubernetes cluster.
Set the correct file permission on the Kubernetes configuration file.
Install the required network configuration.
By default, the Kubernetes master node is not allowed to run PODS.
Optionally, enable the Kubernetes master node to run PODS.
In our example, we are using a single-node Kubernetes cluster.
Tutorial - Kubernetes Dashboard installation
Install the list of required packages.
Download the required YAML file.
Install the Kubernetes Dashboard.
Here is the command output.
Create a service account for the Dashboard.
Configure the Cluster admin role to the Dashboard service account.
Create a service account for the Apache proxy.
Configure the Cluster admin role to the Apache proxy account.
List the Apache secret available on the Kubernetes server.
Here is the command output.
Notice that your secret's name will not be the same as ours.
Get the Apache secret token value.
Here is the command output.
Take note of the Apache token value.
In our example, this is the token value:
List the Dashboard service cluster IP address.
Here is the command output.
Take note of the cluster IP address and TCP port.
In our example, the Dashboard cluster is using the TCP port 443 and the IP address 10.107.55.24.
You have finished the required Dashboard configuration.
Kubernetes Proxy - Basic user authentication using Apache
On the Master node, install the Apache server.
Enable the required Apache modules.
Edit the Apache configuration file.
Add the following lines at the end of this file.
Create the Apache password file and add the first user account.
The system will request you to enter the password to the new user account.
Here is the file content.
To create additional user accounts, use the following command.
Create a private key and the certificate using the OpenSSL command.
Enter the requested information.
On the option named COMMON_NAME, you need to enter the IP address or hostname.
In our example, we used the IP address: 192.168.15.200
Convert the existing Kubernetes proxy certificate and its key to a single file using the format PEM.
Edit the Apache configuration file for the default website.
Here is the file, before our configuration.
Here is the file, after our configuration.
Change the IP address of the configuration items named PROXYPASS and PROXYPASSREVERSE to your Dashboard cluster IP address.
Change the token value of the configuration item named REQUESTHEADER to your previously created Apache secret token value.
In our example, we enabled the use of HTTPS using self-signed certificates.
In our example, we configured the use of Apache basic authentication.
Apache will proxy the HTTPS communication between the user and the Dashboard cluster IP address.
Apache will use a certificate and key automatically created during the Kubernetes server installation to perform mutual TLS authentication to the Dashboard.
The Apache server will add a header to all the packets sent to the Dashboard.
This header is named AUTHORIZATION BEARER and contains the secret token previously created to the Apache proxy.
Apache will also redirect HTTP users to the HTTPS version of the URL requested.
Restart the Apache service.
Open your browser and access the HTTPS version of the Apache server IP address.
In our example, the following URL was entered in the Browser:
• https://192.168.15.200
The Apache server will require you to perform the user authentication.
After a successful login, the Kubernetes Dashboard should be presented.
The Apache proxy will automatically perform the authentication on the Kubernetes dashboard using the feature named: AUTH HEADER.
You successfully finished the configuration of Apache as a proxy to the Kubernetes Dashboard.
