0c6f172e75
This version required changing the previous access model for dashboard completely but it's a change for the better. Docs were updated. * New login/auth options that use apiserver auth proxying by default * Requires RBAC in `authorization_modes` * Only serves over https * No longer available at https://first_master:6443/ui until apiserver is updated with the https proxy URL: * Can access from https://first_master:6443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login you will be prompted for credentials * Or you can run 'kubectl proxy' from your local machine to access dashboard in your browser from: http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/ * It is recommended to access dashboard from behind a gateway that enforces an authentication token, details and other access options here: https://github.com/kubernetes/dashboard/wiki/Accessing-Dashboard---1.7.X-and-above
31 lines
914 B
YAML
31 lines
914 B
YAML
---
|
|
- name: Kubernetes Apps | Delete old kubernetes-dashboard resources
|
|
kube:
|
|
name: "kubernetes-dashboard"
|
|
kubectl: "{{bin_dir}}/kubectl"
|
|
resource: "{{ item }}"
|
|
state: absent
|
|
with_items: ['ClusterRoleBinding']
|
|
tags:
|
|
- upgrade
|
|
|
|
- name: Kubernetes Apps | Lay down dashboard template
|
|
template:
|
|
src: "{{item.file}}"
|
|
dest: "{{kube_config_dir}}/{{item.file}}"
|
|
with_items:
|
|
- {file: dashboard.yml.j2, type: deploy, name: kubernetes-dashboard}
|
|
register: manifests
|
|
when: inventory_hostname == groups['kube-master'][0]
|
|
|
|
- name: Kubernetes Apps | Start dashboard
|
|
kube:
|
|
name: "{{item.item.name}}"
|
|
namespace: "{{system_namespace}}"
|
|
kubectl: "{{bin_dir}}/kubectl"
|
|
resource: "{{item.item.type}}"
|
|
filename: "{{kube_config_dir}}/{{item.item.file}}"
|
|
state: "latest"
|
|
with_items: "{{ manifests.results }}"
|
|
when: inventory_hostname == groups['kube-master'][0]
|