blog に戻る

2020年09月30日 Sumo Logic

Kubernetes Dashboard

Kubernetes, as a platform, is a comprehensive set of tools for orchestrating containers at scale. It consists of a modular architecture of specific components with a defined purpose. For example, the scheduler finds the ideal match for a particular pod and the kube-proxy manages the networking between the nodes and the master.

One of the most useful components is the Kube API server, which is the main interaction point between the master and the external world. It offers a complete set of REST operations from which all other components interface with each other. Having a REST server is also useful for offering Dashboards for managing Kubernetes via a UI. The official Kubernetes team maintains a Web UI Dashboard, which is a quick and convenient way to manage and troubleshoot cluster resources.

Below, we will discuss how to deploy and utilize a standard Kubernetes Dashboard and show the benefits that a Sumologic kubernetes dashboard provides.

Deploying and Utilizing the Dashboard UI

Surprisingly enough, the dashboard itself is a container that accesses the cluster information from within the cluster. For Kubernetes, it is just another resource it needs to manage.

To install it, we need to apply the recommended deployment descriptor file:

$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml

There is also an alternative deployment path with less secure endpoints:

https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/alternative.yaml

Take a look at those yaml files before executing the plan, as it gives you a clearer picture of what we are going to deploy:

  • A namespace: kubernetes-dashboard
  • A service account for the dashboard
  • A service from port 8000:8000
  • A secret
  • A Config map
  • An RBAC role and RoleBinding
  • The main image deployment
  • The metrics scraper deployment

Once the deployment completes, you can establish a proxy connection with the cluster, using the following command:

$ kubectl proxy

Starting to serve on 127.0.0.1:8001

Now navigate to:

http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#/login

You will be presented with this login screen:

We need to select Token here, and use the secret value as stored in the cluster. For convenience, I’ve listed a small script that we use to search for the secret token name and copy the token to the clipboard:

#!/bin/bash
get_k8s_secret() {
k8s_namespace=$1
query_name=$2
echo "query:"
echo " namespace: $k8s_namespace"
echo " query_name: $query_name"
secret_token_name_output=$(kubectl -n "$k8s_namespace" get secret | grep "$query_name" | awk '{print $1}')
if [[ -z "$secret_token_name_output" ]]; then
echo "message: Token name not found"
else
secret_token_name=(${secret_token_name_output//"\n"/ })
if [[ "${#secret_token_name[@]}" -gt 1 ]]; then
echo "message: More than one token found"
echo "secret_names: ${secret_token_name[@]}"
else
k8s_secret=$(kubectl -n "$k8s_namespace" describe secret "$secret_token_name")
token=$(echo "$k8s_secret" | grep -E '^token:' | cut -f2 -d':' | xargs echo -n)
echo "message: Token found! This is copied to your clipboard"
echo "secret_name: $secret_token_name"
echo "secret_token: $token"
$(echo "$token" | pbcopy)
fi
fi
}
for i in "$@"
do
case $i in
-n=*)
NAMESPACE="${i#*=}"
shift # past argument=value
;;
-q=*)
QUERY="${i#*=}"
shift # past argument=value
;;
-d)
DASHBOARD_DEFAULT="true"
shift # help
;;
-h)
HELP="true"
shift # help
;;
*)
# unknown option
;;
esac
done
if [[ "$DASHBOARD_DEFAULT" ]] ; then
get_k8s_secret kube-system kubernetes-dashboard-token
elif [[ "$NAMESPACE" && "$QUERY" ]] ; then
get_k8s_secret "$NAMESPACE" "$QUERY"
elif [[ -z "$DASHBOARD_DEFAULT" || -z "$NAMESPACE" || -z "$QUERY" || "$HELP" ]] ; then
echo -e "You need to set some of the following paramaters:\n"
echo "Usage: $0"
echo -e "\t-d - The Default Dashboard query. The following parameters are set -n 'kube-system' -q 'kubernetes-dashboard-token'"
echo -e "\t-n - The kubernetes namespace"
echo -e "\t-q - The kubernetes secret name to query"
echo -e "\t-h - Help"
exit 1
fi

Here is how we use it:

k8s-token
-d - The Default Dashboard query. The following parameters are set -n 'kube-system' -q 'kubernetes-dashboard-token'
-n - The kubernetes namespace
-q - The kubernetes secret name to query
-h - Help

That should print:

query:
namespace: kube-system
query_name: kubernetes-dashboard-token
message: Token found! This is copied to your clipboard
secret_name: kubernetes-dashboard-token-wxyz
secret_token: eyJhbGciOiJSUzI1NiIsImt…

Once we login we should be able to view the main dashboard page:

Now let’s explore the dashboard in detail.

Navigating through the Dashboard UI

Navigating through the Dashboard layout should be intuitive. There are main sections on the right-hand side for Cluster Management, Workloads, Service Discovery, Config, Storage and Settings.

Each section expands to subsections where we can select individual resources that we can manage. For example:

  • We can easily switch namespaces using the dropdown selection option:
  • We can see all the available nodes from Cluster-> Nodes
  • We can see the list of all pods, and filter by pod label from Workloads->Pods
  • We can see the list of all config maps, and filter by pod label from Config and Storage >Config Maps
  • We can perform additional actions for each item in the list by clicking on the vertical dotted icons on the right-hand side. For example, we have the option to see the logs or scale the deployment:

That concludes the basic navigation of the dashboard. Let’s see how we can create a new resource using the UI this time, and deploy it into the cluster.

Deploying Containerized Applications

We can create a new resource deployment using the plus (+) button on the upper right-hand corner of the screen:

We can then have various options to describe our deployment such as text, file or a generic form. Let’s choose the last option and follow the form steps to deploy a Redis server in our cluster.

Fill in the following fields as depicted in the screenshot below:

If you click on the show advanced options button you can fill in additional properties regarding the deployment:

Once you are ready, click on the Deploy button. You should be able to see the deployment information and its status:

Once the deployment is successful, we should be able to connect to the redis server from within the cluster. For example:

$ kubectl exec -it redisdemo-598d696fb6-mfmhz /bin/sh
/data # ps
PID USER TIME COMMAND
1 redis 0:00 redis-server
16 root 0:00 /bin/sh
21 root 0:00 ps
/data # redis-cli
127.0.0.1:6379> INFO
# Server
redis_version:3.2.7
redis_git_sha1:00000000
redis_git_dirty:0
redis_build_id:10f09fc625258756
redis_mode:standalone
os:Linux 4.14.152-127.182.amzn2.x86_64 x86_64
...

Once we are finished working with this example, we can destroy it using the trash icon:

Kubernetes Dashboards with Sumo Logic

The official Kubernetes Dashboard is a valuable tool when we want to quickly manage and monitor our Cluster. However, out-of-the-box it is very limited, and it quickly becomes a second or third choice. For those that want something more advanced and need enterprise-level support, you can leverage the new Sumo Logic Dashboards for Kubernetes.

Among the many features, they offer integration with the existing Sumo logic Dashboards, so we don’t have to switch tabs and places to monitor our cluster. We have numerous collection options and custom widgets. There are also additional sections, such as a dedicated security overview. This is more favourable than the stock dashboard, which has a set widget layout and looks more primitive.

The benefits of using a custom Dashboard for Kubernetes like Sumo Logic Dashboards, is the improved visibility and more streamlined experience. We have more options for customization coupled with the enterprise-level of support for new features that makes the product more aligned with the business needs.

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.

Navigate Kubernetes with Sumo Logic.

Monitor, troubleshoot and secure your Kubernetes clusters with Sumo Logic Continuous Intelligence solution for Kubernetes.

Chart your course

Sumo Logic

More posts by Sumo Logic.

これを読んだ人も楽しんでいます

ブログ

How to analyze IIS logs for better monitoring

ブログ

Introducing the Sumo Logic Observability suite with distributed tracing - a cornerstone of cloud-native APM

ブログ

Illuminate 2020 Keynote: The What, Where and Why of Issues that Affect Reliable Customer Experiences