This post summarizes the steps from the official Kubernetes dashboard git repo.

At first we have to deploy the dashboard on our cluster.

kubectl apply -f

To run the proxy for accessing the dasboard run the following command. You can use the –address and –port flag for changing ip and port bindings. and 8001 are anyway the default values.

kubectl proxy --address --port 8001

Now you can access the dasboard at http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/.

Note that the dashboard is only availabe via localhost because it will not be possible to sign in. See the documentation on github.

NOTE: Dashboard should not be exposed publicly using kubectl proxy command as it only allows HTTP connection. For domains other than localhost and it will not be possible to sign in. Nothing will happen after clicking Sign in button on login page.

You can access the dashboard using a secure tunnel.

ssh -L 8001: -N username@

To sign in we need to create a service accout and a role binding.


apiVersion: v1
kind: ServiceAccount
  name: admin-user
  namespace: kube-system
kubectl create -f admin-user.yaml

Or just

kubectl create serviceaccount --namespace kube-system admin-user


kind: ClusterRoleBinding
  name: admin-user
  kind: ClusterRole
  name: cluster-admin
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system
kubectl create -f cluster-role-binding.yaml

Or just

kubectl create clusterrolebinding admin-user --clusterrole=cluster-admin --serviceaccount=kube-system:admin-user

You can get the token with the following command.

kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

With this token you can sign in as the user admin-user.

For more details about creating a service accound and a cluster role binding see the documentation on github.