[RFE] action and/or configs to expose production-grade k8s dashboard
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Kubernetes Control Plane Charm |
Won't Fix
|
Wishlist
|
Unassigned | ||
Kubernetes Dashboard Operator |
Triaged
|
Medium
|
Unassigned |
Bug Description
There is no clear way to set up a high-available, secure k8s Dashboard.
If we follow k8s documentation, we can see 2 possible paths [1]:
1) NodePort: As per docs, "This way of accessing Dashboard is only recommended for development environments in a single node setup."
2) kubectl proxy
The problem is that (2) will only be available as long as user has "kubectl proxy" running on the background. It is not an out-of-the-box way to expose dashboard for all customer operations team.
(1) would be more complete, as dashboard is exposed as a service, however it is stated as development env-only solution.
Therefore, can we have a way via charm (actions and/or configs) to set up a Dashboard that is:
- HA
- Secure: SSL or TLS access setup
- Production-grade: we set once for the customer and their operations team can always reach and keep an eye on that dashboard
[1] https:/
Additional discussion in https:/ /bugs.launchpad .net/charm- kubernetes- master/ +bug/1838734