dashboard-install.sh

#!/bin/bash

wget https://gist.githubusercontent.com/roberthamel/e3a113b56d84b3516a84f9b4c4d7154a/raw/dashboard.sh
mv dashboard.sh dashboard
chmod +x dashboard
mv dashboard /usr/local/bin/kdash

dashboard.sh

#!/bin/bash

KDASH=https://gist.githubusercontent.com/roberthamel/e3a113b56d84b3516a84f9b4c4d7154a/raw/dashboard.yaml

install() {
  curl -s $KDASH | kubectl apply -f -
  exit 0
}

delete() {
  curl -s $KDASH | kubectl delete -f -
  exit 0
}

[[ $1 == "install" ]] && install
[[ $1 == "delete" ]] && delete

kubectl proxy &
name=$(kubectl -n kube-system get secret | grep kubernetes-dashboard-token | cut -c1-32)
kubectl -n kube-system describe secret $name | grep token: | cut -c13- | pbcopy
echo "token has been saved to the clipboard"
echo
echo "dashboard available..."
echo
echo "http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/"
echo
echo "Press any key to stop"
read tmp && unset tmp
sleep 1
kill -9 $(pgrep kubectl)

dashboard.yaml

apiVersion: v1
kind: List
items:
  - apiVersion: v1
    kind: Secret
    metadata:
      labels:
        k8s-app: kubernetes-dashboard
      name: kubernetes-dashboard-certs
      namespace: kube-system
    type: Opaque
  - apiVersion: v1
    kind: ServiceAccount
    metadata:
      labels:
        k8s-app: kubernetes-dashboard
      name: kubernetes-dashboard
      namespace: kube-system
  - apiVersion: rbac.authorization.k8s.io/v1
    kind: Role
    metadata:
      name: kubernetes-dashboard-minimal
      namespace: kube-system
    rules:
      # Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret.
      - apiGroups: ['']
        resources: ['secrets']
        verbs: ['create']
        # Allow Dashboard to create 'kubernetes-dashboard-settings' config map.
      - apiGroups: ['']
        resources: ['configmaps']
        verbs: ['create']
        # Allow Dashboard to get, update and delete Dashboard exclusive secrets.
      - apiGroups: ['']
        resources: ['secrets']
        resourceNames:
          ['kubernetes-dashboard-key-holder', 'kubernetes-dashboard-certs']
        verbs: ['get', 'update', 'delete']
        # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
      - apiGroups: ['']
        resources: ['configmaps']
        resourceNames: ['kubernetes-dashboard-settings']
        verbs: ['get', 'update']
        # Allow Dashboard to get metrics from heapster.
      - apiGroups: ['']
        resources: ['services']
        resourceNames: ['heapster']
        verbs: ['proxy']
      - apiGroups: ['']
        resources: ['services/proxy']
        resourceNames: ['heapster', 'http:heapster:', 'https:heapster:']
        verbs: ['get']
  - apiVersion: rbac.authorization.k8s.io/v1
    kind: RoleBinding
    metadata:
      name: kubernetes-dashboard-minimal
      namespace: kube-system
    roleRef:
      apiGroup: rbac.authorization.k8s.io
      kind: Role
      name: kubernetes-dashboard-minimal
    subjects:
      - kind: ServiceAccount
        name: kubernetes-dashboard
        namespace: kube-system
  - apiVersion: apps/v1beta2
    kind: Deployment
    metadata:
      labels:
        k8s-app: kubernetes-dashboard
      name: kubernetes-dashboard
      namespace: kube-system
    spec:
      replicas: 1
      revisionHistoryLimit: 10
      selector:
        matchLabels:
          k8s-app: kubernetes-dashboard
      template:
        metadata:
          labels:
            k8s-app: kubernetes-dashboard
        spec:
          containers:
            - name: kubernetes-dashboard
              image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.0
              ports:
                - containerPort: 8443
                  protocol: TCP
              args:
                - --auto-generate-certificates
                # Uncomment the following line to manually specify Kubernetes API server Host
                # If not specified, Dashboard will attempt to auto discover the API server and connect
                # to it. Uncomment only if the default does not work.
                # - --apiserver-host=http://my-address:port
              volumeMounts:
                - name: kubernetes-dashboard-certs
                  mountPath: /certs
                  # Create on-disk volume to store exec logs
                - mountPath: /tmp
                  name: tmp-volume
              livenessProbe:
                httpGet:
                  scheme: HTTPS
                  path: /
                  port: 8443
                initialDelaySeconds: 30
                timeoutSeconds: 30
          volumes:
            - name: kubernetes-dashboard-certs
              secret:
                secretName: kubernetes-dashboard-certs
            - name: tmp-volume
              emptyDir: {}
          serviceAccountName: kubernetes-dashboard
          # Comment the following tolerations if Dashboard must not be deployed on master
          tolerations:
            - key: node-role.kubernetes.io/master
              effect: NoSchedule
  - apiVersion: v1
    kind: Service
    metadata:
      labels:
        k8s-app: kubernetes-dashboard
      name: kubernetes-dashboard
      namespace: kube-system
    spec:
      ports:
        - port: 443
          targetPort: 8443
      selector:
        k8s-app: kubernetes-dashboard
  - apiVersion: rbac.authorization.k8s.io/v1beta1
    kind: ClusterRoleBinding
    metadata:
      name: kubernetes-dashboard
      labels:
        k8s-app: kubernetes-dashboard
    roleRef:
      apiGroup: rbac.authorization.k8s.io
      kind: ClusterRole
      name: cluster-admin
    subjects:
      - kind: ServiceAccount
        name: kubernetes-dashboard
        namespace: kube-system