Skip to content

Latest commit

 

History

History
35 lines (31 loc) · 3.9 KB

dashboard-arguments.md

File metadata and controls

35 lines (31 loc) · 3.9 KB

Dashboard arguments

Dashboard container accepts multiple arguments that can be used to customize it a bit. In example we are using --auto-generate-certificates flag in our recommended setup YAML files to pass certificates to Dashboard.

Arguments

Argument name Default value Description
insecure-port 9090 The port to listen to for incoming HTTP requests.
port 8443 The secure port to listen to for incoming HTTPS requests.
insecure-bind-address 127.0.0.1 The IP address on which to serve the --insecure-port (set to 127.0.0.1 for all interfaces).
bind-address 0.0.0.0 The IP address on which to serve the --port (set to 0.0.0.0 for all interfaces).
default-cert-dir /certs Directory path containing --tls-cert-file and --tls-key-file files. Used also when auto-generating certificates flag is set. Relative to the container, not the host.
tls-cert-file - File containing the default x509 Certificate for HTTPS.
tls-key-file - File containing the default x509 private key matching --tls-cert-file.
auto-generate-certificates false When set to true, Dashboard will automatically generate certificates used to serve HTTPS.
apiserver-host - The address of the Kubernetes Apiserver to connect to in the format of protocol://address:port, e.g., http://localhost:8080. If not specified, the assumption is that the binary runs inside a Kubernetes cluster and local discovery is attempted.
api-log-level INFO Level of API request logging. Should be one of 'INFO|NONE|DEBUG'.
heapster-host - The address of the Heapster Apiserver to connect to in the format of protocol://address:port, e.g., http://localhost:8082. If not specified, the assumption is that the binary runs inside a Kubernetes cluster and service proxy will be used.
sidecar-host - The address of the Sidecar Apiserver to connect to in the format of protocol://address:port, e.g., http://localhost:8000. If not specified, the assumption is that the binary runs inside a Kubernetes cluster and service proxy will be used.
metrics-provider sidecar Select provider type for metrics. 'none' will not check metrics.
metric-client-check-period 30 Time in seconds that defines how often configured metric client health check should be run.
kubeconfig - Path to kubeconfig file with authorization and master location information.
namespace kube-system When non-default namespace is used, create encryption key in the specified namespace.
token-ttl 900 Expiration time (in seconds) of JWE tokens generated by dashboard. '0' never expires.
authentication-mode token Enables authentication options that will be reflected on login screen. Supported values: token, basic. Note that basic option should only be used if apiserver has '--authorization-mode=ABAC' and '--basic-auth-file' flags set.
enable-insecure-login false When enabled, Dashboard login view will also be shown when Dashboard is not served over HTTPS.
enable-skip-login false When enabled, the skip button on the login page will be shown.
disable-settings-authorizer false When enabled, Dashboard settings page will not require user to be logged in and authorized to access settings page.
locale-config ./locale_conf.json File containing the configuration of locales.
system-banner - When non-empty displays message to Dashboard users. Accepts simple HTML tags.
system-banner-severity INFO Severity of system banner. Should be one of 'INFO|WARNING|ERROR'.

Copyright 2019 The Kubernetes Dashboard Authors