Issues in accessing microk8s dashboard

Hi All,

I am using microk8s v1.32 on a 3 node cluster and configured CKF v1.10 on it.

$ microk8s.version
MicroK8s v1.32.3 revision 8148

I ended up with an issue where I lost access to CKF UI and cannot access Jupyter notebooks in CKF. The notebooks are attached to K8 PVC volumes where I got data which is not checked-in to git.

Now I am trying to access these volumes via K8 UI and I am seeing errors in K8 UI.
persistentvolumes is forbidden: User "system:serviceaccount:kube-system:default" cannot list resource "persistentvolumes" in API group "" at the cluster scope

I understand kube-system is default and I even tried setting namespace as “kubeflow” (default namespace for kubeflow) and dev-kf-admin (namespace which I ended up creating when jupyter notebooks are created) with no success.

Atleast In default kube-system namespace I should see node related information in cluster. But I am not even able to see the same as shown below.

image1346×661 37 KB

Any help will be greatly appreciated in resolving this issue

Hi, I don’t know the entire context of this, but the error log/line you have provided clearly mentioned the missing role/permissions to list and gather required information to populate the dashboard.

Create a role and binding that allows listing, watching and getting the persistentvolumes for your serviceAccount.

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: <name-your-role>
rules:
- apiGroups:
  - ""
  resources:
  - persistentvolumes
  verbs:
  - get
  - list
  - watch
  
---

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: <name-your-role-binding>
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: <name-your-role>
subjects:
- kind: ServiceAccount
  name: default
  namespace: kube-system

Apply the above yaml and that should fix the error you seeing in the logs. There could be other issues, but looking at the log lines, this is a good place to start.