Knowledge Base
linbit.com Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  1. Knowledge Base Topics
  2. /
  3. LINSTOR
  4. /
  5. Kubernetes
  6. /
  7. Accessing the LINSTOR GUI From a Kubernetes Cluster

Accessing the LINSTOR GUI From a Kubernetes Cluster

How to access the LINSTOR® GUI within a Kubernetes cluster using a TLS-secured connection

Prerequisites: A deployed and secured LINSTOR cluster. If you need to secure your LINSTOR deployment, follow the instructions in the LINSTOR User’s Guide before proceeding to the steps below.

Fetch the client certificate and key from Kubernetes:

kubectl get secret linstor-op-client-secret -ogo-template='{{index .data tls.key | base64decode }}{{index .data tls.crt | base64decode }}' > client.pem

Convert the fetched certificate to PKCS12 format, because that seems to be the format of choice for browsers. You will need to provide a password, which you should remember for step 3.

openssl pkcs12 -export -out linstor-client.p12 -in client.pem -inkey client.pem

Importing the Certificate in Your Browser

For Mozilla Firefox, go to Settings -> Privacy & Security -> scroll to Certificates -> View Certificates -> Your Certificates -> Import linstor-client.p12 -> enter password from step 2. b. For Chrome, enter chrome://settings/certificates in the address bar -> Import linstor-client.p12 -> enter password from step 2.

Creating a Local Port Forward

To create a local port forward, enter the following command:

kubectl port-forward deploy/linstor-op-cs-controller 3371:3371

Creating a Kubernetes Node Port Service

Browse to https://localhost:3371/ui/ (or wherever else you forwarded it to) ignore the unknown/mismatched/self-signed certificate warning. Your browser should automatically pick up the required client certificate and ask you for an exception confirmation. Confirm and you get full access to the LINSTOR GUI.

Created 2022/10/05 – MAT (based on original content by MW)

Reviewed 2022/11/30 – MDK