diff --git a/docs/getting-started.md b/docs/getting-started.md
index 395dde8271c32173a58037d95243b7e8796cd9b1..8dd60671027961926b1516886e774f87052b730b 100644
--- a/docs/getting-started.md
+++ b/docs/getting-started.md
@@ -93,20 +93,29 @@ the Kubernetes [documentation](https://kubernetes.io/docs/tasks/access-applicati
 
 ## Accessing Kubernetes Dashboard
 
-As of kubernetes-dashboard v1.7.x:
+Supported version is kubernetes-dashboard v2.0.x :
 
-- New login options that use apiserver auth proxying of token/basic/kubeconfig by default
-- Requires RBAC in authorization\_modes
+- Login options are : token/kubeconfig by default, basic can be enabled with `kube_basic_auth: true` inventory variable - not recommended because this requires ABAC api-server which is not tested by kubespray team
+- Deployed by default in "kube-system" namespace, can be overriden with `dashboard_namespace: kubernetes-dashboard` in inventory,
 - Only serves over https
-- No longer available at <https://first_master:6443/ui> until apiserver is updated with the https proxy URL
 
-If the variable `dashboard_enabled` is set (default is true), then you can access the Kubernetes Dashboard at the following URL, You will be prompted for credentials:
-<https://first_master:6443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login>
+Access is described in [dashboard docs](https://github.com/kubernetes/dashboard/blob/master/docs/user/accessing-dashboard/1.7.x-and-above.md). With kubespray's default deployment in kube-system namespace, instead of kuberntes-dashboard :
 
-Or you can run 'kubectl proxy' from your local machine to access dashboard in your browser from:
-<http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login>
+- Proxy URL is <http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#/login>
+- kubectl commands must be run with "-n kube-system"
 
-It is recommended to access dashboard from behind a gateway (like Ingress Controller) that enforces an authentication token. Details and other access options here: <https://github.com/kubernetes/dashboard/wiki/Accessing-Dashboard---1.7.X-and-above>
+Accessing through Ingress is highly recommended. For proxy access, please note that proxy must listen to [localhost](https://github.com/kubernetes/dashboard/issues/692#issuecomment-220492484) (`proxy  --address="x.x.x.x"` will not work)
+
+For token authentication, guide to create Service Account is provided in [dashboard sample user](https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md) doc. Still take care of default namespace.
+
+Access can also by achieved via ssh tunnel on a master :
+
+```bash
+# localhost:8081 will be sent to master-1's own localhost:8081
+ssh -L8001:localhost:8001 user@master-1
+sudo -i
+kubectl proxy
+```
 
 ## Accessing Kubernetes API
 
diff --git a/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2 b/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
index aafa87dcc95fc28b292e280b1c106669db4099f4..76729eecc3b7a9b65894910cadd2668e9f2d997e 100644
--- a/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/dashboard.yml.j2
@@ -282,6 +282,7 @@ spec:
       labels:
         k8s-app: kubernetes-metrics-scraper
     spec:
+      priorityClassName: system-cluster-critical
       containers:
         - name: kubernetes-metrics-scraper
           image: {{ dashboard_metrics_scraper_repo }}:{{ dashboard_metrics_scraper_tag }}