diff --git a/docs/guide/dashboard.1.6.3.md b/docs/guide/dashboard.1.6.3.md
index 9a29479..c8cf360 100644
--- a/docs/guide/dashboard.1.6.3.md
+++ b/docs/guide/dashboard.1.6.3.md
@@ -10,8 +10,8 @@
 # 部署dashboard 主yaml配置文件
 $ kubectl create -f /etc/ansible/manifests/dashboard/1.6.3/kubernetes-dashboard.yaml
 # 部署基本密码认证配置[可选]，密码文件位于 /etc/kubernetes/ssl/basic-auth.csv
-$ kubectl create -f /etc/ansible/manifests/dashboard/ui-admin-rbac.yaml
-$ kubectl create -f /etc/ansible/manifests/dashboard/ui-read-rbac.yaml
+$ kubectl create -f /etc/ansible/manifests/dashboard/1.6.3/ui-admin-rbac.yaml
+$ kubectl create -f /etc/ansible/manifests/dashboard/1.6.3/ui-read-rbac.yaml
 ```
 
 请在另外窗口打开 [kubernetes-dashboard.yaml](../../manifests/dashboard/1.6.3/kubernetes-dashboard.yaml)
diff --git a/docs/guide/dashboard.md b/docs/guide/dashboard.md
index 86cc65f..e199356 100644
--- a/docs/guide/dashboard.md
+++ b/docs/guide/dashboard.md
@@ -9,7 +9,7 @@
 
 如果之前已按照本项目部署dashboard1.6.3，先删除旧版本：`kubectl delete -f /etc/ansible/manifests/dashboard/1.6.3/`
 
-新版配置文件参考[官方文档](https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml)
+新版配置文件参考 https://github.com/kubernetes/dashboard
 
 + 增加了通过`api-server`方式访问dashboard
 + 增加了`NodePort`方式暴露服务，这样集群外部可以使用 `https://NodeIP:NodePort` (注意是https不是http，区别于1.6.3版本) 直接访问 dashboard。
@@ -19,9 +19,6 @@
 ``` bash
 # 部署dashboard 主yaml配置文件
 $ kubectl apply -f /etc/ansible/manifests/dashboard/kubernetes-dashboard.yaml
-# [可选]部署基本密码认证配置，使用apiserver 方式访问需要
-$ kubectl apply -f /etc/ansible/manifests/dashboard/ui-admin-rbac.yaml
-$ kubectl apply -f /etc/ansible/manifests/dashboard/ui-read-rbac.yaml
 # 创建可读可写 admin Service Account
 $ kubectl apply -f /etc/ansible/manifests/dashboard/admin-user-sa-rbac.yaml
 # 创建只读 read Service Account
@@ -117,5 +114,5 @@ users:
 
 ### 参考
 
-- 1. [Dashboard Access control](https://github.com/kubernetes/dashboard/wiki/Access-control)
-- 2. [a-read-only-kubernetes-dashboard](https://blog.cowger.us/2018/07/03/a-read-only-kubernetes-dashboard.html)
+- 1.[Dashboard Access control](https://github.com/kubernetes/dashboard/wiki/Access-control)
+- 2.[a-read-only-kubernetes-dashboard](https://blog.cowger.us/2018/07/03/a-read-only-kubernetes-dashboard.html)
diff --git a/manifests/dashboard/ui-admin-rbac.yaml b/manifests/dashboard/1.6.3/ui-admin-rbac.yaml
similarity index 100%
rename from manifests/dashboard/ui-admin-rbac.yaml
rename to manifests/dashboard/1.6.3/ui-admin-rbac.yaml
diff --git a/manifests/dashboard/ui-read-rbac.yaml b/manifests/dashboard/1.6.3/ui-read-rbac.yaml
similarity index 100%
rename from manifests/dashboard/ui-read-rbac.yaml
rename to manifests/dashboard/1.6.3/ui-read-rbac.yaml
diff --git a/roles/kube-master/templates/basic-auth.csv.j2 b/roles/kube-master/templates/basic-auth.csv.j2
index a8ab5c8..c5935bf 100644
--- a/roles/kube-master/templates/basic-auth.csv.j2
+++ b/roles/kube-master/templates/basic-auth.csv.j2
@@ -1 +1,2 @@
 {{ BASIC_AUTH_PASS }},{{ BASIC_AUTH_USER }},1
+{{ BASIC_AUTH_PASS | truncate(8, True) }},{{ readonly }},2