碼上快樂

相關內容    簡體    繁體

學習kubernetes——部署dashboard

本文轉載自   查看原文   2019-12-29 16:56   1049 

  一、安裝dashboard

  首先參考官方文檔:https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/

  官方的安裝命令如下:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml

  當有多個節點時,安裝到非主節點時,會出現一些問題。dashboard使用https去連接apiServer,由於證書問題會導致dial tcp 10.96.0.1:443: i/o timeout。

  把recommended.yaml下載下來,修改一些配置:

  

kind: Deployment
apiVersion: apps/v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      k8s-app: kubernetes-dashboard
  template:
    metadata:
      labels:
        k8s-app: kubernetes-dashboard
    spec:
    # 增加nodeName,指定安裝到主節點。kubernetes-node1為主節點名稱
      nodeName: kubernetes-node1
      containers:
        - name: kubernetes-dashboard
          image: kubernetesui/dashboard:v2.0.0-beta8
          imagePullPolicy: Always
          ports:
            - containerPort: 8443
              protocol: TCP
          args:
            - --auto-generate-certificates
            - --namespace=kubernetes-dashboard
            # Uncomment the following line to manually specify Kubernetes API server Host
            # If not specified, Dashboard will attempt to auto discover the API server and connect
            # to it. Uncomment only if the default does not work.
            # - --apiserver-host=http://my-address:port

  注釋下面的一些配置

  

      volumes:
        - name: kubernetes-dashboard-certs
          secret:
            secretName: kubernetes-dashboard-certs
        - name: tmp-volume
          emptyDir: {}
      serviceAccountName: kubernetes-dashboard
      nodeSelector:
        "beta.kubernetes.io/os": linux
      # Comment the following tolerations if Dashboard must not be deployed on master
 #tolerations: # - key: node-role.kubernetes.io/master
      #    effect: NoSchedule

  

 serviceAccountName: kubernetes-dashboard
      nodeSelector:
        "beta.kubernetes.io/os": linux
      # Comment the following tolerations if Dashboard must not be deployed on master
 #tolerations: # - key: node-role.kubernetes.io/master # effect: NoSchedule
      volumes:

  然后執行

 

kubectl apply -f recommended.yaml

  會自動下載對應的鏡像,如果鏡像下載失敗,可以去其他地方下載,然后打tag的方式,來安裝

  執行 

  kubectl get pods -n kubernetes-dashboard

  下面的狀態為Running表示安裝成功了。

NAME                                         READY   STATUS        RESTARTS   AGE
dashboard-metrics-scraper-745bd6bb57-gf4vn   1/1     Running       0          15m
kubernetes-dashboard-7c8ff6ddc5-v8fck        1/1     Running       1          4h3m

 

 

二、創建賬號

  官方地址:https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md

  創建dashboard-adminuser.yaml,內容如下:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard

  創建dashboard-adminuser-role-binding.yaml,內容如下:

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

  然后分別執行:

  

kubectl apply -f dashboard-adminuser.yaml
kubectl apply -f dashboard-adminuser-role-binding.yaml

 

三、訪問

  創建token

  

kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')

  結果如下:

Name:         admin-user-token-v57nw
Namespace:    kubernetes-dashboard
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: admin-user
              kubernetes.io/service-account.uid: 0303243c-4040-4a58-8a47-849ee9ba79c1

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1066 bytes
namespace:  20 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLXY1N253Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiIwMzAzMjQzYy00MDQwLTRhNTgtOGE0Ny04NDllZTliYTc5YzEiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.Z2JrQlitASVwWbc-s6deLRFVk5DWD3P_vjUFXsqVSY10pbjFLG4njoZwh8p3tLxnX_VBsr7_6bwxhWSYChp9hwxznemD5x5HLtjb16kI9Z7yFWLtohzkTwuFbqmQaMoget_nYcQBUC5fDmBHRfFvNKePh_vSSb2h_aYXa8GV5AcfPQpY7r461itme1EXHQJqv-SN-zUnguDguCTjD80pFZ_CmnSE1z9QdMHPB8hoB4V68gtswR1VLa6mSYdgPwCHauuOobojALSaMc3RH7MmFUumAgguhqAkX3Omqd3rJbYOMRuMjhANqd08piDC3aIabINX6gP5-Tuuw2svnV6NYQ

  

  由於證書問題,我們使用代理的方式來訪問

  在主節點執行:

  

kubectl proxy  --address='0.0.0.0'

  結果如下:

Starting to serve on [::]:8001

  由於在虛擬機中,瀏覽器沒法直接訪問,添加端口映射:

  

 

 

  然后訪問:http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login

  選擇token,輸入上面生成的token進行訪問

 


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 Kubernetes 部署Dashboard UI kubernetes之部署dashboard 和heapster 部署kubernetes-dashboard kubernetes dashboard 2.0 部署 基於kubernetes集群部署DashBoard Kubernetes學習之路(七)之Coredns和Dashboard二進制部署 kubernetes 1.14安裝部署dashboard Helm 安裝部署Kubernetes的dashboard kubernetes 1.14安裝部署dashboard Kubernetes 部署Web UI (Dashboard)
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM