碼上快樂

相關內容    簡體    繁體

Kubernetes入門(二)——Dashboard 安裝

本文轉載自   查看原文   2020-08-26 20:22   838    Kubernetes

Kubernetes集群搭建完成后,可以通過命令行方式了解集群資源的使用情況,但是這種方式比較笨拙且不直觀,因此考慮給集群安裝Dashboard,這樣能更直觀了解集群狀態。本文Dashboard的整體安裝流程參考的官網安裝文檔,但是在圖形化界面展示部分,官網介紹的比較零散,參考了知乎的一篇文章后才一氣呵成地完成啦~~~

1. 下載yaml文件並安裝 [1]

  • 官網給出的yarml文件很難下載,可先使用筆記本(vpn代理)下載,在把文件上傳到服務器。
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml  
kubectl apply -f recommended.yaml
  • 下載Dashboard依賴鏡像,從recommended.yaml可查到
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/dashboard:v2.0.0  
docker pull kubernetesui/metrics-scraper:v1.0.4  

docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/dashboard:v2.0.0 kubernetesui/dashboard:v2.0.0
docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/dashboard:v2.0.0
  • 查看服務是否正常運行
# kubectl get pods -n kubernetes-dashboard -o wide  
NAME                                         READY   STATUS    RESTARTS   AGE   IP            NODE        NOMINATED NODE   READINESS GATES
dashboard-metrics-scraper-6b4884c9d5-k5j7c   1/1     Running   0          22h   10.20.71.67   10.13.1.2   <none>           <none>
kubernetes-dashboard-7b544877d5-z46tp        1/1     Running   0          45m   10.20.71.69   10.13.1.2   <none>           <none>

2. 本地測試訪問Dashboard

  • 啟動代理
kubectl proxy
  • 由於在linux服務器安裝,沒有圖形界面,可使用curl查看Dashboard網頁
curl http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/

3. 訪問Dashboard圖形化界面 [4]

配置NodePort方式

  • 查看kubernetes-dashboard
# kubectl --namespace=kubernetes-dashboard get service kubernetes-dashboard
NAME                   TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
kubernetes-dashboard   ClusterIP   10.96.191.195   <none>        443/TCP   21h
  • 編輯kubernetes-dashboard
kubectl --namespace=kubernetes-dashboard edit service kubernetes-dashboard
將里面的type: ClusterIP改為type: NodePort即可。
  • 保存后重新查看,TYPE已變成NodePort
# kubectl --namespace=kubernetes-dashboard get service kubernetes-dashboard
NAME                   TYPE       CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE
kubernetes-dashboard   NodePort   10.96.191.195   <none>        443:30454/TCP   21h

生成證書

  • Dashboard安裝完成,改為NodePort形式之后,通過https://10.13.1.3:30454/訪問,會有提示安全的信息。
#新建目錄:
mkdir key && cd key

#生成證書
openssl genrsa -out dashboard.key 2048 

#我這里寫的自己的node1節點,因為我是通過nodeport訪問的;如果通過apiserver訪問,可以寫成自己的master節點ip
openssl req -new -out dashboard.csr -key dashboard.key -subj '/CN=10.13.1.3'
openssl x509 -req -in dashboard.csr -signkey dashboard.key -out dashboard.crt 

#刪除原有的證書secret
kubectl delete secret kubernetes-dashboard-certs -n kubernetes-dashboard

#創建新的證書secret
kubectl create secret generic kubernetes-dashboard-certs --from-file=dashboard.key --from-file=dashboard.crt -n kubernetes-dashboard

#查看pod
kubectl get pod -n kubernetes-dashboard

#重啟pod
kubectl delete pod kubernetes-dashboard-7b544877d5-2xqcr  -n kubernetes-dashboard

創建用戶令牌

Dashboard鏈接打開后,會提示選擇Kubeconfig或Token, 這里選擇Token的登錄方式,下面是創建Token的方法。

  • 創建用戶 [3]
vim admin-user.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard

# 執行命令
kubectl create -f admin-user.yaml
  • 綁定用戶關系
vim admin-user-role-binding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

# 執行命令
kubectl create -f admin-user-role-binding.yam

  • 若執行過程中提示存在或者需要刪除,只需要kubectl delete -f 相應的yaml文件即可

  • 獲取令牌

# kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')
Name:         admin-user-token-r49rb
Namespace:    kubernetes-dashboard
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: admin-user
              kubernetes.io/service-account.uid: c9ddd17d-1ca3-4b10-9d83-f958f4235118

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1025 bytes
namespace:  20 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6ImtsTDY2OENGOGRFaU9PQU8yZURxZDVWZVNxYndIS0NZOWZBTXowT053eWsifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLXI0OXJiIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJjOWRkZDE3ZC0xY2EzLTRiMTAtOWQ4My1mOTU4ZjQyMzUxMTgiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.zlPqNpVgBMdODyL9K7EInK7cME8rG-jXPt-Wd77ghyNGPNmqob_N8k-vj_RkqiDjUOO3hgj0N87mJTe98b2q3Jbb6hEe3wz1GdjRQahohli3K_DsUCQyV7QrOHVV0S0gyaIgiDVTygGXndiw8eKQtiRMuVCeq1_JR0kFbYrC85eTwCx_t1YHJLRf5s4DrkXiS4adFHy2F13riulloK2oG80QtPNpwAcjPZnLsnwUuzDQh5qE7xoDVNNP7X2CNozX7zEv0lQOAdgnnRM1qgxp_giBQ9I0z91wl4BuMs4MmPsaUOV_sR2fXkpOVTMpD-NvUxxHMBBZbiuPk-hH8pAxxQ

輸入令牌打開頁面

選擇Token選項,輸入令牌,點擊登錄,就會發現進入了首頁。

4. 參考資料

1. https://kubernetes.io/zh/docs/tasks/access-application-cluster/web-ui-dashboard/     官網文檔——網頁界面 (Dashboard)
2. https://github.com/kubernetes/dashboard
3. https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md
4. https://zhuanlan.zhihu.com/p/91731765    Web基礎配置篇(十七): Kubernetes dashboard安裝配置


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 kubernetes-dashboard安裝 安裝Kubernetes Dashboard 安裝kubernetes-dashboard Kubernetes Dashboard安裝步驟 利用kubernetes 安裝 Kubernetes Dashboard kubernetes(安裝dashboard) Kubernetes Dashboard 安裝與認證 Kubernetes Dashboard 安裝 kubernetes 1.14安裝部署dashboard Helm 安裝部署Kubernetes的dashboard
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM