碼上歡樂
相關內容    簡體    繁體

kubernetes-dashboard 2.x 版本安裝

本文轉載自   查看原文   2020-09-01 17:29   691    kubernetes

1: 獲取recommended.yaml文件

https://github.com/kubernetes/dashboard/blob/master/aio/deploy/recommended.yaml

2: 修改recommended.taml文件

---
kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  type: NodePort #增加
  ports:
    - port: 443
      targetPort: 8443
      nodePort: 30000 #增加
  selector:
    k8s-app: kubernetes-dashboard
---
#因為自動生成的證書很多瀏覽器無法使用,所以我們自己創建,注釋掉kubernetes-dashboard-certs對象聲明
#apiVersion: v1
#kind: Secret
#metadata:
#  labels:
#    k8s-app: kubernetes-dashboard
#  name: kubernetes-dashboard-certs
#  namespace: kubernetes-dashboard
#type: Opaque
---

TODO:默認的Token失效時間是900秒,也就是每隔15分鍾就要認證一次

Token失效時間可以通過 token-ttl 參數來設置

ports:
- containerPort: 8443
  protocol: TCP
args:
  - --auto-generate-certificates
  - --token-ttl=43200

 

3: 創建證書

mkdir dashboard-certs
cd dashboard-certs/
#創建命名空間
kubectl create namespace kubernetes-dashboard
# 創建key文件
openssl genrsa -out dashboard.key 2048
#證書請求
openssl req -days 36000 -new -out dashboard.csr -key dashboard.key -subj '/CN=dashboard-cert'
#自簽證書
openssl x509 -req -in dashboard.csr -signkey dashboard.key -out dashboard.crt
#創建kubernetes-dashboard-certs對象
kubectl create secret generic kubernetes-dashboard-certs --from-file=dashboard.key --from-file=dashboard.crt -n kubernetes-dashboard

4:創建dashboard

kubectl create -f ~/recommended.yaml

5:創建dashboard管理員

 vim dashboard-admin.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: dashboard-admin
  namespace: kubernetes-dashboard

  kubectl create -f ./dashboard-admin.yaml

6:為用戶分配權限

vim dashboard-admin-bind-cluster-role.yaml

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: dashboard-admin-bind-cluster-role
  labels:
    k8s-app: kubernetes-dashboard
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: dashboard-admin
  namespace: kubernetes-dashboard

kubectl create -f ./dashboard-admin-bind-cluster-role.yaml

9:查看用戶Token

kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep dashboard-admin | awk '{print $1}')

10:打開dashboard

瀏覽器https://ip:30000  選擇token方式登錄

 


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 kubernetes-dashboard安裝 安裝kubernetes-dashboard kubernetes-dashboard安裝yaml kubernetes + kubernetes-dashboard 安裝和各種踩坑 Kubernetes web界面kubernetes-dashboard安裝 【K8S】K8S 1.18.2安裝dashboard(基於kubernetes-dashboard 2.0.0版本) 【K8S】K8S 1.18.2安裝dashboard(基於kubernetes-dashboard 2.0.0版本) K8S 1.20.6安裝dashboard(基於kubernetes-dashboard 2.0.0版本) 部署kubernetes-dashboard 刪除kubernetes-dashboard
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM