一、在 master 節點操作
由於 K8s 版本不同,具體去這里查看對應的版本
https://github.com/kubernetes/dashboard/releases
如果使用 wget 命令無法下載,可以使用迅雷下載好上傳到 K8s-Master 節點上
[root@k8s-master01 ~]# wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml
構建 Pod
[root@k8s-master01 dashboard]# kubectl apply -f recommended.yaml
查看 Pod 狀態
[root@k8s-master01 ~]# kubectl get pods --all-namespaces | grep dashboard
NAMESPACE NAME READY STATUS RESTARTS AGE
kubernetes-dashboard dashboard-metrics-scraper-6ddd77bc75-qfddn 1/1 Running 0 37s
kubernetes-dashboard kubernetes-dashboard-8c9c48775-v229s 1/1 Running 0 37s
刪除現有的 dashboard 服務,dashboard 服務的 namespace 是 kubernetes-dashboard,但是該服務的類型是ClusterIP,不便於我們通過瀏覽器訪問,因此需要改成 NodePort 類型的
[root@k8s-master01 dashboard]# kubectl get svc --all-namespaces
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 19h
default nginx-deployment ClusterIP 10.102.181.9 <none> 80/TCP 17h
kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 19h
kubernetes-dashboard dashboard-metrics-scraper ClusterIP 10.108.52.150 <none> 8000/TCP 10s
kubernetes-dashboard kubernetes-dashboard ClusterIP 10.110.11.43 <none> 443/TCP
[root@k8s-master01 dashboard]# kubectl delete service kubernetes-dashboard --namespace=kubernetes-dashboard
service "kubernetes-dashboard" deleted
創建配置文件dashboard-svc.yaml
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
type: NodePort
ports:
- port: 443
targetPort: 8443
selector:
k8s-app: kubernetes-dashboard
創建該 Service
[root@k8s-master01 dashboard]# kubectl apply -f dashboard-svc.yaml
service/kubernetes-dashboard created
再次查看服務
[root@k8s-master01 dashboard]# kubectl get svc --all-namespaces
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 19h
default nginx-deployment ClusterIP 10.102.181.9 <none> 80/TCP 17h
kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 19h
kubernetes-dashboard dashboard-metrics-scraper ClusterIP 10.108.52.150 <none> 8000/TCP 48s
kubernetes-dashboard kubernetes-dashboard NodePort 10.101.88.219 <none> 443:30323/TCP
創建 kubernetes-dashboard 管理員角色,dashboard-svc-account.yaml內容如下:
apiVersion: v1
kind: ServiceAccount
metadata:
name: dashboard-admin
namespace: kube-system
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: dashboard-admin
subjects:
- kind: ServiceAccount
name: dashboard-admin
namespace: kube-system
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io
執行創建
[root@k8s-master01 dashboard]# kubectl apply -f dashboard-svc-account.yaml
serviceaccount/dashboard-admin created
Warning: rbac.authorization.k8s.io/v1beta1 ClusterRoleBinding is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 ClusterRoleBinding
clusterrolebinding.rbac.authorization.k8s.io/dashboard-admin created
獲取 token,就可以在瀏覽器登錄了
[root@k8s-master01 dashboard]# kubectl get secret -n kube-system |grep admin|awk '{print $1}'
dashboard-admin-token-b4frj
[root@k8s-master01 dashboard]# kubectl describe secret dashboard-admin-token-b4frj -n kube-system|grep '^token'|awk '{print $2}'
eyJhbGciOiJSUzI1NiIsImtpZCI6IndDX2MyTE...
二、瀏覽器訪問 K8s Web管理界面
查看外部訪問端口,也就是剛剛我們創建的 Service
[root@k8s-master01 ~]# kubectl get svc --all-namespaces | grep dashboard
瀏覽器輸入https://x.x.x.x:30323
登錄后的界面
參考博客:https://blog.csdn.net/mshxuyi/article/details/108425487