k8s配置界面化工具dashboard
集群(操作系统是centos7.x):类型主机名ipMastermaster192.168.0.1Nodeclient1192.168.0.2Nodeclient2192.168.0.3以下操作都在master上执行:镜像下载[root@master ~]# docker pull docker....
集群(操作系统是centos7.x):
| 类型 | 主机名 | ip |
|---|---|---|
| Master | master | 192.168.0.1 |
| Node | client1 | 192.168.0.2 |
| Node | client2 | 192.168.0.3 |
以下操作都在master上执行:
镜像下载
[root@master ~]# docker pull docker.io/siriuszg/kubernetes-dashboard-amd64:v1.5.1 [root@master ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure
配置dashboard
1、修改配置文件
需要以下两个kubernetes-dashboard和dashboard-service
需修改images和增加- --apiserver-host=http://192.168.0.1:8080
[root@master zyl]# vi kubernetes-dashboard.yaml
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
labels:
app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: kubernetes-dashboard
template:
metadata:
labels:
app: kubernetes-dashboard
# Comment the following annotation if Dashboard must not be deployed on master
annotations:
scheduler.alpha.kubernetes.io/tolerations: |
[
{
"key": "dedicated",
"operator": "Equal",
"value": "master",
"effect": "NoSchedule"
}
]
spec:
containers:
- name: kubernetes-dashboard
image: docker.io/siriuszg/kubernetes-dashboard-amd64:v1.5.1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9090
protocol: TCP
args:
# Uncomment the following line to manually specify Kubernetes API server Host
# If not specified, Dashboard will attempt to auto discover the API server and connect
# to it. Uncomment only if the default does not work.
- --apiserver-host=http://192.168.0.1:8080
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
vi dashboard-service.yaml
#不需要做修改 kind: Service apiVersion: v1 metadata: labels: app: kubernetes-dashboard name: kubernetes-dashboard namespace: kube-system spec: type: NodePort ports: - port: 80 targetPort: 9090 selector: app: kubernetes-dashboard
2、启动dashboard
[root@master ~]# kubectl create -f kubernetes-dashboard.yaml [root@master ~]# kubectl create -f dashboard-service.yaml
停止dashboard:
[root@master zyl]# kubectl delete -f kubernetes-dashboard.yaml [root@master zyl]# kubectl delete -f dashboard-service.yaml
3、验证
[root@master ~]# kubectl get deployment --all-namespaces [root@master ~]# kubectl get svc --all-namespaces 查看pod运行状态 [root@master ~]# kubectl get pod -o wide --all-namespaces NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE kube-system kubernetes-dashboard-95068868-t4lhd 0/1 ContainerCreating 0 4m <none> bigdata005
日志查看和问题定位过程
[root@master zyl]# kubectl logs -f kubernetes-dashboard-95068868-t4lhd -n kube-system
详细日志
[root@master zyl]# kubectl describe pod kubernetes-dashboard-95068868-6ldvl -n kube-system
Events:
FirstSeen LastSeen Count From SubObjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
22h 22h 5 {kubelet bigdata005} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request. details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"
解决方案:重新拉取
[root@master zyl]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
该文件是个软连接,链接目标是/etc/rhsm,查看没有rhsm,尝试卸载yum remove *rhsm* 再安装 yum install *rhsm*,出现相关软件,所以安装查看产生了/etc/rhsm文件夹,重新安装docker没有了,所以
备份:cp /etc/rhsm/ca/redhat-uep.pem /tmp
[root@master zyl]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ...
latest: Pulling from registry.access.redhat.com/rhel7/pod-infrastructure
26e5ed6899db: Downloading [===============> ] 22.97 MB/74.87 MB
66dbe984a319: Download complete
9138e7863e08: Download complete
参考文档:https://www.cnblogs.com/guyeshanrenshiwoshifu/p/9147238.html
备份:cp /etc/rhsm/ca/redhat-uep.pem /tmp,复制到对应的Node的/etc/rhsm/ca/redhat-uep.pem下
4、界面查看
浏览器输入:http://192.168.0.1:8080/ui
5、删除应用
删除有问题的pod,会自动重新安装
$ kubectl delete pod kube-dns-6f4fd4bdf-qdhqb -n kube-system
问题
1、Error: dial tcp
Error: 'dial tcp 10.8.2.2:9090: getsockopt: connection timed out' Trying to reach: 'http://10.8.2.2:9090/'
解决方案:
在node节点上,而不是master上执行下面命令:
[root@bigdata005 ~]# iptables -L -n Chain INPUT (policy ACCEPT) target prot opt source destination KUBE-FIREWALL all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP) target prot opt source destination
以上命令系统重启后就失效了或者 echo "net.ipv4.ip_forward = 1" >>/usr/lib/sysctl.d/50-default.conf
cat /usr/lib/sysctl.d/50-default.conf | grep forward,
然后在master节点上访问 curl -i http://172.17.26.2:9090 可以访问。
2.创建完成kebernetes dashboard后,发现进入http://IP:8080/ui是相关的提示信息,而不是kebernetes dashboard的页面
解决方案:
检查发现apiserver接入有问题,在master端修改了/etc/kubernetes/apiserver的相关文件KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
删除了ServiceAccount
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
3
0- 0
已为社区贡献2条内容
所有评论(0)