k8s1.33安装dashboard
nodePort: 30366# 指定的 NodePort 端口号。targetPort: 8000# Pod 目标端口。检查服务是否已经更新为NodePort类型,并且新的端口已正确配置。- port: 8000# 服务端口。确保你的防火墙和网络策略允许流量通过这个端口。保存并关闭编辑器以应用更改。
安装dashboard
使用演示
https://www.bilibili.com/video/BV14t421j7Kj/?spm_id_from=333.999.0.0&vd_source=e8310ecbd445559081aae5d6de13aa9b
一,下载dashboard
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml
二,下载后修改CLUSTER-IP 为NodePort,来能够访问网址
以及加上ingress来让访问变为https
[root@k8s1 yaml]# cat recommended.yaml
apiVersion: v1
kind: Namespace
metadata:
name: kubernetes-dashboard
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
---
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
type: NodePort
ports:
- port: 443
targetPort: 8443
selector:
k8s-app: kubernetes-dashboard
---
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-certs
namespace: kubernetes-dashboard
type: Opaque
---
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-csrf
namespace: kubernetes-dashboard
type: Opaque
data:
csrf: ""
---
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-key-holder
namespace: kubernetes-dashboard
type: Opaque
---
kind: ConfigMap
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-settings
namespace: kubernetes-dashboard
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
rules:
- apiGroups: [""]
resources: ["secrets"]
resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"]
verbs: ["get", "update", "delete"]
- apiGroups: [""]
resources: ["configmaps"]
resourceNames: ["kubernetes-dashboard-settings"]
verbs: ["get", "update"]
- apiGroups: [""]
resources: ["services"]
resourceNames: ["heapster", "dashboard-metrics-scraper"]
verbs: ["proxy"]
- apiGroups: [""]
resources: ["services/proxy"]
resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"]
verbs: ["get"]
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
rules:
- apiGroups: ["metrics.k8s.io"]
resources: ["pods", "nodes"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kubernetes-dashboard
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kubernetes-dashboard
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kubernetes-dashboard
---
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
spec:
containers:
- name: kubernetes-dashboard
image: kubernetesui/dashboard:v2.7.0
imagePullPolicy: Always
ports:
- containerPort: 8443
protocol: TCP
args:
- --auto-generate-certificates
- --namespace=kubernetes-dashboard
serviceAccountName: kubernetes-dashboard
nodeSelector:
"kubernetes.io/os": linux
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
---
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: dashboard-metrics-scraper
name: dashboard-metrics-scraper
namespace: kubernetes-dashboard
spec:
ports:
- port: 8000
targetPort: 8000
selector:
k8s-app: dashboard-metrics-scraper
---
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
k8s-app: dashboard-metrics-scraper
name: dashboard-metrics-scraper
namespace: kubernetes-dashboard
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: dashboard-metrics-scraper
template:
metadata:
labels:
k8s-app: dashboard-metrics-scraper
spec:
containers:
- name: dashboard-metrics-scraper
image: kubernetesui/metrics-scraper:v1.0.8
ports:
- containerPort: 8000
protocol: TCP
livenessProbe:
httpGet:
scheme: HTTP
path: /
port: 8000
initialDelaySeconds: 30
timeoutSeconds: 30
volumeMounts:
- mountPath: /tmp
name: tmp-volume
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsUser: 1001
runAsGroup: 2001
serviceAccountName: kubernetes-dashboard
nodeSelector:
"kubernetes.io/os": linux
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
volumes:
- name: tmp-volume
emptyDir: {}
三,创建管理员和创建token来登录dashboard
wget https://raw.githubusercontent.com/cby-chen/Kubernetes/main/yaml/dashboard-user.yaml
[root@k8s1 yaml]# kubectl apply -f dashboard-user.yaml
serviceaccount/admin-user created
clusterrolebinding.rbac.authorization.k8s.io/admin-user created
[root@k8s1 yaml]# kubectl create token admin-user -n kubernetes-dashboard
eyJhbGciOiJSUzI1NiIsImtpZCI6IndRS05Qc2hWZHRSZnFveGliOF9vc2dld2pNRTVIQ2tCT1VBRDNZblRSWkUifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNzIxMTIwMTYyLCJpYXQiOjE3MjExMTY1NjIsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwianRpIjoiM2ZiMmQ3OTAtYTQxOC00NjJjLWI0NTYtMWI0M2M4M2UyYWY0Iiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbi11c2VyIiwidWlkIjoiNDVlYjkyMWEtMDc0NC00ODNkLTliMzQtYTlkMWQ1YzBhYzVkIn19LCJuYmYiOjE3MjExMTY1NjIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDphZG1pbi11c2VyIn0.lyotDMKjewRJ_v39ahznDMPOg2kmvoPm-F3KGAwvVSmqwryQMDka2T-P6Jz9oqI-aojLS37TUHksp8fzP0-cgk-TvXHBUuseWc5egxwysRLqsC6qwwpxHIQw4wGZYaKVKq0a00T6kmMJ1Lz81CEdw8bGwwRyjez0IX3vqNLOsG_LNynvDbegK0s3Ml7rmPnoPWHp0nomM1HQPSLsKk1y-9zeJ75HfqiLjtpWaRX0FtP1g0uxj0-49OoRhhkliU_oJ2ryq6YBGENMJs-YGvSHb5SRoUxZUT3fzIv_PJVNq98QDDNalfEFKB_BcCaOdYLh04HbgA2zQWga5uUzP4v0Kw
- 将token复制到dashboard网页进行登录
辅助文件
1. 修改服务配置
编辑 kubernetes-dashboard-web 服务的配置,确保将 type 设置为 NodePort 并指定一个合适的 nodePort:
kubectl edit svc kubernetes-dashboard-web -n kubernetes-dashboard
在编辑器中修改如下部分:
spec:
type: NodePort
ports:
- port: 8000 # 服务端口
targetPort: 8000 # Pod 目标端口
nodePort: 30366 # 指定的 NodePort 端口号
保存并关闭编辑器以应用更改。
2. 验证更改
检查服务是否已经更新为NodePort类型,并且新的端口已正确配置。
kubectl get svc kubernetes-dashboard-web -n kubernetes-dashboard -o wide
3. 访问服务
使用新配置的NodePort端口来访问 kubernetes-dashboard-web 服务:
http://192.168.1.22:32690/#/login
确保你的防火墙和网络策略允许流量通过这个端口。
开始创建token
eyJhbGciOiJSUzI1NiIsImtpZCI6IndRS05Qc2hWZHRSZnFveGliOF9vc2dld2pNRTVIQ2tCT1VBRDNZblRSWkUifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNzIxMTE1MTU2LCJpYXQiOjE3MjExMTE1NTYsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwianRpIjoiZWU4OTNiODAtMGE0My00MTdmLTlkZDctZWM1ZWY3NjZhZGRkIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbi11c2VyIiwidWlkIjoiZTg0NjEzNjktOTNkMi00NGUzLWE0MzQtZjA0N2ViZGQxY2M0In19LCJuYmYiOjE3MjExMTE1NTYsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDphZG1pbi11c2VyIn0.ASiWiauV9gfr4_4YsKgNRkM6cVj-FoBpApUuoCa7-1a2gvCVRX1FdhuWPOADDThXEzkOWA90Iz4DxhiXfxlKG0eoy1Eizi735enKGKjPvn1mZsDQEf55GJwi-vWM-TCJbLRucpbDjpI3e2MyHSJbFcX-gKsuqUhpMo-8Q2TjCDLIZyLveoM3S87_XjS_Tixsp5HFA0DqkSrSaKj66EdFgQiUnFdt787HnKjGZshcKIAArwEJ_5IL07pdMJUcqhnUuf5L5wFEHuYlS_MvWPU9NAl95IyzEvGFDW0t3C94rZ5mCdufTpilTnsXaMR0qXxJDCKQm0qETUjKAQuh79OpJQ
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
8
0- 0
已为社区贡献3条内容
所有评论(0)