k8s组件-UI界面Dashboard搭建
一、Dashboard简介dashboard是基于Web的Kubernetes用户界面。可以使用dashboard将容器化应用程序部署到Kubernetes集群,对容器化应用程序进行故障排除,以及管理集群资源。可以使用dashboard来概述群集上运行的应用程序,以及创建或修改单个Kubernetes资源(例如部署、任务、守护进程等)。可以使用部署向导扩展部署,启动滚动更新,重新启动Pod或部署.
·
一、Dashboard简介
dashboard是基于Web的Kubernetes用户界面。可以使用dashboard将容器化应用程序部署到Kubernetes集群,对容器化应用程序进行故障排除,以及管理集群资源。可以使用dashboard来概述群集上运行的应用程序,以及创建或修改单个Kubernetes资源(例如部署、任务、守护进程等)。可以使用部署向导扩展部署,启动滚动更新,重新启动Pod或部署新应用程序。
dashboard还提供有关群集中Kubernetes资源状态以及可能发生的任何错误的信息。
二、Dashboard部署
2.1 下载yaml
1 [root@master ~]# mkdir dashboard #建议将yaml存储到本地
2 [root@master ~]# cd dashboard/
3 [root@master dashboard]# wget https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended/kubernetes-dashboard.yaml
2.2 修改为国内源
1 [root@master ~]# cd dashboard/
2 [root@master dashboard]# vim kubernetes-dashboard.yaml
3 ……
4 image: ydtong/kubernetes-dashboard-amd64:v1.10.1
5 ……
提示:将yaml文件中的image字段修改为ydtong/kubernetes-dashboard-amd64:v1.10.1
service模块配置暴露k8s集群外部访问端口,配置如下:
# ------------------- Dashboard Service ------------------- #
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
type: NodePort
ports:
- port: 443
targetPort: 8443
nodePort: 30001
selector:
k8s-app: kubernetes-dashboard
- 提示:添加
type字段,并将其修改为NodePort
2.3启动Dashboard
[root@master dashboard]# kubectl apply -f kubernetes-dashboard.yaml
secret/kubernetes-dashboard-certs created
serviceaccount/kubernetes-dashboard created
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
deployment.apps/kubernetes-dashboard created
service/kubernetes-dashboard created
删除配置文件命令:
kubectl delete -f kubernetes-dashboard.yaml
2.4访问web界面
node节点地址:https://192.168.10.134:30001
- 提示:或者登录master节点也可以,一定要使用https登录
2.5、使用令牌登录(需要创建能够访问 Dashboard 的用户)
创建account.yaml文件,配置如下:
# Create Service Account
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system
---
# Create ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kube-system
创建用户命令:
[root@master yaml]# kubectl create -f account.yaml
获取tocken:
[root@master dashboard]# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
Name: admin-user-token-vck2j
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: admin-user
kubernetes.io/service-account.uid: b8ec1ba2-1b36-11ea-85a5-080027f16b5b
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1025 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLXZjazJqIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJiOGVjMWJhMi0xYjM2LTExZWEtODVhNS0wODAwMjdmMTZiNWIiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.BHKsuojE4dazrj831eLdTGLMrMtYX7__398cOv43r0AMyBQZZVj8dgYLo-_NjZZ77BCNt4KnaUDg0kirW-wv8iHL7bIroZ3H-YUrJlNcNqocQ_PYEcmY6MSCtTXjwRCTe-j5SQ49CYhZg8MIf2T_SFSVwYxsiP9eCr0yQ411drXjFwLduFkBvHw7AyQ6cBz55S8pTSOuNr-0yENAWCYrhjtNrZjjvijtlJvGug6uUYGj-lRBfYxkD9nlqG8xn8C8_tHuQCTBGaPuZJNa9bgvWNJE0L4qzax8t-fjzmP5m1311aOHL5NlvgFFp3qFvN3kKcWu6PGa55Ecz9f4fcQfZA
3.最终界面如下所示:
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
1
0- 0
已为社区贡献3条内容
所有评论(0)