之前一直使用的是命令行,但是又觉得如果连控制台都还没有动手实践过会不会有点low

 

1、安装dashboard

  参阅官网的安装方法,https://github.com/kubernetes/dashboard,安装很简单,如果慢可以使用其它的镜像网站,我这里使用的是mirrorgooglecontainers/kubernetes-dashboard-amd64,然后重新打了k8s.gcr.io/kubernetes-dashboard-amd64的tag

2、暴露服务

  

root@ubuntu-kubeadm-master:~# cat dash-board.yaml 
apiVersion: v1
kind: Service
metadata:
  name: kubernetes-dashboard
  namespace: kube-system
spec:
  type: NodePort
  selector:
    k8s-app: kubernetes-dashboard
  ports:
  - port: 443
    targetPort: 8443

 这里使用的是nodeport的方式,重点是spec.type里和metadata.namespace一定要注明,暴露后即可查看相应的暴露端口,当然自己也可以指定在30000-32767之间的端口

root@ubuntu-kubeadm-master:~# kubectl get svc -n kube-system -o wide
NAME                   TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                  AGE   SELECTOR
kube-dns               ClusterIP   10.96.0.10       <none>        53/UDP,53/TCP,9153/TCP   10d   k8s-app=kube-dns
kubernetes-dashboard   NodePort    10.108.214.161   <none>        443:31912/TCP            10d   k8s-app=kubernetes-dashboard

  即可在集群内任一节点使用https的访问方式进行指定端口的访问

这里使用令牌的方式登录

3、关于令牌的获取首先需要创建一个dashboardadmin,然后使用集群层级的管理员解决将其进行绑定,这里使用yaml的方式

root@ubuntu-kubeadm-master:~# cat k8s-admin.yaml 
apiVersion: v1
kind: ServiceAccount
metadata:
  name: dashboard-admin
  namespace: kube-system
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: dashboard-admin
subjects:
  - kind: ServiceAccount
    name: dashboard-admin
    namespace: kube-system
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io

  4、创建后即可看到相应的密钥

root@ubuntu-kubeadm-master:~# kubectl get secret -n kube-system
NAME                                             TYPE                                  DATA   AGE
attachdetach-controller-token-gf5m7              kubernetes.io/service-account-token   3      10d
bootstrap-signer-token-nwflq                     kubernetes.io/service-account-token   3      10d
certificate-controller-token-4jbjc               kubernetes.io/service-account-token   3      10d
clusterrole-aggregation-controller-token-ck2fl   kubernetes.io/service-account-token   3      10d
coredns-token-676g5                              kubernetes.io/service-account-token   3      10d
cronjob-controller-token-q8g58                   kubernetes.io/service-account-token   3      10d
daemon-set-controller-token-rl5qp                kubernetes.io/service-account-token   3      10d
dashboard-admin-token-95mjj                      kubernetes.io/service-account-token   3      26s   《---- 这里

  5、将里面的token复制贴到网页上即可

root@ubuntu-kubeadm-master:~# kubectl describe secret dashboard-admin-token-95mjj -n kube-system 
Name:         dashboard-admin-token-95mjj
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: dashboard-admin
              kubernetes.io/service-account.uid: 178237ba-6db5-11e9-b6ab-000c299c4717

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1025 bytes
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tOTVtamoiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiMTc4MjM3YmEtNmRiNS0xMWU5LWI2YWItMDAwYzI5OWM0NzE3Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.Tv9_dOSeFfEo4TeNsu0j1-kEbjo6aU3EXj2IID5-gOyRrdypxsjpM8GSgHrod2Nm9JD75hRaZnS39xhIqzOE8NNpumhZuP6TZ-1l3Op3Me96VWVFus2Qi6GzHN28MKHhhRs1VgY9ALBNoAjRLxSvGSoOSbdB8x66z81ErreN02eYQumy-l-KX-eYDEmz3ggGPYqAE3KA0WdB8JaSy7WRuVAtNy3SJtYRbfilVQ-Jn33cnGpv3gkp4YqhpjzvUwzo2DpW-kKQuUL_Y6oZee_bn3Rj4Nv64FMVHDbBnobH3yKaHSRei5SRHZ2LxPlt8HNhSi473gofgeO2SdxEH-KPNg

  6、将token这一段复制进网页完成登录 

 

转载于:https://www.cnblogs.com/baylorqu/p/10807087.html

Logo

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐