集群(操作系统是centos7.x):

类型主机名ip
Mastermaster192.168.0.1
Nodeclient1192.168.0.2
Nodeclient2192.168.0.3

以下操作都在master上执行:

镜像下载

[root@master ~]# docker pull docker.io/siriuszg/kubernetes-dashboard-amd64:v1.5.1
​
[root@master ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure

配置dashboard

1、修改配置文件

需要以下两个kubernetes-dashboard和dashboard-service

需修改images和增加- --apiserver-host=http://192.168.0.1:8080

[root@master zyl]# vi kubernetes-dashboard.yaml 
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
  labels:
    app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kube-system
spec:
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: kubernetes-dashboard
  template:
    metadata:
      labels:
        app: kubernetes-dashboard
      # Comment the following annotation if Dashboard must not be deployed on master
      annotations:
        scheduler.alpha.kubernetes.io/tolerations: |
          [
            {
              "key": "dedicated",
              "operator": "Equal",
              "value": "master",
              "effect": "NoSchedule"
            }
          ]
    spec:
      containers:
      - name: kubernetes-dashboard
        image: docker.io/siriuszg/kubernetes-dashboard-amd64:v1.5.1
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 9090
          protocol: TCP
        args:
          # Uncomment the following line to manually specify Kubernetes API server Host
          # If not specified, Dashboard will attempt to auto discover the API server and connect
          # to it. Uncomment only if the default does not work.
        - --apiserver-host=http://192.168.0.1:8080
        livenessProbe:
          httpGet:
            path: /
            port: 9090
          initialDelaySeconds: 30
          timeoutSeconds: 30

vi dashboard-service.yaml

#不需要做修改
kind: Service
apiVersion: v1
metadata:
  labels:
    app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kube-system
spec:
  type: NodePort
  ports:
  - port: 80
    targetPort: 9090
  selector:
    app: kubernetes-dashboard

2、启动dashboard

[root@master ~]# kubectl create -f kubernetes-dashboard.yaml
[root@master ~]# kubectl create -f dashboard-service.yaml

停止dashboard:

[root@master zyl]# kubectl delete -f kubernetes-dashboard.yaml
[root@master zyl]# kubectl delete -f dashboard-service.yaml

3、验证

[root@master ~]# kubectl get deployment --all-namespaces
[root@master ~]# kubectl get svc  --all-namespaces
​
查看pod运行状态
[root@master ~]# kubectl get pod -o wide --all-namespaces
NAMESPACE     NAME                                  READY     STATUS              RESTARTS   AGE       IP        NODE
kube-system   kubernetes-dashboard-95068868-t4lhd   0/1       ContainerCreating   0          4m        <none>    bigdata005

日志查看和问题定位过程

[root@master zyl]# kubectl logs -f kubernetes-dashboard-95068868-t4lhd -n kube-system
​
详细日志
[root@master zyl]# kubectl describe pod kubernetes-dashboard-95068868-6ldvl -n kube-system
Events:
  FirstSeen     LastSeen        Count   From                    SubObjectPath   Type            Reason          Message
  ---------     --------        -----   ----                    -------------   --------        ------          -------
  22h           22h             5       {kubelet bigdata005}                    Warning         FailedSync      Error syncing pod, skipping: failed to "StartContainer" for "POD" with ErrImagePull: "image pull failed for registry.access.redhat.com/rhel7/pod-infrastructure:latest, this may be because there are no credentials on this request.  details: (open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory)"
  
解决方案:重新拉取
[root@master zyl]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
​
该文件是个软连接,链接目标是/etc/rhsm,查看没有rhsm,尝试卸载yum remove *rhsm* 再安装 yum install *rhsm*,出现相关软件,所以安装查看产生了/etc/rhsm文件夹,重新安装docker没有了,所以
备份:cp /etc/rhsm/ca/redhat-uep.pem /tmp
​
[root@master zyl]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ... 
latest: Pulling from registry.access.redhat.com/rhel7/pod-infrastructure
26e5ed6899db: Downloading [===============>                                   ] 22.97 MB/74.87 MB
66dbe984a319: Download complete 
9138e7863e08: Download complete 
​
参考文档:https://www.cnblogs.com/guyeshanrenshiwoshifu/p/9147238.html

备份:cp /etc/rhsm/ca/redhat-uep.pem /tmp,复制到对应的Node的/etc/rhsm/ca/redhat-uep.pem下

 

4、界面查看

浏览器输入:http://192.168.0.1:8080/ui

5、删除应用

删除有问题的pod,会自动重新安装

$ kubectl delete pod kube-dns-6f4fd4bdf-qdhqb -n kube-system

 

问题

1、Error: dial tcp

Error: 'dial tcp 10.8.2.2:9090: getsockopt: connection timed out'
Trying to reach: 'http://10.8.2.2:9090/'

解决方案:

在node节点上,而不是master上执行下面命令:

[root@bigdata005 ~]# iptables -L -n Chain INPUT (policy ACCEPT) target prot opt source destination KUBE-FIREWALL all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy DROP) target prot opt source destination

以上命令系统重启后就失效了或者 echo "net.ipv4.ip_forward = 1" >>/usr/lib/sysctl.d/50-default.conf

cat /usr/lib/sysctl.d/50-default.conf | grep forward,

然后在master节点上访问 curl -i http://172.17.26.2:9090 可以访问。

 

2.创建完成kebernetes dashboard后,发现进入http://IP:8080/ui是相关的提示信息,而不是kebernetes dashboard的页面

解决方案:

检查发现apiserver接入有问题,在master端修改了/etc/kubernetes/apiserver的相关文件KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"

删除了ServiceAccount

Logo

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐