一、版本匹配

注意:kubernetes-dashboard的版本一定要跟kubernetes版本对应,在下面url可以查询
https://github.com/kubernetes/dashboard/releases

[root@master defstor]# kubelet --version
Kubernetes v1.15.0

在这里插入图片描述
在这里插入图片描述

二、下载镜像

[root@node1 ~]# docker pull kubernetesui/metrics-scraper:v1.0.1
v1.0.1: Pulling from kubernetesui/metrics-scraper
4689bc3c8a60: Pull complete
d6f7da934d73: Pull complete
ee60d0f2a8a1: Pull complete
Digest: sha256:35fcae4fd9232a541a8cb08f2853117ba7231750b75c2cb3b6a58a2aaa57f878
Status: Downloaded newer image for kubernetesui/metrics-scraper:v1.0.1

三、安装dashboard

[root@ node1]# kubectl delete ns kubernetes-dashboard
[root@ node1]# kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta4/aio/deploy/recommended.yaml

或者

[root@ node1]# wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta4/aio/deploy/recommended.yaml

[root@node1 k8s-dashboard]# kubectl apply -f  dashboardv2.0.0-beta4-recommended.yaml                                                                namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created

卸载

[root@node1 k8s-dashboard]# kubectl delete -f  dashboardv2.0.0-beta4-recommended.yaml

四、修改访问方式

查看dashboard在哪个pod

[root@node1 k8s-dashboard]# kubectl get pod -n kubernetes-dashboard -o wide | grep kubernetes-dashboard
kubernetes-dashboard-6bb65fcc49-754lj       1/1     Running   0          21m   10.244.1.191   node1   <none>           <none>

编辑dashboard服务文件

[root@node1 k8s-dashboard]# kubectl -n kubernetes-dashboard edit svc kubernetes-dashboard
service/kubernetes-dashboard edited

参照如下修改
增加externalIPs,填node1的IP(如果有内外网IP,填写内网IP)
修改Type,将ClusterIP修改为LoadBalancer
保存退出
在这里插入图片描述
在这里插入图片描述

查看dashboard服务端口信息

[root@node1 k8s-dashboard]# kubectl -n kubernetes-dashboard get svc kubernetes-dashboard
NAME                   TYPE           CLUSTER-IP      EXTERNAL-IP     PORT(S)         AGE
kubernetes-dashboard   LoadBalancer   10.106.44.218   172.18.43.245   443:30604/TCP   24m

访问地址http:// EXTERNAL-IP: 30604 (下图80端口映射到了30604)

在这里插入图片描述

五、创建用户

[root@node1 k8s-dashboard]# vi k8s-account.yaml
# Create Service Account
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kube-system
---
# Create ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system

[root@node1 k8s-dashboard]# kubectl apply -f k8s-account.yaml

六、访问Dashboard

获取访问token

[root@node1 k8s-dashboard]# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

Name:         admin-user-token-ctsdh
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: admin-user
              kubernetes.io/service-account.uid: f8c87f74-3dcf-4edd-aacd-15e0d754d3a3

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1025 bytes
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLWN0c2RoIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJmOGM4N2Y3NC0zZGNmLTRlZGQtYWFjZC0xNWUwZDc1NGQzYTMiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.KE0i5Swpf59ruleTplFaqUrL0REnIkTIlSoAIFpvveBSca2kUePQQ6Lov_wlQma8gN74RR97tTfTcKceIIyjUoV_E9U6TYyYqxxDGjoYA_vnRHGNWPYnewC7DuAeCP0K8vW-RYVriVPvbCx5ceIcFxkteo0ksovPDedMs3O9xCxoqZ4ojhAi5qAryAEK5bmIH_G2oiOJSvG5-x7VASuUEkottmbZWi8OeuQ0sWkF0hpnmFPJpYgL0iBRt5iAv6Yw0APQT5BixTqBkqm9s5OBe2cU3KgPg8rlU6NgHI_jSMj60pjS8jkTLM7PufuXOrDbO9PFe_Obs8gPtFtddi7BvA

Name:         istio.admin-user
Namespace:    kube-system
Labels:       <none>
Annotations:  istio.io/service-account.name: admin-user

Type:  istio.io/key-and-cert

Data
====
cert-chain.pem:  1147 bytes

Firefox访问(chrome证书不通过,无法访问)
在这里插入图片描述
选择Token,输入上面获取到的token
在这里插入图片描述

# k8s
Logo
K8S/Kubernetes

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐

【深度】阿里巴巴万级规模 K8s 集群全局高可用体系之美

作者 |  韩堂、柘远、沉醉来源 | 阿里巴巴云原生公众号​前言台湾作家林清玄在接受记者采访的时候,如此评价自己 30 多年写作生涯:“第一个十年我才华横溢,‘贼光闪现’,令周边黯然失色;第二个十年,我终于‘宝光现形’,不再去抢风头,反而与身边的美丽相得益彰;进入第三个十年,繁华落尽见真醇,我进入了‘醇光初现’的阶段,真正体味到了境界之美”。​长夜有穷,真水无香。领略过了 K8s“身在江

avatar K8S/Kubernetes

如何基于 K8s 构建下一代 DevOps 平台?

作者 | 孙健波(天元)导读:当前云原生 DevOps 体系现状如何?面临哪些挑战?如何通过 OAM 解决云原生 DevOps 场景下的诸多问题?云原生开发应用模型 OAM(Open Application Model) 社区核心成员孙健波将为大家一一解答,并分享如何基于 OAM 和 Kubernetes 打造无限能力的下一代 DevOps 平台。什么是 DevOps?为什么基于 Kub

avatar K8S/Kubernetes

k8s 火了!

2020,上云之年,产品云端化成为一种趋势。在一线城市,很多公司都已经构建了自己的私有云环境,比如阿里云、网易云、华为云等。而Kubernetes 作为基于容器编排领域的王者,具备扩展...

avatar K8S/Kubernetes