linux环境部署ltmj,基于Centos8的k8s部署安装dashboard
安装部署dashboard1.查看pod运行情况kubectl get pods -A -o wide下载recommended.yaml文件wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml修改recommended.yaml文件vim recommended
安装部署dashboard
1.查看pod运行情况
kubectl get pods -A -o wide
下载recommended.yaml文件
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml
修改recommended.yaml文件
vim recommended.yaml
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
type: NodePort #增加
ports:
- port: 443
targetPort: 8443
nodePort: 30000 #增加
selector:
k8s-app: kubernetes-dashboard
#因为自动生成的证书很多浏览器无法使用,所以我们自己创建,注释掉kubernetes-dashboard-certs对象声明
修改镜像地址
#apiVersion: v1
#kind: Secret
#metadata:
# labels:
# k8s-app: kubernetes-dashboard
# name: kubernetes-dashboard-certs
# namespace: kubernetes-dashboard
#type: Opaque
---
kubectl apply -f recommended.yaml
创建证书mkdir dashboard-certs
cd dashboard-certs/
#创建命名空间
kubectl create namespace kubernetes-dashboard
# 创建key文件
openssl genrsa -out dashboard.key 2048
#证书请求
openssl req -new -out dashboard.csr -key dashboard.key -subj '/CN=dashboard-cert'
#自签证书
openssl x509 -req -days 36000 -in dashboard.csr -signkey dashboard.key -out dashboard.crt
#创建kubernetes-dashboard-certs对象
kubectl create secret generic kubernetes-dashboard-certs --from-file=dashboard.key --from-file=dashboard.crt -n kubernetes-dashboard
删除命名空间:
[[email protected] dashboard-certs]# kubectl get ns | grep kubernetes kubernetes-dashboard Active 10h [[email protected] dashboard-certs]# kubectl delete ns kubernetes-dashboard namespace "kubernetes-dashboard" deleted [[email protected] dashboard-certs]# kubectl get ns | grep kubernetes [[email protected] dashboard-certs]# kubectl get pods -A -o wide
5.安装dashboardkubectl create -f ~/recommended.yaml
[[email protected] dashboard-certs]# kubectl create -f ~/recommended.yaml
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
Error from server (AlreadyExists): error when creating "/root/recommended.yaml": namespaces "kubernetes-dashboard" already exists
Error from server (AlreadyExists): error when creating "/root/recommended.yaml": secrets "kubernetes-dashboard-certs" already exists
注意:这里可能会报如下所示。
Error from server (AlreadyExists): error when creating "./recommended.yaml": namespaces "kubernetes-dashboard" already exists
这是因为我们在创建证书时,已经创建了kubernetes-dashboard命名空间,所以,直接忽略此错误信息即可。
6.查看安装结果[[email protected] dashboard-certs]# kubectl get pods -A -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
default nginx-deployment-7789b77975-m85sx 1/1 Running 0 166m 10.244.2.7 k8s-node02
default nginx-deployment-7789b77975-n5zpc 1/1 Running 0 155m 10.244.1.2 k8s-node01
kube-system coredns-66bff467f8-4pzqn 1/1 Running 2 20h 10.244.0.7 k8s-master
kube-system coredns-66bff467f8-bw2b4 1/1 Running 2 20h 10.244.0.6 k8s-master
kube-system etcd-k8s-master 1/1 Running 3 20h 192.168.253.167 k8s-master
kube-system kube-apiserver-k8s-master 1/1 Running 2 20h 192.168.253.167 k8s-master
kube-system kube-controller-manager-k8s-master 1/1 Running 2 20h 192.168.253.167 k8s-master
kube-system kube-flannel-ds-amd64-k92bk 1/1 Running 9 19h 192.168.253.169 k8s-node02
kube-system kube-flannel-ds-amd64-kf7j7 1/1 Running 2 20h 192.168.253.167 k8s-master
kube-system kube-flannel-ds-amd64-kmg7d 1/1 Running 1 19h 192.168.253.168 k8s-node01
kube-system kube-proxy-4hjbl 1/1 Running 1 19h 192.168.253.168 k8s-node01
kube-system kube-proxy-g2hlg 1/1 Running 2 20h 192.168.253.167 k8s-master
kube-system kube-proxy-kfvgx 1/1 Running 1 19h 192.168.253.169 k8s-node02
kube-system kube-scheduler-k8s-master 1/1 Running 2 20h 192.168.253.167 k8s-master
kubernetes-dashboard dashboard-metrics-scraper-6b4884c9d5-mj8qr 0/1 ContainerCreating 0 84s k8s-node02
kubernetes-dashboard kubernetes-dashboard-7b544877d5-72spd 0/1 ContainerCreating 0 87s k8s-node02
[[email protected] dashboard-certs]# kubectl get service -n kubernetes-dashboard -o wide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
dashboard-metrics-scraper NodePort 10.111.221.30 8000:30000/TCP 2m1s k8s-app=dashboard-metrics-scraper
kubernetes-dashboard ClusterIP 10.105.134.250 443/TCP 2m7s k8s-app=kubernetes-dashboard
7.创建dashboard管理员创建dashboard-admin.yaml文件。
vim dashboard-admin.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
name: dashboard-admin
namespace: kubernetes-dashboard
保存退出后执行如下命令创建管理员。
kubectl create -f ./dashboard-admin.yaml
8.为用户分配权限创建dashboard-admin-bind-cluster-role.yaml文件。
vim dashboard-admin-bind-cluster-role.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: dashboard-admin-bind-cluster-role
labels:
k8s-app: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: dashboard-admin
namespace: kubernetes-dashboard
kubectl create -f ./dashboard-admin-bind-cluster-role.yaml
9.查看并复制用户Token在命令行执行如下命令。
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep dashboard-admin | awk '{print $1}')
具体执行情况如下所示。
[[email protected] dashboard-certs]# kubectl create -f ./dashboard-admin-bind-cluster-role.yaml
clusterrolebinding.rbac.authorization.k8s.io/dashboard-admin-bind-cluster-role created
[[email protected] dashboard-certs]# kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep dashboard-admin | awk '{print $1}')
Name: dashboard-admin-token-dpbz5
Namespace: kubernetes-dashboard
Labels:
Annotations: kubernetes.io/service-account.name: dashboard-admin
kubernetes.io/service-account.uid: 00d333aa-e3fd-455d-b81d-20d7c9de136e
Type: kubernetes.io/service-account-token
Data
====
token: eyJhbGciOiJSUzI1NiIsImtpZCI6Inh3RGxrbUZCakp3RHBvSkg0QkVaVnRZNEgxalFSdlZsQXZXUEh6bHlUR3cifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tZHBiejUiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiMDBkMzMzYWEtZTNmZC00NTVkLWI4MWQtMjBkN2M5ZGUxMzZlIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmVybmV0ZXMtZGFzaGJvYXJkOmRhc2hib2FyZC1hZG1pbiJ9.aJYmXtzuLkr1SvcoxCfisPBDFbWium6qVHL6qsLkqdRS7WYr54cQm20H6Vr1wLr-1QE3g0fENYpLv7SVVEmvXxy5MemWSmJ-gzDGhWnwvMkCnuX3kFOuJL7VLzwwNf31MuO458y8os34BKnfYc3N8Sk4SuyzRhYy3rCJ9lIGa46-bGsSMTtbzWxp1uwOvaec3cG2gmoJjzh7nInNqpNg-G3sD6q8kfiWVUeS1utfjvpw_yECSxL9yz86XgZxopdn7iCODeTYZGzQfy1qKEaHUgwuO0jLgreTPNdsq1BPh6ld2W0b2KloFOqqMJAc5BmX5npCj3fNDOS_QgoWzy4WDA
ca.crt: 1025 bytes
namespace: 20 bytes
[[email protected] ~]# kubectl get services --all-namespaces
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes ClusterIP 10.96.0.1 443/TCP 21h
default nginx-deployment LoadBalancer 10.102.49.213 80:32682/TCP 3h55m
kube-system kube-dns ClusterIP 10.96.0.10 53/UDP,53/TCP,9153/TCP 21h
kubernetes-dashboard dashboard-metrics-scraper NodePort 10.111.221.30 8000:30000/TCP 73m
kubernetes-dashboard kubernetes-dashboard ClusterIP 10.105.134.250 443/TCP 74m
查看dashboard界面 在浏览器中打开链接 https://192.168.253.167:30000 ,如下所示。
这里,我们选择Token方式登录,并输入在命令行获取到的Token,如下所示。
点击登录后进入dashboard,如下所示。
至此,dashboard 2.0.0安装成功。
https://www.processon.com/view/link/5ac64532e4b00dc8a02f05eb?spm=a2c4e.10696291.0.0.6ec019a4bYSFIw#map
[[email protected] ~]# kubectl get pod -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-755f66f567-vbvzc 1/1 Running 0 119m
kubernetes-dashboard-77f89d4675-48zp7 1/1 Running 0 92m
kubernetes-dashboard-77f89d4675-6r87x 0/1 CrashLoopBackOff 23 109m
kubernetes-dashboard-77f89d4675-xv6bq 0/1 CrashLoopBackOff 20 119m
[[email protected] ~]# kubeclt delete pod kubernetes-dashboard-77f89d4675-6r87x
-bash: kubeclt: command not found
[[email protected] ~]# kubectl delete pod kubernetes-dashboard-77f89d4675-6r87x
Error from server (NotFound): pods "kubernetes-dashboard-77f89d4675-6r87x" not found
[[email protected] ~]# kubectl delete pod kubernetes-dashboard-77f89d4675-6r87x -n kubernetes-dashboard
pod "kubernetes-dashboard-77f89d4675-6r87x" deleted
[[email protected] ~]# kubectl delete pod kubernetes-dashboard-77f89d4675-xv6bq -n kubernetes-dashboard
pod "kubernetes-dashboard-77f89d4675-xv6bq" deleted
[[email protected] ~]# kubectl get pod -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-755f66f567-vbvzc 1/1 Running 0 124m
kubernetes-dashboard-77f89d4675-48zp7 1/1 Running 0 98m
kubernetes-dashboard-77f89d4675-s55ct 1/1 Running 1 70s
kubernetes-dashboard-77f89d4675-wbbr9 1/1 Running 0 32s
更多推荐
所有评论(0)