Dashboard V2.6.0 安装 支持k8s 1.24.0
Dashboard V2.6.0 安装 支持k8s 1.24.0
·
1. Dashboard 安装:k8smaster操作
docker pull kubernetesui/dashboard:v2.6.0
docker pull kubernetesui/metrics-scraper:v1.0.8
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.6.0/aio/deploy/recommended.yaml
kubectl get pods --all-namespaces2. 配置 kubernetes-dashboard:k8smaster操作
kubernetes-dashbaord 安装完成后,kubernetes-dashbaord 默认 service 的类型为 ClusterIP,为了能从外部访问控制面板,需要修改为 NodePort 类型
kubectl edit services -n kubernetes-dashboard kubernetes-dashboard将 type 改为 NodePort,添加外部访问端口,保存退出;
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
kind: Service
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"k8s-app":"kubernetes-dashboard"},"name":"kubernetes-dashboard","namespace":"kubernetes-dashboard"},"spec":{"ports":[{"port":443,"targetPort":8443}],"selector":{"k8s-app":"kubernetes-dashboard"}}}
creationTimestamp: "2021-04-11T10:18:54Z"
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
resourceVersion: "33097"
selfLink: /api/v1/namespaces/kubernetes-dashboard/services/kubernetes-dashboard
uid: 38jsd1sd-4045-448b-b70f-mia218mda8s
spec:
clusterIP: 10.102.198.114
ports:
- port: 443
protocol: TCP
targetPort: 8443
# 添加固定端口
nodePort: 30000
selector:
k8s-app: kubernetes-dashboard
sessionAffinity: None
# 修改
type: NodePort
status:
loadBalancer: {}再次查看服务,已成功修改。
kubectl -n kubernetes-dashboard get service kubernetes-dashboard 此时通过 https 访问 30000 端口即可打开 dashboard 控制台,需要 使用token 或 kubeconfig 登录
3. 配置token::k8smaster操作
kubernetes v1.24.0 更新之后进行创建 ServiceAccount 不会自动生成 Secret 需要对其手动创建
创建 ServiceAccount
cat<<EOF | kubectl apply -f -
apiVersion: v1
kind: ServiceAccount
metadata:
name: dashboard-admin
namespace: kube-system
EOF创建 Secret 资源并与 ServiceAccount 关联
cat<<EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
type: kubernetes.io/service-account-token
metadata:
name: dashboard-admin
namespace: kube-system
annotations:
kubernetes.io/service-account.name: "dashboard-admin
"
EOF绑定默认cluster-admin管理员集群角色
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin查看 Secret 详细详细
kubectl describe secrets dashboard-admin -n kube-system显示如下信息
Name: dashboard-admin
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: dashboard-admin
kubernetes.io/service-account.uid: f0305a13-9240-428d-aaa8-52c157087f67
Type: kubernetes.io/service-account-token
Data
====
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6InhoQWpBSV9NT3hNLWh1VkQtcmdjWV9vdkIyOWxYbUlONDNCTjMzemtZd0kifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiZjAzMDVhMTMtOTI0MC00MjhkLWFhYTgtNTJjMTU3MDg3ZjY3Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.QTdnP9MlOobJAUSC3poJQgR8h8CVvZrms-3R_fX_I8YCtaBOCY6LpEh1_gmauhtAwP6QlPiIVs6TDbVNTER0H16o_4NsUid_ap4vXnVc5htZ-ObGVUFvtar8ZT7mOUimYoD3mDMTJXtskcW21ov80KsL8Kmu8SPlU5Jfd9F-VUAwuAb3-J-SZWvuTUm_1s3MMKNfOO7zwOeHfgPNKnEkCcMC6HaRMJ8hCwF64TA1eUXhYAjEZuMjePo6ktVN4SggB-7LVS9XZzNOzWgrSX0gROAvU9HVqsOQfklfRLqmQ9AONO2iwStn-7q3_AMyFVI4tfDoe6zKoG7ehYhQfevHdA
ca.crt: 1099 bytes在web界面中填入token登录
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
1
0- 0
已为社区贡献1条内容
所有评论(0)