k8s的DashBoard
在kubernetes中完成的所有操作都可以通过命令行工具kubectl完成。其实,为了提供更丰富的用户体验,kubernetes还开发了一个基于web的用户界面(Dashboard)。用户可以使用Dashboard部署容器化的应用,还可以监控应用的状态,执行故障排查以及管理kubernetes中各种资源。
·
在kubernetes中完成的所有操作都可以通过命令行工具kubectl完成。其实,为了提供更丰富的用户体验,kubernetes还开发了一个基于web的用户界面(Dashboard)。用户可以使用Dashboard部署容器化的应用,还可以监控应用的状态,执行故障排查以及管理kubernetes中各种资源
一.部署Dashboard
1.下载yaml,并运行Dashboard
# 下载yaml
[root@k8s-master01 ~]# wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml
# 修改kubernetes-dashboard的Service类型
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
type: NodePort # 新增
ports:
- port: 443
targetPort: 8443
nodePort: 30009 # 新增
selector:
k8s-app: kubernetes-dashboard
部署
[root@master ~]# kubectl create -f dashboard.yml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
//查看namespace下的kubernetes-dashboard下的资源
[root@master ~]# kubectl get pods -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-64bcc67c9c-845w8 1/1 Running 0 53m
kubernetes-dashboard-5c8bd6b59-qzz9h 1/1 Running 0 53m
[root@master ~]# kubectl get svc -n kubernetes-dashboard
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
dashboard-metrics-scraper ClusterIP 10.98.227.234 <none> 8000/TCP 70m
kubernetes-dashboard NodePort 10.100.214.30 <none> 443:30001/TCP 70m
部署完成后即可在web网页访问(https)
2.创建访问账户,获取token
创建账号
//创建user.yml文件
[root@master ~]# cat user.yml
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard
[root@master ~]# kubectl create -f user.yml
serviceaccount/admin-user created
[root@master ~]# kubectl get serviceaccount -n kubernetes-dashboard
NAME SECRETS AGE
admin-user 0 18s
default 0 115m
kubernetes-dashboard 0 115m
授权进行角色绑定
[root@master ~]# cat clusterrolebinding.yml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard
[root@master ~]# kubectl create -f clusterrolebinding.yml
clusterrolebinding.rbac.authorization.k8s.io/admin-user created
[root@master ~]# kubectl get clusterrolebinding -n kubernetes-dashboard | grep admin
admin-user ClusterRole/cluster-admin 61s
cluster-admin ClusterRole/cluster-admin 12d
获取账号token
[root@master ~]# kubectl -n kubernetes-dashboard create token admin-user
eyJhbGciOiJSUzI1NiIsImtpZCI6IkRKNXA1VFFpQ0lfMTdoc0Q3Sk5WNFJlZmZvYWxXS25DSXRGQWpZQ2FCX1UifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNjYzNTk3ODQ0LCJpYXQiOjE2NjM1OTQyNDQsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbi11c2VyIiwidWlkIjoiYWYyMWEwMjktYWZmNy00OWQ5LTllZGMtYjJhMWQ5YzAyNDkzIn19LCJuYmYiOjE2NjM1OTQyNDQsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDphZG1pbi11c2VyIn0.LQ6AcsiL_ACIbjqzOTHr1qjfcZ7d1bn1DILFaBkQpzinVb-IzDaTcaECSUS06pYHhzGO4t265TD910g4ZyZ9F-7RZX2VaJ9fe6TpGhwnDVCal0N8aPsv7S2bZTAzOxtfyeNnYoHwAfzki5WJsyz2B3HYZrg-TZzewKnH2JVq4VWR8wULlYb4OAJD-_hvcr75syzJwX8hggeibm7xMawk-VGu66mE6R2xsI-CNfzpDmC1HqRNFMGMVL-ZNEDAdqOGDSOie-KVYj-IDnf8eytY8JYVUtoD_bBPtWTUtZaSEc-j7an4dyWJu307lxUPi_o05brkRP4mdIRMlp7V5ZCZiw
3.通过浏览器访问Dashboard的UI
将token输入,即可登入系统中
至此,部署成功
二. 使用DashBoard
[root@k8s-master manifest]# cat httpd.yml
apiVersion: v1
kind: Pod
metadata:
name: pod-pullimage
namespace: dev
labels:
app: httpdlab
spec:
nodeName: k8s-node2
containers:
- name: httpd
image: httpd:latest
imagePullPolicy: IfNotPresent
[root@k8s-master manifest]#
[root@k8s-master manifest]# kubectl apply -f httpd.yml
pod/pod-pullimage created
[root@k8s-master manifest]# kubectl get -f httpd.yml
NAME READY STATUS RESTARTS AGE
pod-pullimage 1/1 Running 0 2s
[root@k8s-master manifest]# kubectl get pods
No resources found in default namespace.
[root@k8s-master manifest]# kubectl get pods -n dev
NAME READY STATUS RESTARTS AGE
pod-pullimage 1/1 Running 0 15s
删除
创建deploy
测试
[root@k8s-master manifest]# curl 10.104.120.92:8888
<html><body><h1>It works!</h1></body></html>
[root@k8s-master manifest]#
修改
访问
[root@k8s-master manifest]# curl 10.104.120.92:8888
<html><body><h1>It works!</h1></body></html>
[root@k8s-master manifest]# kubectl get svc -n dev
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
web1 NodePort 10.104.120.92 <none> 8888:30514/TCP 11m
[root@k8s-master manifest]#
更多推荐
已为社区贡献3条内容
所有评论(0)