在kubernetes中完成的所有操作都可以通过命令行工具kubectl完成。其实,为了提供更丰富的用户体验,kubernetes还开发了一个基于web的用户界面(Dashboard)。用户可以使用Dashboard部署容器化的应用,还可以监控应用的状态,执行故障排查以及管理kubernetes中各种资源

一.部署Dashboard

1.下载yaml,并运行Dashboard

# 下载yaml
[root@k8s-master01 ~]# wget  https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml

# 修改kubernetes-dashboard的Service类型
kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  type: NodePort  # 新增
  ports:
    - port: 443
      targetPort: 8443
      nodePort: 30009  # 新增
  selector:
    k8s-app: kubernetes-dashboard
    
部署
[root@master ~]# kubectl create -f dashboard.yml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created

//查看namespace下的kubernetes-dashboard下的资源
[root@master ~]#  kubectl get pods -n kubernetes-dashboard
NAME                                         READY   STATUS    RESTARTS   AGE
dashboard-metrics-scraper-64bcc67c9c-845w8   1/1     Running   0          53m
kubernetes-dashboard-5c8bd6b59-qzz9h         1/1     Running   0          53m
[root@master ~]#  kubectl get svc -n kubernetes-dashboard
NAME                        TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.98.227.234   <none>        8000/TCP        70m
kubernetes-dashboard        NodePort    10.100.214.30   <none>        443:30001/TCP   70m

部署完成后即可在web网页访问(https)

 2.创建访问账户,获取token

创建账号
//创建user.yml文件
[root@master ~]# cat user.yml 
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard
[root@master ~]# kubectl create -f user.yml 
serviceaccount/admin-user created
[root@master ~]# kubectl get serviceaccount -n kubernetes-dashboard
NAME                   SECRETS   AGE
admin-user             0         18s
default                0         115m
kubernetes-dashboard   0         115m

授权进行角色绑定
[root@master ~]# cat clusterrolebinding.yml 
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

[root@master ~]# kubectl create -f clusterrolebinding.yml 
clusterrolebinding.rbac.authorization.k8s.io/admin-user created
[root@master ~]# kubectl get clusterrolebinding -n kubernetes-dashboard | grep admin
admin-user                                             ClusterRole/cluster-admin                                                          61s
cluster-admin                                          ClusterRole/cluster-admin                                                          12d

获取账号token
[root@master ~]# kubectl -n kubernetes-dashboard create token admin-user
eyJhbGciOiJSUzI1NiIsImtpZCI6IkRKNXA1VFFpQ0lfMTdoc0Q3Sk5WNFJlZmZvYWxXS25DSXRGQWpZQ2FCX1UifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNjYzNTk3ODQ0LCJpYXQiOjE2NjM1OTQyNDQsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbi11c2VyIiwidWlkIjoiYWYyMWEwMjktYWZmNy00OWQ5LTllZGMtYjJhMWQ5YzAyNDkzIn19LCJuYmYiOjE2NjM1OTQyNDQsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDphZG1pbi11c2VyIn0.LQ6AcsiL_ACIbjqzOTHr1qjfcZ7d1bn1DILFaBkQpzinVb-IzDaTcaECSUS06pYHhzGO4t265TD910g4ZyZ9F-7RZX2VaJ9fe6TpGhwnDVCal0N8aPsv7S2bZTAzOxtfyeNnYoHwAfzki5WJsyz2B3HYZrg-TZzewKnH2JVq4VWR8wULlYb4OAJD-_hvcr75syzJwX8hggeibm7xMawk-VGu66mE6R2xsI-CNfzpDmC1HqRNFMGMVL-ZNEDAdqOGDSOie-KVYj-IDnf8eytY8JYVUtoD_bBPtWTUtZaSEc-j7an4dyWJu307lxUPi_o05brkRP4mdIRMlp7V5ZCZiw

3.通过浏览器访问Dashboard的UI

 将token输入,即可登入系统中

至此,部署成功

二. 使用DashBoard

[root@k8s-master manifest]# cat httpd.yml 
apiVersion: v1
kind: Pod
metadata:
  name: pod-pullimage
  namespace: dev
  labels:
    app: httpdlab
spec:
  nodeName: k8s-node2
  containers:
  - name: httpd
    image: httpd:latest
    imagePullPolicy: IfNotPresent
[root@k8s-master manifest]# 
[root@k8s-master manifest]# kubectl apply -f httpd.yml 
pod/pod-pullimage created
[root@k8s-master manifest]# kubectl get -f httpd.yml 
NAME            READY   STATUS    RESTARTS   AGE
pod-pullimage   1/1     Running   0          2s
[root@k8s-master manifest]# kubectl get pods
No resources found in default namespace.
[root@k8s-master manifest]# kubectl get pods -n dev
NAME            READY   STATUS    RESTARTS   AGE
pod-pullimage   1/1     Running   0          15s

 

 删除

创建deploy

 

 

 

 

 

 

测试

[root@k8s-master manifest]# curl 10.104.120.92:8888
<html><body><h1>It works!</h1></body></html>
[root@k8s-master manifest]# 

 修改

 

 访问

[root@k8s-master manifest]# curl 10.104.120.92:8888
<html><body><h1>It works!</h1></body></html>
[root@k8s-master manifest]# kubectl get svc -n dev
NAME   TYPE       CLUSTER-IP      EXTERNAL-IP   PORT(S)          AGE
web1   NodePort   10.104.120.92   <none>        8888:30514/TCP   11m
[root@k8s-master manifest]# 

 

 

 

Logo

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐