k8s 1.14 安装 Dashboard
文章目录下载 Dashboard yaml 文件部署创建简单用户创建服务账号和集群角色绑定配置文件创建用户和角色绑定查看 Token登录 Dashboard k8s 默认没有 web 管理页面,可以通过安装呢 Dashboard 来增加一个管理界面下载 Dashboard yaml 文件$ wget http://pencil-file.oss-cn-hangzhou.aliyuncs...
·
k8s 默认没有 web 管理页面,可以通过安装呢 Dashboard 来增加一个管理界面
下载 Dashboard yaml 文件
$ wget http://pencil-file.oss-cn-hangzhou.aliyuncs.com/blog/kubernetes-dashboard.yaml
--2019-05-06 09:32:11-- http://pencil-file.oss-cn-hangzhou.aliyuncs.com/blog/kubernetes-dashboard.yaml
正在解析主机 pencil-file.oss-cn-hangzhou.aliyuncs.com (pencil-file.oss-cn-hangzhou.aliyuncs.com)... 47.110.177.83
正在连接 pencil-file.oss-cn-hangzhou.aliyuncs.com (pencil-file.oss-cn-hangzhou.aliyuncs.com)|47.110.177.83|:80... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:4577 (4.5K) [application/octet-stream]
正在保存至: “kubernetes-dashboard.yaml”
100%[=================================================================================================================================================================>] 4,577 --.-K/s 用时 0.001s
2019-05-06 09:32:11 (7.07 MB/s) - 已保存 “kubernetes-dashboard.yaml” [4577/4577])
✨打开下载的文件添加一项:type: NodePort
,暴露出去 Dashboard 端口,方便外部访问。
......
# ------------------- Dashboard Service ------------------- #
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
type: NodePort # 新增
ports:
- port: 443
targetPort: 8443
selector:
k8s-app: kubernetes-dashboard
......
部署
$ kubectl create -f kubernetes-dashboard.yaml
$ kubectl get pods --all-namespaces -o wide | grep dashboard
kube-system kubernetes-dashboard-5f7b999d65-h96kl 1/1 Running 1 23h 10.244.0.7 k8s-master <none> <none>
✨这里部署可能存在一个问题,在 yaml 文件 kubernetes-dashboard.yaml
中拉取了一个镜像 k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1
,没有配置 docker 代理网络的可能拉取不下来,这里提供下载,使用 docker load
一下即可。
还需要修改文件里面的镜像拉取方式如下:
......
spec:
containers:
- name: kubernetes-dashboard
image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1
imagePullPolicy: IfNotPresent
......
创建简单用户
创建服务账号和集群角色绑定配置文件
创建 dashboard-adminuser.yaml
文件,加入以下内容:
$ vim dashboard-adminuser.yaml
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-admin
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard-admin
labels:
k8s-app: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard-admin
namespace: kube-system
创建用户和角色绑定
$ kubectl apply -f dashboard-adminuser.yaml
查看 Token
$ kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep kubernetes-dashboard-admin-token | awk '{print $1}')
Name: kubernetes-dashboard-admin-token-kprvh
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: kubernetes-dashboard-admin
kubernetes.io/service-account.uid: a3f1c6f1-6a29-11e9-b485-001c42296049
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1025 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC1hZG1pbi10b2tlbi1rcHJ2aCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC1hZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImEzZjFjNmYxLTZhMjktMTFlOS1iNDg1LTAwMWM0MjI5NjA0OSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTprdWJlcm5ldGVzLWRhc2hib2FyZC1hZG1pbiJ9.k_cdBaDqjKRjPyP5Z8L5UDlvkLztVe8TiudfcmdRJyB4K8PBprx1io1UvJdjb3gFRaV4D3g-OPRzudtc_bJhqBoUeOAZs_kmrytrmix-pvTI8ObF9bVcN8dokEiKgSuBinWN37SPicHeL4CRzdmUYMuB3Q8uewZq5SaFCegIf9l_C_441EV7pZHY5m5AHnFZhdK0wKWLMkq-nGxJ-gTKCl5IsrQwuliP23UXlGi0HGQqLwWiFMLClK-bDYoBU54v5Iwo4HXNnQwNXJeuxSKYCi3KrsAlDgWw_I6dR69mk0OALllNglhfkiuMTdQUdHW2PgqjESLKkbqtpVNi7toyCw
✨保留 token
内容。
登录 Dashboard
- 查看 Dashboard 端口号
$ kubectl get svc -n kube-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 8d
kubernetes-dashboard NodePort 10.98.135.11 <none> 443:31135/TCP 7d10h
- 访问 Dashboard
选择令牌,并输入上文中保留的 token 即可登录
更多推荐
已为社区贡献11条内容
所有评论(0)