kubernets集群搭建web管理界面
2021-03-09 03:29
标签:ati 界面 ddb iis 图片 VID resources 角色 clust 一、部署前查看K8S集群状态 二、在master节点部署UI界面 2、推送官方的文件到本地 3.基于yaml文件创建pod资源 kubectl get all //这个all 包含pod、deployment、service和副本replicaset四个资源 查看当前k8s中的角色 查看角色,在配置文件中,角色的命名空间指定的是kube-system,所以查看的时候要-n指定 5.完成后查看创建在指定的kube-system命名空间下 6.查看访问地址 此时访问node节点的ip地址 生成证书后即可正常访问 kubernets集群搭建web管理界面 标签:ati 界面 ddb iis 图片 VID resources 角色 clust 原文地址:https://blog.51cto.com/14557905/2494020[root@master1 ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
192.168.191.131 NotReady
1、创建dashboard工作目录[root@master1 ~]# mkdir /k8s/dashboard
https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/dashboard
五个导入文档详解:
创建这些资源时的步骤:
①身份角色
②安全
③配置映射
④控制器
⑤服务
这里我使用dashboard的1.8.4版本。1.8.4版本中有一个配置文件叫controller.yaml,现在的是1.10版本,名称改deployment.yaml,都是控制器。
[root@master1 ~]# cd /k8s/dashboard/
[root@master1 dashboard]# ls
[root@master1 dashboard]# ls
dashboard-configmap.yaml dashboard-controller.yaml dashboard-rbac.yaml dashboard-secret.yaml dashboard-service.yaml k8s-admin.yaml
命名空间
[root@master1 dashboard]# kubectl get ns
NAME STATUS AGE
default Active 7d23h
kube-public Active 7d23h
kube-system Active 7d23h
[root@master1 dashboard]# kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-dbddb74b8-sx4m6 1/1 Running 0 5d14h
[root@master1 dashboard]# kubectl get pod -n kube-system
No resources found.
[root@master1 dashboard]# kubectl get all #这个all 包含pod、deployment、service和副本replicaset四个个资源
NAME READY STATUS RESTARTS AGE
pod/nginx-dbddb74b8-sx4m6 1/1 Running 0 5d14h
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.0.0.1
[root@master1 dashboard]# kubectl get Role -n kube-system
NAME AGE
extension-apiserver-authentication-reader 7d23h
system::leader-locking-kube-controller-manager 7d23h
system::leader-locking-kube-scheduler 7d23h
system:controller:bootstrap-signer 7d23h
system:controller:cloud-provider 7d23h
system:controller:token-cleaner 7d23h
[root@master1 dashboard]# kubectl create -f dashboard-rbac.yaml
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
[root@master1 dashboard]# kubectl get all
NAME READY STATUS RESTARTS AGE
pod/nginx-dbddb74b8-sx4m6 1/1 Running 0 5d14h
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.0.0.1
[root@master1 dashboard]# kubectl get role -n kube-system
NAME AGE
extension-apiserver-authentication-reader 7d23h
kubernetes-dashboard-minimal 3m
system::leader-locking-kube-controller-manager 7d23h
system::leader-locking-kube-scheduler 7d23h
system:controller:bootstrap-signer 7d23h
system:controller:cloud-provider 7d23h
system:controller:token-cleaner 7d23h
#创建身份角色
[root@localhost dashboard]# kubectl create -f dashboard-rbac.yaml
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
#创建安全管理
[root@localhost dashboard]# kubectl create -f dashboard-secret.yaml
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-key-holder created
#配置映射服务
[root@localhost dashboard]# kubectl create -f dashboard-configmap.yaml
configmap/kubernetes-dashboard-settings created
#创建控制器
#本文创建的是1.84版本所以使用的是controller.yaml,在1.10版本使用的是deployment.yaml,两者都是一样的,都是控制器
[root@localhost dashboard]# kubectl create -f dashboard-controller.yaml
serviceaccount/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
#创建服务
[root@localhost dashboard]# kubectl create -f dashboard-service.yaml
service/kubernetes-dashboard created
[root@localhost dashboard]# kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
kubernetes-dashboard-65f974f565-m9gm8 0/1 ContainerCreating 0 88s
[root@localhost dashboard]# kubectl get pods,svc -n kube-system
NAME READY STATUS RESTARTS AGE
pod/kubernetes-dashboard-65f974f565-m9gm8 1/1 Running 0 2m49s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes-dashboard NodePort 10.0.0.243
发现并不能访问到,因为此时是不信任的证书
7.创建证书[root@localhost dashboard]# vim dashboard-cert.sh
cat > dashboard-csr.json
生成令牌AGE
dashboard-admin-token-vnm9z kubernetes.io/service-account-token 3 65s
default-token-zb8bw kubernetes.io/service-account-token 3 8d
kubernetes-dashboard-certs Opaque 11 162s
kubernetes-dashboard-key-holder Opaque 2 262s
kubernetes-dashboard-token-ctfp9 kubernetes.io/service-account-token 3 62s
#查看令牌
[root@localhost dashboard]# kubectl describe secret dashboard-admin-token-vnm9z -n kube-system
Name: dashboard-admin-token-vnm9z
Namespace: kube-system
Labels:
到这里K8S群集的web管理界面搭建完成了