学习kubernetes——部署dashboard
2021-05-04 11:26
标签:rhn sample 参考 temp UNC efault port rbac api 首先参考官方文档:https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/ 官方的安装命令如下: 当有多个节点时,安装到非主节点时,会出现一些问题。dashboard使用https去连接apiServer,由于证书问题会导致dial tcp 10.96.0.1:443: i/o timeout。 把recommended.yaml下载下来,修改一些配置: 注释下面的一些配置 然后执行 会自动下载对应的镜像,如果镜像下载失败,可以去其他地方下载,然后打tag的方式,来安装 执行 kubectl get pods -n kubernetes-dashboard 下面的状态为Running表示安装成功了。 官方地址:https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md 创建dashboard-adminuser.yaml,内容如下: 创建dashboard-adminuser-role-binding.yaml,内容如下: 然后分别执行: 创建token 结果如下: 由于证书问题,我们使用代理的方式来访问 在主节点执行: 结果如下: 由于在虚拟机中,浏览器没法直接访问,添加端口映射: 然后访问:http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login 选择token,输入上面生成的token进行访问 学习kubernetes——部署dashboard 标签:rhn sample 参考 temp UNC efault port rbac api 原文地址:https://www.cnblogs.com/lilinwei340/p/12115469.html 一、安装dashboard
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
spec:
# 增加nodeName,指定安装到主节点。kubernetes-node1为主节点名称
nodeName: kubernetes-node1
containers:
- name: kubernetes-dashboard
image: kubernetesui/dashboard:v2.0.0-beta8
imagePullPolicy: Always
ports:
- containerPort: 8443
protocol: TCP
args:
- --auto-generate-certificates
- --namespace=kubernetes-dashboard
# Uncomment the following line to manually specify Kubernetes API server Host
# If not specified, Dashboard will attempt to auto discover the API server and connect
# to it. Uncomment only if the default does not work.
# - --apiserver-host=http://my-address:port volumes:
- name: kubernetes-dashboard-certs
secret:
secretName: kubernetes-dashboard-certs
- name: tmp-volume
emptyDir: {}
serviceAccountName: kubernetes-dashboard
nodeSelector:
"beta.kubernetes.io/os": linux
# Comment the following tolerations if Dashboard must not be deployed on master
#tolerations:
# - key: node-role.kubernetes.io/master
# effect: NoSchedule
serviceAccountName: kubernetes-dashboard
nodeSelector:
"beta.kubernetes.io/os": linux
# Comment the following tolerations if Dashboard must not be deployed on master
#tolerations:
# - key: node-role.kubernetes.io/master
# effect: NoSchedule
volumes:
kubectl apply -f recommended.yaml
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-745bd6bb57-gf4vn 1/1 Running 0 15m
kubernetes-dashboard-7c8ff6ddc5-v8fck 1/1 Running 1 4h3m
二、创建账号
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard
kubectl apply -f dashboard-adminuser.yaml
kubectl apply -f dashboard-adminuser-role-binding.yaml
三、访问
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk ‘{print $1}‘)
Name: admin-user-token-v57nw
Namespace: kubernetes-dashboard
Labels:
kubectl proxy --address=‘0.0.0.0‘
Starting to serve on [::]:8001