• K8s dashboard安装

    一、在 master 节点操作
    由于 K8s 版本不同,具体去这里查看对应的版本

    https://github.com/kubernetes/dashboard/releases


    如果使用 wget 命令无法下载,可以使用迅雷下载好上传到 K8s-Master 节点上

    [root@k8s-master01 ~]# wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml
    构建 Pod

    [root@k8s-master01 dashboard]# kubectl apply -f recommended.yaml
    查看 Pod 状态

    [root@k8s-master01 ~]# kubectl get pods --all-namespaces | grep dashboard
    NAMESPACE NAME READY STATUS RESTARTS AGE
    kubernetes-dashboard dashboard-metrics-scraper-6ddd77bc75-qfddn 1/1 Running 0 37s
    kubernetes-dashboard kubernetes-dashboard-8c9c48775-v229s 1/1 Running 0 37s

    删除现有的 dashboard 服务,dashboard 服务的 namespace 是 kubernetes-dashboard,但是该服务的类型是ClusterIP,不便于我们通过浏览器访问,因此需要改成 NodePort 类型的

    [root@k8s-master01 dashboard]# kubectl get svc --all-namespaces
    NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
    default kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 19h
    default nginx-deployment ClusterIP 10.102.181.9 <none> 80/TCP 17h
    kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 19h
    kubernetes-dashboard dashboard-metrics-scraper ClusterIP 10.108.52.150 <none> 8000/TCP 10s
    kubernetes-dashboard kubernetes-dashboard ClusterIP 10.110.11.43 <none> 443/TCP
    [root@k8s-master01 dashboard]# kubectl delete service kubernetes-dashboard --namespace=kubernetes-dashboard
    service "kubernetes-dashboard" deleted
    创建配置文件dashboard-svc.yaml

    kind: Service
    apiVersion: v1
    metadata:
    labels:
    k8s-app: kubernetes-dashboard
    name: kubernetes-dashboard
    namespace: kubernetes-dashboard
    spec:
    type: NodePort
    ports:
    - port: 443
    targetPort: 8443
    selector:
    k8s-app: kubernetes-dashboard
    创建该 Service

    [root@k8s-master01 dashboard]# kubectl apply -f dashboard-svc.yaml
    service/kubernetes-dashboard created
    再次查看服务

    [root@k8s-master01 dashboard]# kubectl get svc --all-namespaces
    NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
    default kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 19h
    default nginx-deployment ClusterIP 10.102.181.9 <none> 80/TCP 17h
    kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 19h
    kubernetes-dashboard dashboard-metrics-scraper ClusterIP 10.108.52.150 <none> 8000/TCP 48s
    kubernetes-dashboard kubernetes-dashboard NodePort 10.101.88.219 <none> 443:30323/TCP

    创建 kubernetes-dashboard 管理员角色,dashboard-svc-account.yaml内容如下:

    apiVersion: v1
    kind: ServiceAccount
    metadata:
    name: dashboard-admin
    namespace: kube-system
    ---
    kind: ClusterRoleBinding
    apiVersion: rbac.authorization.k8s.io/v1beta1
    metadata:
    name: dashboard-admin
    subjects:
    - kind: ServiceAccount
    name: dashboard-admin
    namespace: kube-system
    roleRef:
    kind: ClusterRole
    name: cluster-admin
    apiGroup: rbac.authorization.k8s.io
    执行创建

    [root@k8s-master01 dashboard]# kubectl apply -f dashboard-svc-account.yaml
    serviceaccount/dashboard-admin created
    Warning: rbac.authorization.k8s.io/v1beta1 ClusterRoleBinding is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 ClusterRoleBinding
    clusterrolebinding.rbac.authorization.k8s.io/dashboard-admin created
    获取 token,就可以在浏览器登录了

    [root@k8s-master01 dashboard]# kubectl get secret -n kube-system |grep admin|awk '{print $1}'
    dashboard-admin-token-b4frj
    [root@k8s-master01 dashboard]# kubectl describe secret dashboard-admin-token-b4frj -n kube-system|grep '^token'|awk '{print $2}'
    eyJhbGciOiJSUzI1NiIsImtpZCI6IndDX2MyTE...
    二、浏览器访问 K8s Web管理界面
    查看外部访问端口,也就是刚刚我们创建的 Service

    [root@k8s-master01 ~]# kubectl get svc --all-namespaces | grep dashboard

    浏览器输入https://x.x.x.x:30323


    登录后的界面


    参考博客:https://blog.csdn.net/mshxuyi/article/details/108425487
    ————————————————
    版权声明:本文为CSDN博主「申请二进制」的原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接及本声明。
    原文链接:https://blog.csdn.net/qq_40913508/article/details/118850227

    三、查看dashboard token

    kubectl -n kube-system describe $(kubectl -n kube-system get secret -n kube-system -o name | grep namespace) | grep token

    安装V2.5.1

    wget -c https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.1/aio/deploy/recommended.yaml
    crictl pull  registry.cn-hangzhou.aliyuncs.com/google_containers/dashboard:v2.5.1
    crictl pull kubernetesui/metrics-scraper:v1.0.7
    ctr -n k8s.io image tag registry.cn-hangzhou.aliyuncs.com/google_containers/dashboard:v2.5.1 kubernetesui/dashboard:v2.5.1
    vi recommended.yaml

    spec:
    type: NodePort
    ports:
    - port: 443
    targetPort: 8443
    selector:
    k8s-app: kubernetes-dashboard

    kubectl apply -f recommended.yaml

    kubectl get pods -n kubernetes-dashboard -o wide

    vim admin-user.yaml
    apiVersion: v1
    kind: ServiceAccount
    metadata:
    name: admin-user
    namespace: kubernetes-dashboard

    # 执行命令
    kubectl create -f admin-user.yaml

    vim admin-user-role-binding.yaml
    apiVersion: rbac.authorization.k8s.io/v1
    kind: ClusterRoleBinding
    metadata:
    name: admin-user
    roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: ClusterRole
    name: cluster-admin
    subjects:
    - kind: ServiceAccount
    name: admin-user
    namespace: kubernetes-dashboard

    # 执行命令
    kubectl create -f admin-user-role-binding.yam

    https://192.168.230.129:31401/

    输入token

    kubectl -n kube-system describe $(kubectl -n kube-system get secret -n kube-system -o name | grep namespace) | grep token
  • 相关阅读:
    线程访问ui,托管
    获取当前线程id
    线程访问ui,使用委托方式
    python的reflect反射方法
    python读写Excel文件(xlrd、xlwr)
    基于python+selenium的框架思路(二)
    基于python+selenium的框架思路
    python之sys.argv
    Django ajax方法提交表单,及后端接受数据
    jenkins+checkstyle
  • 原文地址:https://www.cnblogs.com/beilong/p/15861834.html
Copyright © 2020-2023  润新知