kubernetes1.5.2--部署dashboard服务

本文基于kubernetes 1.5.2版本编写

使用http方式访问api server的部署

cat dashboard-controller.yaml 
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  labels:
    k8s-app: kubernetes-dashboard
    kubernetes.io/cluster-service: "true"
  name: kubernetes-dashboard
  namespace: kube-system
  selfLink: /apis/extensions/v1beta1/namespaces/kube-system/deployments/kubernetes-dashboard
spec:
  replicas: 1
  selector:
    matchLabels:
      k8s-app: kubernetes-dashboard
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      labels:
        k8s-app: kubernetes-dashboard
    spec:
      containers:
      - args:
        - --apiserver-host=http://192.168.20.128:8080
        image: docker.io/googlecontainer/kubernetes-dashboard-amd64:v1.6.1
        imagePullPolicy: IfNotPresent
        livenessProbe:
          failureThreshold: 3
          httpGet:
            path: /
            port: 9090
            scheme: HTTP
          initialDelaySeconds: 30
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 30
        name: kubernetes-dashboard
        ports:
        - containerPort: 9090
          protocol: TCP
        resources:
          limits:
            cpu: 100m
            memory: 50Mi
          requests:
            cpu: 100m
            memory: 50Mi
      dnsPolicy: ClusterFirst
      restartPolicy: Always 

使用https访问api server部署

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: kubernetes-dashboard
  namespace: kube-system
  labels:
    k8s-app: kubernetes-dashboard
    kubernetes.io/cluster-service: "true"
spec:
  selector:
    matchLabels:
      k8s-app: kubernetes-dashboard
  template:
    metadata:
      labels:
        k8s-app: kubernetes-dashboard
      annotations:
        scheduler.alpha.kubernetes.io/critical-pod: ''
        scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
    spec:
      containers:
      - name: kubernetes-dashboard
        image: docker.io/googlecontainer/kubernetes-dashboard-amd64:v1.6.1
        imagePullPolicy: IfNotPresent
        resources:
          limits:
            cpu: 100m
            memory: 512Mi
          requests:
            cpu: 100m
            memory: 128Mi
        livenessProbe:
          httpGet:
            path: /
            port: 9090
          initialDelaySeconds: 30
          timeoutSeconds: 30
        ports:
        - containerPort: 9090
        args:
        - --apiserver-host=https://192.168.20.128:6443
        - --kubeconfig=/etc/kubernetes/kubelet-config
        volumeMounts:
        - name: config
          mountPath: /etc/kubernetes/kubelet-config
          readOnly: True
        - name: certs
          mountPath: /etc/ssl/kube
          readOnly: True
      volumes:
      - name: certs
        hostPath:
          path: /etc/ssl/kube
      - name: config
        hostPath:
          path: /etc/kubernetes/kubelet-config

service

cat dashboard-service.yaml 
apiVersion: v1
kind: Service
metadata:
  name: kubernetes-dashboard
  namespace: kube-system
  labels:
    k8s-app: kubernetes-dashboard
    kubernetes.io/cluster-service: "true"
spec:
  selector:
    k8s-app: kubernetes-dashboard
  ports:
  - port: 80
targetPort: 9090

kubectl create -f dashboard-controller.yaml kubectl create -f dashboard-service.yaml

访问地址

http：http://192.168.20.128:8080/ui

https：https://192.168.20.128:6443/ui

如果API Server配置文件中没有配置登陆账号和密码（--basic-auth-file=/etc/kubernetes/useraccount.csv），登陆失败； 如果配置了，账号和密码为/etc/kubernetes/useraccount.csv任意中的一个