• Windows玩转Kubernetes系列4-搭建K8S Dashboard


    下载官方yaml文件

    最新的配置文件v2.0.0-beta8版本recommended.yaml,UI地址

    wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml
    

    原文件:

    kind: Service
    apiVersion: v1
    metadata:
      labels:
        k8s-app: kubernetes-dashboard
      name: kubernetes-dashboard
      namespace: kubernetes-dashboard
    spec:
      ports:
        - port: 443
          targetPort: 8443
      selector:
        k8s-app: kubernetes-dashboard
    
    

    修改为:

    kind: Service
    apiVersion: v1
    metadata:
      labels:
        k8s-app: kubernetes-dashboard
      name: kubernetes-dashboard
      namespace: kubernetes-dashboard
    spec:
      type: NodePort #新增
      ports:
        - port: 443
          nodePort: 30001 #新增
          targetPort: 8443
      selector:
        k8s-app: kubernetes-dashboard
    

    原文件内容

    spec:
      containers:
        - name: kubernetes-dashboard
          image: kubernetesui/dashboard:v2.0.0-beta8
          imagePullPolicy: Always
          ports:
            - containerPort: 8443
              protocol: TCP
    

    修改为:

    spec:
      # nodeName: master.node 指定到master节点,指不指定根据需要
      containers:
        - name: kubernetes-dashboard
          image: kubernetesui/dashboard:v2.0.0-beta8
          # imagePullPolicy: Always
          imagePullPolicy: IfNotPresent #不存在再下载
          ports:
            - containerPort: 8443
              protocol: TCP
    

    下载镜像和启动

    在master节点执行

    docker pull kubernetesui/dashboard:v2.0.0-beta8
    

    执行

    kubectl apply -f recommended.yaml
    

    查看pod和service状态

    kubectl get pods,svc -n kubernetes-dashboard -o wide
    
    kubectl describe po kubernetes-dashboard --namespace=kubernetes-dashboard
    

    如果发现

    kubernetes-dashboard crashloopbackoff

    kubectl get pods --all-namespaces
    
    systemctl stop kubelet
    systemctl stop docker
    iptables --flush
    iptables -tnat --flush
    systemctl start kubelet
    systemctl start docker
    
    kubectl delete -f recommended.yaml
    

    列出所有nodes: kubectl get node
    删除节点:kubectl delete node node3
    查看对应node上的pods信息: kubectl get pods -o wide | grep node3

    重新加入
    在删除的node3对应的服务器上执行:kubeadm reset

    iptables -P INPUT ACCEPT
    iptables -P FORWARD ACCEPT
    iptables -F
    iptables -L -n
    
    mkdir cert
    
    cd cert/
    
    openssl genrsa -out dashboard.key 2048
    openssl req -days 36000   -new -out dashboard.csr    -key dashboard.key   -subj '/CN=**192.168.56.106**'
    
    
    openssl x509 -req -in dashboard.csr -signkey dashboard.key -out dashboard.crt
    
    kubectl create secret generic kubernetes-dashboard-certs     --from-file=dashboard.key     --from-file=dashboard.crt      -n kubernetes-dashboard
    
    

    新建create-admin.yaml

    apiVersion: v1
    kind: ServiceAccount
    metadata:
      name: admin-user
      namespace: kubernetes-dashboard
    
    ---
    
    apiVersion: rbac.authorization.k8s.io/v1
    kind: ClusterRoleBinding
    metadata:
      name: admin-user
    roleRef:
      apiGroup: rbac.authorization.k8s.io
      kind: ClusterRole
      name: cluster-admin
    subjects:
    - kind: ServiceAccount
      name: admin-user
      namespace: kubernetes-dashboard
    

    运行

     kubectl apply -f create-admin.yaml
    

    查看sa和secret

    kubectl get sa,secrets -n kubernetes-dashboard
    
    kubectl describe secret admin-user-token-t79xh -n kubernetes-dashboard
    

    获取token登录成功:

    本文由博客一文多发平台 OpenWrite 发布!

  • 相关阅读:
    linux安装python3.6以后报错处理
    cent07设置服务开机自启
    python进程和线程中的两个锁
    针对Material主题怎么修改 phpstorm 代码编辑器的样式
    CentOS中zip工具的基本使用
    Anaconda退出Base环境
    微擎用户自动回复对应的链接、控制器、模板
    微擎应用模块中的参数设置对应的前端页面
    微擎设置借用权限
    微擎分配不同的用户具有不同应用的操作权限
  • 原文地址:https://www.cnblogs.com/pingyun/p/12342985.html
Copyright © 2020-2023  润新知