• Kubeadm部署 (3) 测试及创建dashboard

    1.验证集群工作是否正常:
     
    在 Kubernetes 集群中创建一个 pod, 验证是否正常运行:
    $ kubectl create deployment nginx --image=nginx
    $ kubectl expose deployment nginx --port=80 --type=NodePort
    $ kubectl get pod,svc
    访问地址: http://NodeIP:Port

     使用任意节点ip加箭头处端口都能访问nginx首页。

    2.搭建dashboard

    1.下载镜像

    $ docker pull lizhenliang/kubernetes-dashboard-amd64:v1.10.1
    $ docker tag lizhenliang/kubernetes-dashboard-amd64:v1.10.1 10.0.0.106:5000/kubernetes-dashboard-amd64:v1.10.1
    $ docker push 10.0.0.106:5000/kubernetes-dashboard-amd64:v1.10.1

     

    2.下载yaml文件

    $ wget https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml

    如无法下载,那么手动编辑一个,请注意文本中的蓝色注释请去掉。

    $ vim kubernetes-dashboard.yaml

    # Copyright 2017 The Kubernetes Authors.
    #
    # Licensed under the Apache License, Version 2.0 (the "License");
    # you may not use this file except in compliance with the License.
    # You may obtain a copy of the License at
    #
    # http://www.apache.org/licenses/LICENSE-2.0
    #
    # Unless required by applicable law or agreed to in writing, software
    # distributed under the License is distributed on an "AS IS" BASIS,
    # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    # See the License for the specific language governing permissions and
    # limitations under the License.

    # ------------------- Dashboard Secret ------------------- #

    apiVersion: v1
    kind: Secret
    metadata:
    labels:
    k8s-app: kubernetes-dashboard
    name: kubernetes-dashboard-certs
    namespace: kube-system
    type: Opaque

    ---
    # ------------------- Dashboard Service Account ------------------- #

    apiVersion: v1
    kind: ServiceAccount
    metadata:
    labels:
    k8s-app: kubernetes-dashboard
    name: kubernetes-dashboard
    namespace: kube-system

    ---
    # ------------------- Dashboard Role & Role Binding ------------------- #

    kind: Role
    apiVersion: rbac.authorization.k8s.io/v1
    metadata:
    name: kubernetes-dashboard-minimal
    namespace: kube-system
    rules:
    # Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret.
    - apiGroups: [""]
    resources: ["secrets"]
    verbs: ["create"]
    # Allow Dashboard to create 'kubernetes-dashboard-settings' config map.
    - apiGroups: [""]
    resources: ["configmaps"]
    verbs: ["create"]
    # Allow Dashboard to get, update and delete Dashboard exclusive secrets.
    - apiGroups: [""]
    resources: ["secrets"]
    resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs"]
    verbs: ["get", "update", "delete"]
    # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
    - apiGroups: [""]
    resources: ["configmaps"]
    resourceNames: ["kubernetes-dashboard-settings"]
    verbs: ["get", "update"]
    # Allow Dashboard to get metrics from heapster.
    - apiGroups: [""]
    resources: ["services"]
    resourceNames: ["heapster"]
    verbs: ["proxy"]
    - apiGroups: [""]
    resources: ["services/proxy"]
    resourceNames: ["heapster", "http:heapster:", "https:heapster:"]
    verbs: ["get"]

    ---
    apiVersion: rbac.authorization.k8s.io/v1
    kind: RoleBinding
    metadata:
    name: kubernetes-dashboard-minimal
    namespace: kube-system
    roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: Role
    name: kubernetes-dashboard-minimal
    subjects:
    - kind: ServiceAccount
    name: kubernetes-dashboard
    namespace: kube-system

    ---
    # ------------------- Dashboard Deployment ------------------- #

    kind: Deployment
    apiVersion: apps/v1
    metadata:
    labels:
    k8s-app: kubernetes-dashboard
    name: kubernetes-dashboard
    namespace: kube-system
    spec:
    replicas: 1
    revisionHistoryLimit: 10
    selector:
    matchLabels:
    k8s-app: kubernetes-dashboard
    template:
    metadata:
    labels:
    k8s-app: kubernetes-dashboard
    spec:
    containers:
    - name: kubernetes-dashboard
    image: 10.0.0.106:5000/kubernetes-dashboard-amd64:v1.10.1  #写入自己仓库镜像的地址
    ports: 
    - containerPort: 8443
    protocol: TCP
    args:
    - --auto-generate-certificates
    # Uncomment the following line to manually specify Kubernetes API server Host
    # If not specified, Dashboard will attempt to auto discover the API server and connect
    # to it. Uncomment only if the default does not work.
    # - --apiserver-host=http://my-address:port
    volumeMounts:
    - name: kubernetes-dashboard-certs
    mountPath: /certs
    # Create on-disk volume to store exec logs
    - mountPath: /tmp
    name: tmp-volume
    livenessProbe:
    httpGet:
    scheme: HTTPS
    path: /
    port: 8443
    initialDelaySeconds: 30
    timeoutSeconds: 30
    volumes:
    - name: kubernetes-dashboard-certs
    secret:
    secretName: kubernetes-dashboard-certs
    - name: tmp-volume
    emptyDir: {}
    serviceAccountName: kubernetes-dashboard
    # Comment the following tolerations if Dashboard must not be deployed on master
    tolerations:
    - key: node-role.kubernetes.io/master
    effect: NoSchedule

    ---
    # ------------------- Dashboard Service ------------------- #

    kind: Service
    apiVersion: v1
    metadata:
    labels:
    k8s-app: kubernetes-dashboard
    name: kubernetes-dashboard
    namespace: kube-system
    spec:
    type: NodePort      #新增的
    ports:
    - port: 443
    targetPort: 8443
    nodePort: 30666    #新增的,方便后面用节点ip加这个端口访问dashboard页面。
    selector:
    k8s-app: kubernetes-dashboard

    变更的地方:

     

    3.创建dashboard 

     $ kubectl create -f kubernetes-dashboard.yaml 

     --------------------------------------------------------------------------------------------------------------------------------

    排错:如果遇到如图报错,你非常确定你的仓库没问题,/etc/docker/daemon.json也配置正常,docker服务重启了无数次,但镜像就是拉取不下来,别纠结,重启下你所有节点在看可能就好了。我当时就是这样。。。

     

     

     --------------------------------------------------------------------------------------------------------------------------------

    测试访问 https://节点ip:端口 ,看到如图页面,dashboard就好了。切记用https哦。

     

    这里继续访问报错,HTTPS证书问题,暂不知如何解决。

     

    下面两步骤是我尝试解决问题的经历,记录在这里分享给大家,如有兴趣可继续测试下。

     1)针对如上报错,参考下面博文没能解决,结果还是同样的页面:

    https://blog.ct99.cn/2020/11/05/jie_jue_k8s_dashboard_qi_ta_liu_lan_qi_bu_neng_fang_wen.html

    https://blog.ct99.cn/2020/10/22/shi_yong_kubeadm_gong_ju_kuai_su_chuang_jian_k8s_ji_qun.html

     2)找了一个2017年的dashboard.yaml文件,开始的想法是拿掉https的配置,用默认http的思路,修改了部分内容还是报错,贴出修改后的yaml文档。

    https://github.com/winse/docker-hadoop/blob/master/kube-deploy/kubeadm/kubernetes-dashboard.yaml

     

     $ vim dashboard.yaml

    # Copyright 2015 Google Inc. All Rights Reserved.
    #
    # Licensed under the Apache License, Version 2.0 (the "License");
    # you may not use this file except in compliance with the License.
    # You may obtain a copy of the License at
    #
    # http://www.apache.org/licenses/LICENSE-2.0
    #
    # Unless required by applicable law or agreed to in writing, software
    # distributed under the License is distributed on an "AS IS" BASIS,
    # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    # See the License for the specific language governing permissions and
    # limitations under the License.

    # Configuration to deploy release version of the Dashboard UI compatible with
    # Kubernetes 1.6 (RBAC enabled).
    #
    # Example usage: kubectl create -f <this_file>

    apiVersion: v1
    kind: ServiceAccount
    metadata:
    labels:
    k8s-app: kubernetes-dashboard
    name: kubernetes-dashboard
    namespace: kube-system
    ---
    apiVersion: rbac.authorization.k8s.io/v1beta1
    kind: ClusterRoleBinding
    metadata:
    name: kubernetes-dashboard
    labels:
    k8s-app: kubernetes-dashboard
    roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: ClusterRole
    name: cluster-admin
    subjects:
    - kind: ServiceAccount
    name: kubernetes-dashboard
    namespace: kube-system
    ---
    kind: Deployment
    apiVersion: apps/v1
    metadata:
    labels:
    k8s-app: kubernetes-dashboard
    name: kubernetes-dashboard
    namespace: kube-system
    spec:
    replicas: 1
    revisionHistoryLimit: 10

    selector:
    matchLabels:
    k8s-app: kubernetes-dashboard
    template:
    metadata:
    labels:
    k8s-app: kubernetes-dashboard
    spec:
    containers:
    - name: kubernetes-dashboard
    image: 10.0.0.106:5000/kubernetes-dashboard-amd64:v1.10.1
    ports:
    - containerPort: 9090
    protocol: TCP
    args:
    # Uncomment the following line to manually specify Kubernetes API server Host
    # If not specified, Dashboard will attempt to auto discover the API server and connect
    # to it. Uncomment only if the default does not work.
    # - --apiserver-host=http://my-address:port
    livenessProbe:
    httpGet:
    path: /
    port: 9090
    initialDelaySeconds: 30
    timeoutSeconds: 30
    serviceAccountName: kubernetes-dashboard
    # Comment the following tolerations if Dashboard must not be deployed on master
    tolerations:
    - key: node-role.kubernetes.io/master
    effect: NoSchedule
    ---
    kind: Service
    apiVersion: v1
    metadata:
    labels:
    k8s-app: kubernetes-dashboard
    name: kubernetes-dashboard
    namespace: kube-system
    spec:
    type: NodePort
    ports:
    - port: 80
    targetPort: 9090
    nodePort: 30999
    selector:
    k8s-app: kubernetes-dashboard
  • 相关阅读:
    【PHP】PHP代码处理(普通/不重要的)并发情况,例如pv统计(不使用MySQL行或表锁、避免程序冗余)
    【MySQL】mysql慢查询日志文件
    Codeblocks: 关闭括号自动补全
    Linux C: 从指定路径中获取文件名
    MediaPlayer: android 利用mediaplayer播放音频停止后出现mediaplayer went away with unhandled event
    android: 取消编译过程中的结构体对齐
    Java: JNI对数组赋值并返回给Java
    android: Native 层访问assets目录
    Java: JNI返回Java对象(转)
    OpenSLES: W/AudioTrack: AUDIO_OUTPUT_FLAG_FAST denied by client; transfer 1, track 44100 Hz, output 48000 Hz的问题
  • 原文地址:https://www.cnblogs.com/you-xiaoqing/p/14305983.html
Copyright © 2020-2023  润新知