Kubernetes部署Dashboard使用者介面
阿新 • • 發佈:2021-08-03
Kubernetes部署Dashboard使用者介面
Dashboard 是基於網頁的 Kubernetes 使用者介面。您可以使用 Dashboard 將容器應用部署到 Kubernetes 叢集中,也可以對容器應用排錯,還能管理叢集本身及其附屬資源。您可以使用 Dashboard 獲取執行在叢集中的應用的概覽資訊,也可以建立或者修改 Kubernetes 資源(如 Deployment,Job,DaemonSet 等等)。例如,您可以對 Deployment 實現彈性伸縮、發起滾動升級、重啟 Pod 或者使用嚮導建立新的應用。
Kubernetes部署步驟
下載資源清單 如果下載不成功多試幾次或則改下dns
[root@master1 ~]# wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.3.1/aio/deploy/recommended.yaml
安裝部署 如果不成功 更改下映象地址 利用阿里雲做中轉
[root@master1 ~]# kubectl apply -f recommended.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
....
....
修改Service kubernetes-dashboard 對映一個埠,用於外網訪問
[root@master1 ~]# kubectl edit svc -n kubernetes-dashboard kubernetes-dashboard spec: clusterIP: 10.96.93.138 externalTrafficPolicy: Cluster ports: - nodePort: 47064 port: 443 protocol: TCP targetPort: 8443 selector: k8s-app: kubernetes-dashboard sessionAffinity: None # type: ClusterIP => type: NodePort type: NodePort
檢視修改後的埠
[root@master1 ~]# kubectl get svc -n kubernetes-dashboard
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
dashboard-metrics-scraper ClusterIP 10.96.104.63 <none> 8000/TCP 3h49m
kubernetes-dashboard NodePort 10.96.93.138 <none> 443:47064/TCP 3h49m
檢視部署狀態以及部署資源
[root@master1 ~]# kubectl get -f recommended.yaml
NAME STATUS AGE
namespace/kubernetes-dashboard Active 3h51m
NAME SECRETS AGE
serviceaccount/kubernetes-dashboard 1 3h51m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes-dashboard NodePort 10.96.93.138 <none> 443:47064/TCP 3h51m
NAME TYPE DATA AGE
secret/kubernetes-dashboard-certs Opaque 0 3h51m
secret/kubernetes-dashboard-csrf Opaque 1 3h51m
secret/kubernetes-dashboard-key-holder Opaque 2 3h51m
NAME DATA AGE
configmap/kubernetes-dashboard-settings 0 3h51m
NAME CREATED AT
role.rbac.authorization.k8s.io/kubernetes-dashboard 2021-08-03T02:48:06Z
NAME CREATED AT
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard 2021-08-03T02:48:06Z
NAME ROLE AGE
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard Role/kubernetes-dashboard 3h51m
NAME ROLE AGE
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard ClusterRole/kubernetes-dashboard 3h51m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/kubernetes-dashboard 1/1 1 1 3h51m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/dashboard-metrics-scraper ClusterIP 10.96.104.63 <none> 8000/TCP 3h51m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/dashboard-metrics-scraper 1/1 1 1 3h51m
建立token配置檔案
[root@master1 ~]# vim token.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kube-system
部署token到叢集
[root@master1 ~]# kubectl apply -f token.yaml
serviceaccount/admin-user created
clusterrolebinding.rbac.authorization.k8s.io/admin-user created
獲取token
[root@master1 ~]# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}') | grep token: | awk '{print $2}'
eyJhbGciOiJSUzI1NiIsImtpZCI6IkVrYkNBaEtYWHoteklLZy16NndXLXA4UUhULTZHLWktR08xTU5HaEU5aTAifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLWhmN3p0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJkNWFjNzZhMy05NDdlLTQ0NjUtYjk2ZS00MDcxN2I3ZGY1Y2YiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.YqEctVcddeW4_6hFCJHE_daCAO_CgxS06FgcLaJlubmbokXM647RfigPoq979pG8ZnLtzeuIIQWINQHBtbxqt0jyWaW6wTPUs0zhBAdI34CmXEY8O08iNEOpyyMC0rssLF-CzhVNhHsXi-b7gRzEIlf6ymEWBrajWEgOP5bsyMiX37XdkM9L-lOAiNGeuJx3216Zj5Nud1nXJyNZaQYeDiBHh_UNBn10MoxOmpsepwjCBz9YemGjTrCZ6MaZiV11PNEkn_OjY1bq8TvFWignb4cIud4ZnrS8up-mBgXI_cFGBr6uoMxXjMRXDNQgeQAxgM_Irvo6MZcWvaO7ufAoug
輸入叢集外網地址任意一個皆可進行訪問
https://192.168.15.55:47064/#/login