2. 程式人生 > 其它 >|NO.Z.00088|——————————|^^ 部署 ^^|——|KuberNetes&kubeadm.V17|5臺Server|---------------------------------------|kubernetes驗證|dashboard配置|

|NO.Z.00088|——————————|^^ 部署 ^^|——|KuberNetes&kubeadm.V17|5臺Server|---------------------------------------|kubernetes驗證|dashboard配置|

阿新 發佈:2022-03-29

[CloudNative:KuberNetes&kubeadm.V17]                                                               [Applications.KuberNetes] [|DevOps|k8s|**5節點**|kubeadm.v1.21.2|叢集可用性驗證|] [|service埠通訊|pod之間通訊|pod與pod之間通訊|dashboard配置|]







一、dashboard配置
1、檢視dashboard配置
#1、檢視dashboard服務pod

[root@k8s-master01 ~]# kubectl get po -n kubernetes-dashboard -owide
NAME                                         READY   STATUS    RESTARTS   AGE   IP              NODE           NOMINATED NODE   READINESS GATES
dashboard-metrics-scraper-86bb69c5f6-5mbh5   1/1     Running   0          57m   172.169.92.65   k8s-master02   <none>           <none>
kubernetes-dashboard-6576c84894-snkjz        1/1     Running   0          57m   172.162.195.3   k8s-master03   <none>           <none>
 
#2、檢視kubernetes-dashboard.service資訊

[root@k8s-master01 ~]# kubectl get svc -n kubernetes-dashboard -owide
NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)         AGE    SELECTOR
dashboard-metrics-scraper   ClusterIP   10.105.204.160   <none>        8000/TCP        147m   k8s-app=dashboard-metrics-scraper
kubernetes-dashboard        NodePort    10.103.63.205    <none>        443:32418/TCP   147m   k8s-app=kubernetes-dashboard
 
#3、更改為NodePort的方式就可以訪問到dashboard
//注:NodePort就是在每個宿主機上去啟動一個埠,這個埠就可以訪問到對應的服務上
[root@k8s-master01 ~]# kubectl edit svc kubernetes-dashboard -n kubernetes-dashboard
   selector:
    k8s-app: kubernetes-dashboard
  sessionAffinity: None
  type: NodePort                  // 預設是NodePort;若不是可更改為NodePort 

#4、檢視dashboard埠號


[root@k8s-master01 ~]# kubectl get svc -n kubernetes-dashboard -owide
NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)         AGE    SELECTOR
dashboard-metrics-scraper   ClusterIP   10.105.204.160   <none>        8000/TCP        150m   k8s-app=dashboard-metrics-scraper
kubernetes-dashboard        NodePort    10.103.63.205    <none>        443:32418/TCP   150m   k8s-app=kubernetes-dashboard
二、通過Chrome訪問:https://192.168.1.15:32418/ 
### --- 通過Chrome訪問:https://192.168.1.15:32418/
~~~     檢視是否自動建立管理員使用者;若是沒有需要手動建立管理員使用者
~~~     # 檢視是否生成管理原使用者
~~~     已經建立了管理員使用者;若是沒有建立;依據以下方案進行手動建立

[root@k8s-master01 ~]# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
Name:         admin-user-token-c6vjm
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: admin-user
              kubernetes.io/service-account.uid: fefcaad0-712b-4703-bb9a-37375064dae7

Type:  kubernetes.io/service-account-token

Data
====
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IkdSYmlxZHVVdVdMakNGTC1wT3JBUm5YdGliM3pFMXNMcE55Z09wcmU2czAifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLWM2dmptIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJmZWZjYWFkMC03MTJiLTQ3MDMtYmI5YS0zNzM3NTA2NGRhZTciLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.vI2ohgnmyWDqg0FpTDrywvTgwIB1DtfFHI5hhP_48MU9hSvjWOAyh0HBEDuV7b-yxq7Zc3bfRrvHPqS18geJluCiCGY3X_A-VHoY08X7XqKtzQQeEPdoyU9_slWjODR9TY61bmWpVujzlIUJPrsBk_Z_8uBX0MoRpr4Z2aLf87m6KSvQUM-SgEkTEgVrPnlUBgur-7pR4X_1D_cBDROFQ2B_9Lul_do88a41FsAPgs0nZZ5JliIdwRm7ILs6ABP5hiArRXR366P0XfGk7yUW0B9_7suYgcC4VTtNR79r0QwLQj9LEsA8u9g_ttyP-KzlziwD56xI2MaaD96kiL7tlg
ca.crt:     1066 bytes
### --- 手動建立管理員使用者
~~~     # 手動建立管理員使用者配置檔案

[root@k8s-master01 ~]# vim admin.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding 
metadata: 
  name: admin-user
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system
#1、手動建立管理員使用者配置檔案
[root@k8s-master01 ~]# vim admin.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding 
metadata: 
  name: admin-user
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system
#2、建立超級管理員使用者
[root@k8s-master01 ~]# kubectl create -f admin.yaml -n kube-system
serviceaccount/admin-user created
三、登入dashboard;進入kubernetes-dashboard管理後臺







===============================END===============================

Walter Savage Landor:strove with none,for none was worth my strife.Nature I loved and, next to Nature, Art:I warm'd both hands before the fire of life.It sinks, and I am ready to depart                                                                                                                                                    ——W.S.Landor



來自為知筆記(Wiz)

相關推薦

no