|NO.Z.00084|——————————|^^ 部署 ^^|——|KuberNetes&kubeadm.V13|5臺Server|---------------------------------------|kubernetes元件|dashboard|
阿新 • • 發佈:2022-03-29
[CloudNative:KuberNetes&kubeadm.V13] [Applications.KuberNetes] [|DevOps|k8s|**5節點**|kubeadm.v1.21.2|kubernetes元件|dashboard|]
一、kubernetes元件安裝
### --- 下載元件安裝原始碼包 ~~~ 下載版本包——在k8s-master01節點執行 ~~~ 現在k8s-ha-install版本包 [root@k8s-master01 ~]# cd /root/ ; git clone https://github.com/dotbalo/k8s-ha-install.git Cloning into 'k8s-ha-install'... remote: Enumerating objects: 652, done. remote: Counting objects: 100% (220/220), done. remote: Compressing objects: 100% (141/141), done. remote: Total 652 (delta 109), reused 141 (delta 62), pack-reused 432 Receiving objects: 100% (652/652), 19.60 MiB | 6.12 MiB/s, done. Resolving deltas: 100% (256/256), done.
二、dashboard元件部署——k8s-master01節點執行### --- 切換到manual-installation-v1.21.x分支下 ~~~ 切換到1.21.x版本分支 [root@k8s-master01 ~]# cd /root/k8s-ha-install && git checkout manual-installation-v1.21.x Branch manual-installation-v1.21.x set up to track remote branch manual-installation-v1.21.x from origin. Switched to a new branch 'manual-installation-v1.21.x'
### --- dashboard元件部署說明
~~~ Dashboard用於展示叢集中的各類資源,
~~~ 同時也可以通過Dashboard實時檢視Pod的日誌和在容器中執行一些命令等。### --- 安裝指定版本dashboard ~~~ 安裝指定版本的dashboard [root@k8s-master01 ~]# cd /root/k8s-ha-install/dashboard/ [root@k8s-master01 dashboard]# kubectl create -f . serviceaccount/admin-user created clusterrolebinding.rbac.authorization.k8s.io/admin-user created namespace/kubernetes-dashboard created serviceaccount/kubernetes-dashboard created service/kubernetes-dashboard created secret/kubernetes-dashboard-certs created secret/kubernetes-dashboard-csrf created secret/kubernetes-dashboard-key-holder created configmap/kubernetes-dashboard-settings created role.rbac.authorization.k8s.io/kubernetes-dashboard created clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created deployment.apps/kubernetes-dashboard created service/dashboard-metrics-scraper created deployment.apps/dashboard-metrics-scraper created
### --- 更改dashboard的svc為NodePort:
~~~ 檢視dashboard.service配置檔案
~~~ 注:將ClusterIP更改為NodePort(如果已經為NodePort忽略此步驟):
[root@k8s-master01 dashboard]# kubectl edit svc kubernetes-dashboard -n kubernetes-dashboard
spec:
clusterIP: 10.106.221.33
clusterIPs:
- 10.106.221.33
ports:
- port: 443
protocol: TCP
targetPort: 8443
selector:
k8s-app: kubernetes-dashboard
sessionAffinity: None
type: ClusterIP # 重點看這一部分是否更改正確
status:
loadBalancer: {}### --- 更改dashboard.service的type模式
[root@k8s-master01 dashboard]# kubectl edit svc kubernetes-dashboard -n kubernetes-dashboard
type: ClusterIP
# 更改為NodePort
type: NodePort### --- 檢視dashboard埠號
[root@k8s-master01 ~]# kubectl get svc kubernetes-dashboard -n kubernetes-dashboard -owide
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
kubernetes-dashboard NodePort 10.103.63.205 <none> 443:32418/TCP 3m12s k8s-app=kubernetes-dashboard### --- 檢視token值
~~~ 檢視admin-user.token值是,用於登入dashboard-UI
[root@k8s-master01 ~]# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
Name: admin-user-token-c6vjm
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: admin-user
kubernetes.io/service-account.uid: fefcaad0-712b-4703-bb9a-37375064dae7
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1066 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IkdSYmlxZHVVdVdMakNGTC1wT3JBUm5YdGliM3pFMXNMcE55Z09wcmU2czAifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLWM2dmptIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJmZWZjYWFkMC03MTJiLTQ3MDMtYmI5YS0zNzM3NTA2NGRhZTciLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.vI2ohgnmyWDqg0FpTDrywvTgwIB1DtfFHI5hhP_48MU9hSvjWOAyh0HBEDuV7b-yxq7Zc3bfRrvHPqS18geJluCiCGY3X_A-VHoY08X7XqKtzQQeEPdoyU9_slWjODR9TY61bmWpVujzlIUJPrsBk_Z_8uBX0MoRpr4Z2aLf87m6KSvQUM-SgEkTEgVrPnlUBgur-7pR4X_1D_cBDROFQ2B_9Lul_do88a41FsAPgs0nZZ5JliIdwRm7ILs6ABP5hiArRXR366P0XfGk7yUW0B9_7suYgcC4VTtNR79r0QwLQj9LEsA8u9g_ttyP-KzlziwD56xI2MaaD96kiL7tlg### --- 配置Chrome瀏覽器:不安全證書生效
~~~ 在Chrome啟動檔案中加入啟動引數,用於解決無法訪問Dashboard的問題,
--test-type --ignore-certificate-errors### --- 將token值輸入到令牌後,單進入dashboard後臺管理中心
### --- 通過任意安裝了kube-proxy的宿主機或者VIP的IP+埠即可訪問到dashboard:
~~~ https://192.168.1.20:32418/(請更改32418為自己的埠),選擇登入方式為令牌(即token方式)四、安裝最新版本dashboard
### --- dashboard官方GitHub地址
~~~ https://github.com/kubernetes/dashboard
~~~ 可以在官方dashboard檢視到最新版dashboard### --- 安裝最新版dashboard
[root@k8s-master01 dashboard]# kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.3/aio/deploy/recommended.yaml### --- 建立管理員使用者vim admin.yaml
~~~ 建立管理員使用者配置檔案
[root@k8s-master01 dashboard]# vim admin.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kube-system### --- 建立管理員使用者
[root@k8s-master01 dashboard]# kubectl apply -f admin.yaml -n kube-system===============================END===============================
Walter Savage Landor:strove with none,for none was worth my strife.Nature I loved and, next to Nature, Art:I warm'd both hands before the fire of life.It sinks, and I am ready to depart ——W.S.Landor
來自為知筆記(Wiz)