Kubernetes web介面kubernetes-dashboard安裝
阿新 • • 發佈:2018-11-30
本文講述的是如何部署K8s的web UI,前提是已經有一個k8s集群后,按照如下步驟進行即可。(如下步驟都是在master節點上進行操作)
1、下載kubernetes-dashboard.yaml檔案
wget https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml
2、修改kubernetes-dashboard.yaml檔案
# ------------------- Dashboard Deployment ------------------- # kind: Deployment apiVersion: apps/v1beta2 metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kube-system spec: replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: k8s-app: kubernetes-dashboard template: metadata: labels: k8s-app: kubernetes-dashboard spec: containers:- name: kubernetes-dashboard image: registry.cn-hangzhou.aliyuncs.com/kube_containers/kubernetes-dashboard-amd64 ports: - containerPort: 8443 protocol: TCP args: - --auto-generate-certificates
# ------------------- Dashboard Service ------------------- # kind: Service apiVersion: v1 metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kube-system spec: type: NodePort ports: - port: 443 targetPort: 8443 nodePort: 30001 selector: k8s-app: kubernetes-dashboard
上面程式碼紅色字為kubernetes-dashboard.yaml檔案中需要修改的地方,不然拉取不了映象,以及使用Nodeport方式做對映,使其他主機能夠訪問該dashboard。
3、建立kubernetes-dashboard.yaml
kubectl create -f kubernetes-dashboard.yaml
4、檢視kubernetes-dashboard容器是否已經執行
[[email protected] ~]# kubectl get pods -n kube-system NAME READY STATUS RESTARTS AGE coredns-576cbf47c7-l5wlh 1/1 Running 1 3d8h coredns-576cbf47c7-zrl66 1/1 Running 1 3d8h etcd-docker-master1 1/1 Running 1 3d8h kube-apiserver-docker-master1 1/1 Running 2 3d8h kube-controller-manager-docker-master1 1/1 Running 2 3d8h kube-flannel-ds-amd64-c7wz6 1/1 Running 0 3d8h kube-flannel-ds-amd64-hqvz9 1/1 Running 0 3d8h kube-flannel-ds-amd64-w7n4s 1/1 Running 2 3d8h kube-proxy-8gj2w 1/1 Running 1 3d8h kube-proxy-mt6dk 1/1 Running 0 3d8h kube-proxy-qtxz7 1/1 Running 0 3d8h kube-scheduler-docker-master1 1/1 Running 2 3d8h kubernetes-dashboard-5f864b6c5f-5s2rw 1/1 Running 0 62m
如上紅色字型已經顯示kubernetes-dashboard已經成功在node節點上執行。當然,你也可以前往node節點上執行docker ps檢視kubernetes-dashboard容器是否已經啟動,netstat -ptln命令檢視30001埠是否已經開放。
5、建立kubernetes-dashboard管理員角色
[[email protected] ~]# vi k8s-admin.yaml apiVersion: v1 kind: ServiceAccount metadata: name: dashboard-admin namespace: kube-system --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: dashboard-admin subjects: - kind: ServiceAccount name: dashboard-admin namespace: kube-system roleRef: kind: ClusterRole name: cluster-admin apiGroup: rbac.authorization.k8s.io
6、載入管理員角色
kubectl create -f k8s-admin.yaml
7、獲取dashboard管理員角色token
#獲取dashboard secret kubectl get secret -n kube-system [[email protected]-master1 ~]# kubectl get secret -n kube-system NAME TYPE DATA AGE attachdetach-controller-token-d9w8c kubernetes.io/service-account-token 3 3d8h bootstrap-signer-token-jdjwt kubernetes.io/service-account-token 3 3d8h bootstrap-token-9n6rpz bootstrap.kubernetes.io/token 6 149m bootstrap-token-n962df bootstrap.kubernetes.io/token 7 3d8h certificate-controller-token-lktt8 kubernetes.io/service-account-token 3 3d8h clusterrole-aggregation-controller-token-7stf6 kubernetes.io/service-account-token 3 3d8h coredns-token-kbz5z kubernetes.io/service-account-token 3 3d8h cronjob-controller-token-b647q kubernetes.io/service-account-token 3 3d8h daemon-set-controller-token-tzlpk kubernetes.io/service-account-token 3 3d8h dashboard-admin-token-jc8t5 kubernetes.io/service-account-token 3 17m
#獲取token [[email protected]-master1 ~]# kubectl describe secret dashboard-admin-token-jc8t5 -n kube-system Name: dashboard-admin-token-jc8t5 Namespace: kube-system Labels: <none> Annotations: kubernetes.io/service-account.name: dashboard-admin kubernetes.io/service-account.uid: cdfb442a-f48b-11e8-80e8-000c29c3dca5 Type: kubernetes.io/service-account-token Data ==== namespace: 11 bytes token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tamM4dDUiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiY2RmYjQ0MmEtZjQ4Yi0xMWU4LTgwZTgtMDAwYzI5YzNkY2E1Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.FZCsonMyEdcDDvbzIz7rMxm8vvlk0Ck6O5ooqzaJRWkggwMoqf92qYBsNxMxxT5BdAtxB_iPUD7rEagR7sLTqixHeC0HdTnGCcTnNU1fq2KJA5ssNyi9P4XGJqsGuf4mAmF5L56uBh43X4hQ41rFYPQwIrmVnknTAbAWf3biiKWkN9Az8NsCulRSSCsJSOwfPoGlo7aSbMYTyRXlmzLuLbkMpMvyMHChBJ_MIYbH9dBj_hL3L9iwo9gpNTfB-0_uYHPEPdQcib8qUkC5NxgXdBuQPug5y1kLUVFNgq45ozLTibZuVihK_gza-WKVpBRPY5PaYCN1Gu0-tFObUYDUow
8、使用管理員角色登陸kubernetes-dashboard web介面
客戶端瀏覽器輸入:https://nodeIP:nodeport ,也就是kubernetes-dashboard容器在哪臺node節點上跑,以及上面設定的nodeport埠(我這裡是https://192.168.20.214:30001)
出現如下介面,選擇令牌——輸入令牌,(令牌為上面的token)
