Kubernetes(k8s)部署 Kubernetes Dashboard
零、兼容性
- 该部署方案兼容 Kubernetes 1.17版本
- 其他版本是否兼容看下表
| Kubernetes version | 1.14 | 1.15 | 1.16 | 1.17 |
|---|---|---|---|---|
| Compatibility | ? | ? | ? | ✓ |
一、集群信息
- 方法因人而异,但大同小异,以下是我的部署方法。
1.1、 主机信息
| 主机名 | ip地址 | 描述 | 核心 | 内存 |
|---|---|---|---|---|
| node-01 | 192.168.8.131 | master 节点 | 2核 | 8G |
| node-02 | 192.168.8.132 | node 节点 | 2核 | 8G |
| node-03 | 192.168.8.133 | node 节点 | 2核 | 8G |
1.2、版本说明
| 服务 | 版本 |
|---|---|
| helm | 3.1.1 |
| Kubernetes | 1.17.3 |
| Kubernetes Dashboard | 2.0.0 rc5 |
二、部署 Kubernetes Dashboard
2.1、 获取 Kubernetes Dashboard
# 下载到本地
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-rc5/aio/deploy/recommended.yaml2.2、安装 Kubernetes Dashboard
# 安装 kubernetes-dashboard
[root@Node-01 ~]# kubectl apply -f recommended.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created2.3、查看 Kubernetes Dashboard Pod 状态
[root@Node-01 ~]# kubectl get pod -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-7b8b58dc8b-vm484 1/1 Running 0 11m
kubernetes-dashboard-866f987876-v6clx 1/1 Running 0 11m2.3、查看 Kubernetes Dashboard Svc 状态
[root@Node-01 ~]# kubectl get svc -n kubernetes-dashboard
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
dashboard-metrics-scraper ClusterIP 10.1.193.251 <none> 8000/TCP 65s
kubernetes-dashboard ClusterIP 10.1.85.240 <none> 443/TCP 65s2.4、修改 Kubernetes Dashboard Svc 端口
- 将 kubernetes-dashboard ClusterIP 修改为 NodePort
kubectl edit svc -n kubernetes-dashboard kubernetes-dashboard三、创建 Dashboard 管理员
3.1、 创建 ServiceAccount
kubectl create serviceaccount dashboard-admin -n kube-system3.2、查看 ServiceAccount
- dashboard-admin-token-r6zz7 将成为 Secret 的名字。
[root@Node-01 ~]# kubectl describe sa dashboard-admin -n kubernetes-dashboard
Name: dashboard-admin
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: <none>
Image pull secrets: <none>
Mountable secrets: dashboard-admin-token-r6zz7
Tokens: dashboard-admin-token-r6zz7
Events: <none>3.4、绑定
- 绑定到 cluster-admin
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kubernetes-dashboard:dashboard-admin3.5、查看绑定关系
[root@Node-01 ~]# kubectl describe clusterrolebinding dashboard-admin
Name: dashboard-admin
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: cluster-admin
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount dashboard-admin kubernetes-dashboard五、登录 Kubernetes Dashboard
5.1、 获取登录 Tokens
- 直接复制黏贴即可
- 复制得到的 Token
TOKENS=$(kubectl describe serviceaccount dashboard-admin -n kubernetes-dashboard | grep "Tokens:" | awk '{ print $2}')
kubectl describe secret $TOKENS -n kubernetes-dashboard | grep "token:" | awk '{ print $2}'5.2、获取 Kubernetes Dashboard 端口
- 获取的随机端口: 30344
[root@Node-01 ~]# kubectl get svc -n kubernetes-dashboard | grep kubernetes-dashboard
kubernetes-dashboard NodePort 10.1.85.240 <none> 443:30344/TCP 20m5.3、通过浏览器访问 Kubernetes Dashboard
- 通过浏览器访问,因为没有证书,chrome 浏览器提示不安全没法访问,使用的火狐浏览器访问的
- 浏览器访问: https://
:30344 - 使用获取刚才获取的 Token 登录
5.4、Kubernetes Dashboard 仪表盘
版权声明:
作者:Akiraka
链接:https://www.akiraka.net/kubernetes/425.html
来源:Akiraka
文章版权归作者所有,未经允许请勿转载。
THE END
0
二维码
海报
Kubernetes(k8s)部署 Kubernetes Dashboard
零、兼容性
该部署方案兼容 Kubernetes 1.17版本
其他版本是否兼容看下表
Kubernetes version
1.14
1.15
1.16
1.17
Compatibility
?
?
?
✓
一、集……
文章目录
关闭