零、兼容性
- 该部署方案兼容 Kubernetes 1.17版本
- 其他版本是否兼容看下表
Kubernetes version |
1.14 |
1.15 |
1.16 |
1.17 |
Compatibility |
? |
? |
? |
✓ |
一、集群信息
1.1、 主机信息
主机名 |
ip地址 |
描述 |
核心 |
内存 |
node-01 |
192.168.8.131 |
master 节点 |
2核 |
8G |
node-02 |
192.168.8.132 |
node 节点 |
2核 |
8G |
node-03 |
192.168.8.133 |
node 节点 |
2核 |
8G |
1.2、版本说明
服务 |
版本 |
helm |
3.1.1 |
Kubernetes |
1.17.3 |
Kubernetes Dashboard |
2.0.0 rc5 |
二、部署 Kubernetes Dashboard
2.1、 获取 Kubernetes Dashboard
# 下载到本地
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-rc5/aio/deploy/recommended.yaml
2.2、安装 Kubernetes Dashboard
# 安装 kubernetes-dashboard
[root@Node-01 ~]# kubectl apply -f recommended.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
2.3、查看 Kubernetes Dashboard Pod 状态
[root@Node-01 ~]# kubectl get pod -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-7b8b58dc8b-vm484 1/1 Running 0 11m
kubernetes-dashboard-866f987876-v6clx 1/1 Running 0 11m
2.3、查看 Kubernetes Dashboard Svc 状态
[root@Node-01 ~]# kubectl get svc -n kubernetes-dashboard
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
dashboard-metrics-scraper ClusterIP 10.1.193.251 <none> 8000/TCP 65s
kubernetes-dashboard ClusterIP 10.1.85.240 <none> 443/TCP 65s
2.4、修改 Kubernetes Dashboard Svc 端口
- 将 kubernetes-dashboard ClusterIP 修改为 NodePort
kubectl edit svc -n kubernetes-dashboard kubernetes-dashboard
三、创建 Dashboard 管理员
3.1、 创建 ServiceAccount
kubectl create serviceaccount dashboard-admin -n kube-system
3.2、查看 ServiceAccount
- dashboard-admin-token-r6zz7 将成为 Secret 的名字。
[root@Node-01 ~]# kubectl describe sa dashboard-admin -n kubernetes-dashboard
Name: dashboard-admin
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: <none>
Image pull secrets: <none>
Mountable secrets: dashboard-admin-token-r6zz7
Tokens: dashboard-admin-token-r6zz7
Events: <none>
3.4、绑定
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kubernetes-dashboard:dashboard-admin
3.5、查看绑定关系
[root@Node-01 ~]# kubectl describe clusterrolebinding dashboard-admin
Name: dashboard-admin
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: cluster-admin
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount dashboard-admin kubernetes-dashboard
五、登录 Kubernetes Dashboard
5.1、 获取登录 Tokens
TOKENS=$(kubectl describe serviceaccount dashboard-admin -n kubernetes-dashboard | grep "Tokens:" | awk '{ print $2}')
kubectl describe secret $TOKENS -n kubernetes-dashboard | grep "token:" | awk '{ print $2}'
5.2、获取 Kubernetes Dashboard 端口
[root@Node-01 ~]# kubectl get svc -n kubernetes-dashboard | grep kubernetes-dashboard
kubernetes-dashboard NodePort 10.1.85.240 <none> 443:30344/TCP 20m
5.3、通过浏览器访问 Kubernetes Dashboard
- 通过浏览器访问,因为没有证书,chrome 浏览器提示不安全没法访问,使用的火狐浏览器访问的
- 浏览器访问: https://:30344
- 使用获取刚才获取的 Token 登录

5.4、Kubernetes Dashboard 仪表盘
