10 月052020

[原创]k8s安装dashboard

内容纲要

实验环境:k8s v1.19.0

1.查看对应版本兼容的dashboard

https://github.com/kubernetes/dashboard/releases

2.安装dashboard

[root@master ~]# kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.4/aio/deploy/recommended.yaml

namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created

3.由于需要外部访问dashboard,我们要把clusterip改为nodeport

[root@master ~]# kubectl delete service kubernetes-dashboard --namespace=kubernetes-dashboard

service "kubernetes-dashboard" deleted

4.创建nodeport的yaml文件,并执行。

vi k8sdashboard.yaml
apiVersion: v1
kind: Service
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  type: NodePort
  ports:
    - port: 443
      targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard

[root@master ~]# kubectl apply -f k8sdashboard.yaml 
service/kubernetes-dashboard created

5.查看svc服务

[root@master ~]# kubectl get svc --all-namespaces
NAMESPACE              NAME                        TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)        
default                kubernetes                  ClusterIP   10.96.0.1      <none>        443/TCP        
kube-system            kube-dns                    ClusterIP   10.96.0.10     <none>        53/UDP,53/TCP,9
kube-system            metrics-server              ClusterIP   10.99.71.130   <none>        443/TCP        
kubernetes-dashboard   dashboard-metrics-scraper   ClusterIP   10.97.47.111   <none>        8000/TCP       
kubernetes-dashboard   kubernetes-dashboard        NodePort    10.97.175.84   <none>        443:31974/TCP

6.创建k8s dashboard帐户并应用

vi k8sdashboardaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: dashboard-admin
  namespace: kube-system
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: dashboard-admin
subjects:
  - kind: ServiceAccount
    name: dashboard-admin
    namespace: kube-system
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io

[root@master ~]# kubectl apply -f k8sdashboardaccount.yaml 
serviceaccount/dashboard-admin created
Warning: rbac.authorization.k8s.io/v1beta1 ClusterRoleBinding is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 ClusterRoleBinding
clusterrolebinding.rbac.authorization.k8s.io/dashboard-admin created

7.获取token

[root@master ~]# kubectl get secret -n kube-system | grep dashboard
dashboard-admin-token-knhnt                      kubernetes.io/service-account-token   3      3m9s

[root@master ~]# kubectl describe secret dashboard-admin-token-knhnt -n kube-system
Name:         dashboard-admin-token-knhnt
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: dashboard-admin
              kubernetes.io/service-account.uid: 8b2d5b6b-8430-488e-98e0-f1c9ee539466

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1066 bytes
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6ImtEaldISGZnOTdnTVczeEFvY2Z1TEJaT2tOOU5UZE5RTFdiMWJXUXFuNWMifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4ta25obnQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiOGIyZDViNmItODQzMC00ODhlLTk4ZTAtZjFjOWVlNTM5NDY2Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.XVgADToyR-LnZEvmzIqs7Kzau2MZHmd0TZ7NsYckRx0HmcZ0tQDVtH79YXr4bKx715BUzGv5e7l9Uy_Lun_6oYJyoXSimBncisXM-5-2nHHKkfJ7YshZIHIPaEtA7tKa_LoedC1bWlEK0NgYU2oxKKAiHikOwwEhYG2szfI7JmhfOntGIyZFmqPFThWDO4hw2g51os7BMjQdkJC3eG3xND5bu11TMRaq-K-SuVQUPFERWpRak-MfVsmxKPp2Egq7yrsZYUAF5R5dYMJd56gd3j8N7aHe4HjTJZv_TCuNTHqKsTENjfFUXg8ctZQJTXrFMXBUmu6Lo84i6NBwTiichA

8.访问dashboard并把token添加进去

https://192.168.50.61:31974

打赏微海报分享
spacer

Leave a reply

评论审核已启用。您的评论可能需要一段时间后才能被显示。

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据