ICode9
精准搜索请尝试: 精确搜索
首页
编程语言>
数据库
系统相关
互联网
其他分享
Python
Java
JavaScript
android
PHP
首页 > 其他分享> 文章详细

Kubernetes部署官网Dashboard

2022-01-15 22:31:46  阅读:355  来源: 互联网

标签:k8s Kubernetes kubernetes created admin user Dashboard 官网 dashboard


概述

Kubernetes Dashboard 是用于 Kubernetes 集群的通用、基于 Web 的 UI。它允许用户管理集群中运行的应用程序并对其进行故障排除,以及管理集群本身。

部署

获取 Dashboard YAML

root@k8smaster-11:/data/k8s/soft# wget https://dl.k8s.io/v1.22.5/kubernetes.tar.gz
root@k8smaster-11:/data/k8s/soft# tar xf kubernetes.tar.gz
root@k8smaster-11:/data/k8s/soft# cd kubernetes/cluster/addons/dashboard/

# coredns 部署模板文件
root@k8smaster-11:/data/k8s/soft/kubernetes/cluster/addons/dashboard# ls
OWNERS  README.md  dashboard.yaml
root@k8smaster-11:/data/k8s/soft/kubernetes/cluster/addons/dashboard# cp dashboard.yaml /data/k8s/yaml/dashboard/dashboard.yaml

修改配置文件

增加端口暴露

# 原代码
kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
    kubernetes.io/cluster-service: "true"
    addonmanager.kubernetes.io/mode: Reconcile
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  ports:
    - port: 443
      targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard
	
############ 修改 如下 #########
kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  # 增加暴露端口配置
  type: NodePort
  ports:
    - port: 443
      targetPort: 8443
      nodePort: 30088
  selector:
    k8s-app: kubernetes-dashboard

准备授权用户

root@k8smaster-11:/data/k8s/yaml/dashboard# cat dashboard-user.yaml 
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

部署 dashboard

root@k8smaster-11:/data/k8s/yaml/dashboard# kubectl apply -f  k8s-dashboard-v1.2.22.yaml 
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created

root@k8smaster-11:/data/k8s/yaml/dashboard# kubectl apply -f dashboard-user.yaml 
serviceaccount/admin-user created
clusterrolebinding.rbac.authorization.k8s.io/admin-user created

登陆测试

查看用户 Token

root@k8smaster-11:/data/k8s/yaml/dashboard# kubectl get secrets -A |  grep admin
kubernetes-dashboard   admin-user-token-x2gr4                           kubernetes.io/service-account-token   3      23s
root@k8smaster-11:/data/k8s/yaml/dashboard# kubectl describe secrets admin-user-token-x2gr4 -n kubernetes-dashboard
Name:         admin-user-token-x2gr4
Namespace:    kubernetes-dashboard
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: admin-user
              kubernetes.io/service-account.uid: b8565d49-3772-41e9-bb39-ec7af5159c0c

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1350 bytes
namespace:  20 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6InFDazU2VDU0a0Rka2xmamtBSlktaklxV0FtWDJZNmo0YnI4UnJETHhmY2MifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLXgyZ3I0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJiODU2NWQ0OS0zNzcyLTQxZTktYmIzOS1lYzdhZjUxNTljMGMiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.z_9RGoZOwW1ehDOhTPOgQ6NOOvpavQgxmN5AOiEvLWOfHGmQrw_Yy66C1DIV8jpIHkBl0vWmHk9SxC90ptudQE1AxB_hYkucuub7pRejIzML_OwrctCo0dATpFtD_Wjkys4RlhhPRJ1XjiIjsubU4SLtF7IFqgFPJrQDhRp9nZr9BEaBGSO0UVpQiK62iRWKqdYKnnTUU_Gpo7PBq3hO3y1W_O4m-jlZGXugVpjumnjuqCXueHt9GpKqDtTXopP9PfIsZ-DqN3ROE67gcdhgBt_t0CqjavWqJLxwNV76KYNIWVrtGZaDFTceeZU5b-LcDYIXUk2RuiW9gBP0iVf5Bg

获取 kuberconfig 文件

  1. 先获取token
    用上边的办法拿到token
eyJhbGciOiJSUzI1NiIsImtpZCI6InFDazU2VDU0a0Rka2xmamtBSlktaklxV0FtWDJZNmo0YnI4UnJETHhmY2MifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLXgyZ3I0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJiODU2NWQ0OS0zNzcyLTQxZTktYmIzOS1lYzdhZjUxNTljMGMiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.z_9RGoZOwW1ehDOhTPOgQ6NOOvpavQgxmN5AOiEvLWOfHGmQrw_Yy66C1DIV8jpIHkBl0vWmHk9SxC90ptudQE1AxB_hYkucuub7pRejIzML_OwrctCo0dATpFtD_Wjkys4RlhhPRJ1XjiIjsubU4SLtF7IFqgFPJrQDhRp9nZr9BEaBGSO0UVpQiK62iRWKqdYKnnTUU_Gpo7PBq3hO3y1W_O4m-jlZGXugVpjumnjuqCXueHt9GpKqDtTXopP9PfIsZ-DqN3ROE67gcdhgBt_t0CqjavWqJLxwNV76KYNIWVrtGZaDFTceeZU5b-LcDYIXUk2RuiW9gBP0iVf5Bg
  1. 设置 kubeconfig 文件中的一个集群条目
    注意修改为自己的集群节点
 kubectl config set-cluster kubernetes --server=172.16.0.200:6443 --kubeconfig=/data/k8s/dashboard/admin-user.conf
  1. 设置 kubeconfig 文件中的一个用户条目
    这里--token就是用到上面准备的token
    admin-user 是用户名
kubectl config set-credentials admin-user --token="eyJhbGciOiJSUzI1NiIsImtpZCI6InFDazU2VDU0a0Rka2xmamtBSlktaklxV0FtWDJZNmo0YnI4UnJETHhmY2MifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLTc1ZzJiIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiIyNzk1MjNlMy0wNWQwLTRjYzItYmVjNS1hMDQzOTU1M2E2YjEiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.sAeFGGokuYvwTLQE4yNWgGuO8T3VXXo6S_HlVnh0hdXVWyJaCJGquJYRnLU7eCylJ4Op-2WABU6gfEg0sGuHR9ENPeogWVtRSxFcSp3_oBOKAXeQU97h-WukrO_opBt35K9hRo7foUPBGrw7-CH7EDEa746C7fsM2uCmLN4Euqm0pVKjkJGQkuVfLCw-T_6cNqvOG0x9VVMGim1uNF0vGqTpAs3UjX466nHNNi8z_xW2TQ6qhVxgYhlQFSZGfM22Xe-KoqbztMD3U6iYsMDxgZicPW0ZpeFIBHp0Ou2BsnluqWdPr-go7oSrJZEowcITmkuViYu3id0FNflpocVc7A" --kubeconfig=/data/k8s/dashboard/admin-user.conf
  1. 设置 kubeconfig 文件中的一个上下文条目
    --user 指定用户名
kubectl config set-context dashboard-admin@kubernetes --cluster=kubernetes --user=admin-user --kubeconfig=/data/k8s/dashboard/admin-user.conf
  1. 设置 kubeconfig 文件中的当前上下文
kubectl config use-context dashboard-admin@kubernetes --kubeconfig=/data/k8s/dashboard/admin-user.conf
  1. 下载用户登陆文件
sz  /data/k8s/dashboard/admin-user.conf

登陆测试

image
image

标签:k8s,Kubernetes,kubernetes,created,admin,user,Dashboard,官网,dashboard
来源: https://www.cnblogs.com/yanshicheng/p/15808327.html

本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享;
2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关;
3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关;
4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除;
5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。

关于我们 | 联系我们 | 留言反馈

专注分享技术,共同学习,共同进步。侵权联系[81616952@qq.com]

Copyright (C)ICode9.com, All Rights Reserved.

ICode9版权所有