kind搭建k8s单节点集群
1【kind 安装】
kind create clouster
查看节点信息
lory@lory-PC:~$ kubectl cluster-info Kubernetes master is running at https://127.0.0.1:39377 KubeDNS is running at https://127.0.0.1:39377/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'
解决bug:
{
"kind": "Status",
"apiVersion": "v1",
"metadata": {
},
"status": "Failure",
"message": "forbidden: User \"system:anonymous\" cannot get path \"/metrics\"",
"reason": "Forbidden",
"details": {
},
"code": 403
}
请执行:
kubectl create clusterrolebinding prometheus-admin --clusterrole cluster-admin --user system:anonymous
查看节点:
lory@lory-PC:~$ kubectl get node NAME STATUS ROLES AGE VERSION kind-control-plane Ready master 30h v1.18.2
2【创建对应服务】
安装 Kuboard
lory@lory-PC:~$ kubectl create clusterrolebinding prometheus-admin --clusterrole cluster-admin --user system:anonymous clusterrolebinding.rbac.authorization.k8s.io/prometheus-admin created lory@lory-PC:~$ kubectl apply -f https://kuboard.cn/install-script/kuboard.yaml
lory@lory-PC:~$ kubectl apply -f https://addons.kuboard.cn/metrics-server/0.3.6/metrics-server.yaml clusterrole.rbac.authorization.k8s.io/system:aggregated-metrics-reader created clusterrolebinding.rbac.authorization.k8s.io/metrics-server:system:auth-delegator created rolebinding.rbac.authorization.k8s.io/metrics-server-auth-reader created clusterrole.rbac.authorization.k8s.io/system:metrics-server created clusterrolebinding.rbac.authorization.k8s.io/system:metrics-server created apiservice.apiregistration.k8s.io/v1beta1.metrics.k8s.io created serviceaccount/metrics-server created deployment.apps/metrics-server created service/metrics-server created
查看 Kuboard 运行状态:
输出结果如下所示:
lory@lory-PC:~$ kubectl get pods -l k8s.kuboard.cn/name=kuboard -n kube-system NAME READY STATUS RESTARTS AGE kuboard-7bb89b4cc4-g268r 1/1 Running 0 49s
获取Token
此Token拥有 ClusterAdmin 的权限,可以执行所有操作
执行命令
lory@lory-PC:~$ echo $(kubectl -n kube-system get secret $(kubectl -n kube-system get secret | grep kuboard-user | awk '{print $1}') -o go-template='{{.data.token}}' | base64 -d)
eyJhbGciOiJSUzI1NiIsImtpZCI6InB5RDk0aWV2VmtBWFhuT0RmcmJIZGUtRUR5R21qRmZZbFpOUktMTExUZHMifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJvYXJkLXVzZXItdG9rZW4tNnIyNmgiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoia3Vib2FyZC11c2VyIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiYTNjMzBmMWUtYWRjMi00ZGE5LTk3NDUtOGQ0ZjY1OGNlZjQ4Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmt1Ym9hcmQtdXNlciJ9.L6xq93ZPQP-mHgg4OBqluTFb-A0POsnxyp4beo0X5jdYNxxDTkT07YjLfqHRVWOgKd-SHAn_-DrfMuzhIaBECVF4zHNVskJiA1MV9c9NpRmbI0Dk_ri8_fjyqMH1drRQP8xHpr2L9TBsosfxFCqiL8IzAD0z_QMcnvSPIY_J7Bt9tng1Fay67IFamMVd-iJ7Vd205FcBubCxH1U_7Nrm443zzZHoLrk7AQ6_OnWCYm8oFfdDWec4SNYMwNuoHIGtup3eom3jHiGHT1x10uEHMempl7xgolkGxgCFtMDtiU3KaL_tU_1HZJe80hQXnjKFo
访问Kuboard
您可以通过port-forward 两种方式当中的任意一种访问 Kuboard
lory@lory-PC:~$ kubectl port-forward service/kuboard 8080:80 -n kube-system Forwarding from 127.0.0.1:8080 -> 80 Handling connection for 8080 Handling connection for 8080 Handling connection for 8080 Handling connection for 8080 Handling connection for 8080 Handling connection for 8080
拼搏在路上
