K8s集群dashboard安装与部署

磨磨蹭蹭不如利索的付诸行动

 

dashboard的作用简单来说就是提供web方式管理k8s集群

1.官网下载yaml文件   https://github.com/kubernetes/dashboard/releases

部署的是2.4.0版本的,找到下图中的内容

 

[root@proxy ~]# wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.4.0/aio/deploy/recommended.yaml
--2023-10-23 15:09:16--  https://raw.githubusercontent.com/kubernetes/dashboard/v2.4.0/aio/deploy/recommended.yaml
正在解析主机 raw.githubusercontent.com (raw.githubusercontent.com)... 185.199.109.133, 185.199.110.133, 185.199.108.133, ...
正在连接 raw.githubusercontent.com (raw.githubusercontent.com)|185.199.109.133|:443... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:7543 (7.4K) [text/plain]
正在保存至: “recommended.yaml.1”

recommended.yaml.1    100%[========================>]   7.37K  --.-KB/s  用时 0s      

2023-10-23 15:09:17 (153 MB/s) - 已保存 “recommended.yaml.1” [7543/7543])

 

为方便记忆,修改下yaml文件名

[root@master1 ~]# mv recommended.yaml  dashboard-v2.4.0.yaml

 

下载对象镜像然后push到harbor,如果仓库地址与自己的不同有变动,自己修改成自己的即可

[root@proxy ~]# docker pull kubernetesui/metrics-scraper:v1.0.7
v1.0.7: Pulling from kubernetesui/metrics-scraper
18dd5eddb60d: Pull complete 
1930c20668a8: Pull complete 
Digest: sha256:36d5b3f60e1a144cc5ada820910535074bdf5cf73fb70d1ff1681537eef4e172
Status: Downloaded newer image for kubernetesui/metrics-scraper:v1.0.7
docker.io/kubernetesui/metrics-scraper:v1.0.7
[root@proxy ~]# docker pull kubernetesui/dashboard:v2.4.0
v2.4.0: Pulling from kubernetesui/dashboard
5a24d13191c9: Pull complete 
476e0d029a85: Pull complete 
Digest: sha256:526850ae4ea9aba360e72b6df69fd3126b129d446efe83ac5250282b85f95b7f
Status: Downloaded newer image for kubernetesui/dashboard:v2.4.0
docker.io/kubernetesui/dashboard:v2.4.0
[root@proxy ~]# docker  kubernetesui/metrics-scraper:v1.0.7
[root@proxy ~]# docker push  kubernetesui/dashboard:v2.4.0

 

编辑dashboard-2.4.0.yaml,只用新增以下内容

因为配置文件中,443端口会将请求转发到8443端口的容器,因此要将端口暴露

类型:NodePort,会在宿主机监听一个端口

nodePort:访问30088端口的时候,会将请求转给443,443将请求转给容器的8443,8443就是dashboard的端口,就可以处理你的请求了。

 

部署dashboard

[root@master1 ~]# kubectl apply -f dashboard-v2.4.0.yaml 
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created

 

如图:30088转发给了443,443转发给dashboard这个pod

[root@master1 ~]# kubectl -n kubernetes-dashboard get svc -A
NAMESPACE              NAME                                 TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)                      AGE
default                kubernetes                           ClusterIP   10.1.0.1       <none>        443/TCP                      11d
kube-system            kube-dns                             ClusterIP   10.1.0.10      <none>        53/UDP,53/TCP,9153/TCP       11d
kube-system            metrics-server                       ClusterIP   10.1.73.61     <none>        443/TCP                      9d
kubernetes-dashboard   kubernetes-dashboard                 NodePort    10.1.121.38    <none>        443:30088/TCP                88s

 

如果是华为云,配置SLB负载均衡,将30088到后端的30088

 

 

 

 

 

 如图:可以指定端口访问dashboard了,需要手动指定https方式,如果是阿里云SLB弹性公网就用SLB弹性公网IP。 访问方式  https://弹性公网IP:30088

 

 登陆需要Token,所以我们要创建一个用户啊

vim admin-user.yaml

apiVersion: v1
kind: ServiceAccount #指定类型
metadata:
  name: admin-user   #用户名
  namespace: kubernetes-dashboard  #与dashboard相同的namespace

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding   #角色绑定作用
metadata:
  name: admin-user   
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

 

创建用户 

[root@master1 ~]# kubectl apply -f admin-user.yaml 
serviceaccount/admin-user created
clusterrolebinding.rbac.authorization.k8s.io/admin-user created

 

 获取用户密钥

[root@master1 ~]# kubectl -n kubernetes-dashboard create token admin-user
eyJhbGciOiJSUzI1NiIsImtpZCI6Im1Zem1JeFFGVTY3VzhZME9SV1FoeFh6RzFmVUpOU1FiMUxTYm1zTkhYd1kifQ.eyJhdWQiOlsiaHR0cHM6Ly9
rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNjk4MDU0Njk2LCJpYXQiOjE2OTgwNTEwOTYsImlzcyI6Imh0dHBzOi
8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2F
yZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbi11c2VyIiwidWlkIjoiM2E1Yjc1ZDAtM2M1OC00MjE0LTk0N2MtODE4YTMxNmRlZTQxIn19
LCJuYmYiOjE2OTgwNTEwOTYsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDphZG1pbi11c2VyIn0.z49jKziG_v
wiXQy5gJrrjhABzE6Vd7n8tlh8n--onLzkR0m2J2M891Hiys7Kf-XThrWxrVUd0dKq1nosL37YmkDPslgYZ2bEMAL9ujvZBkJyRL9QqG_KOp5nHV-8kGPM
2ekAhO5m-hgK2htqtu5IPvQ3yGnVAVIOLXo2_BT1MnB3jq5U_qPjOUjpQLrFDKjhGdrTJeBRMukwTIRQY6bUy_DOwzbh7dCKiaYr9CHmLGiYpRsfQKqXt4L
7lrWzBYeaKGTESbzMVX-9JHyLEwMm-ZZrzudTqL7MZjUjuoX78AvxRm5zEIlqts6Or1fG8IJmWCeO9OBu1FND-90ZdE_0Xg

 

 

复制并使用 token 登陆

 

 

第二种dashboard

第三方dashboard安装  官方:https://kuboard.cn/

1.安装kuboard

sudo docker run -d \
  --restart=unless-stopped \
  --name=kuboard \
  -p 80:80/tcp \
  -p 10081:10081/tcp \
  -e KUBOARD_ENDPOINT="http://192.168.181.110:80" \       
  -e KUBOARD_AGENT_SERVER_TCP_PORT="10081" \
  -v /root/kuboard-data:/data \
  swr.cn-east-2.myhuaweicloud.com/kuboard/kuboard:v3

 

 

kuboard已启动

 

 

 

登陆大写

https://IP:30088

 

 

Kuboard管理界面

 

 添加kss集群,选用以下内容

 

 

posted @ 2022-02-21 03:56  小小一兆  阅读(730)  评论(0编辑  收藏  举报