k8s Kubernetes Dashboard 安装与使用
https://github.com/kubernetes/dashboard
https://developer.aliyun.com/article/745086
https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md
https://kubernetes.io/zh-cn/docs/tasks/access-application-cluster/web-ui-dashboard/
Kubernetes Dashboard是Kubernetes集群的Web UI,用户可以通过Dashboard进行管理集群内所有资源对象,
例如查看资源对象的运行情况,部署新的资源对象,伸缩Deployment中的Pod数量等等一系列操作。
1. 应用官方的DashBoard模板
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml
root@master01 ~]# kubectl get all -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
pod/dashboard-metrics-scraper-6f669b9c9b-xm7bz 1/1 Running 0 6d21h
pod/kubernetes-dashboard-758765f476-mjxgn 1/1 Running 2 (7d ago) 9d
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/dashboard-metrics-scraper ClusterIP 10.96.23.39 <none> 8000/TCP 17d
service/kubernetes-dashboard NodePort 10.103.53.197 <none> 443:30140/TCP 17d
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/dashboard-metrics-scraper 1/1 1 1 17d
deployment.apps/kubernetes-dashboard 1/1 1 1 17d
NAME DESIRED CURRENT READY AGE
replicaset.apps/dashboard-metrics-scraper-6f669b9c9b 1 1 1 9d
replicaset.apps/dashboard-metrics-scraper-799d786dbf 0 0 0 17d
replicaset.apps/dashboard-metrics-scraper-8464848978 0 0 0 17d
replicaset.apps/dashboard-metrics-scraper-c698c976 0 0 0 17d
replicaset.apps/kubernetes-dashboard-586c4d5d55 0 0 0 17d
replicaset.apps/kubernetes-dashboard-758765f476 1 1 1 9d
replicaset.apps/kubernetes-dashboard-8464598564 0 0 0 17d
replicaset.apps/kubernetes-dashboard-fb8648fd9 0 0 0 17d
kubectl edit service kubernetes-dashboard -n kubernetes-dashboard
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
type: NodePort
ports:
- port: 443
targetPort: 8443
nodePort: 30001
selector:
k8s-app: kubernetes-dashboard
4. 创建Service Account 及 ClusterRoleBinding
vim auth.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard
kubectl apply -f auth.yaml
二、获取访问 Kubernetes Dashboard所需的 Token
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')
三、访问DashBoard UI
浏览器访问https://NodeIP:Port,并输入Token
由于Kubernetes与DashBoard版本不是一一对应的,对于部署前需要提前确认版本之间的兼容性。
“√” 表示 完全支持的版本范围。
“?” 表示 由于Kubernetes API版本之间的重大更改,某些功能可能无法在仪表板中正常使用。