kubernetes1.5.2--部署dashboard服务
本文基于kubernetes 1.5.2版本编写
使用http方式访问api server的部署
cat dashboard-controller.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
name: kubernetes-dashboard
namespace: kube-system
selfLink: /apis/extensions/v1beta1/namespaces/kube-system/deployments/kubernetes-dashboard
spec:
replicas: 1
selector:
matchLabels:
k8s-app: kubernetes-dashboard
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
spec:
containers:
- args:
- --apiserver-host=http://192.168.20.128:8080
image: docker.io/googlecontainer/kubernetes-dashboard-amd64:v1.6.1
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /
port: 9090
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 30
name: kubernetes-dashboard
ports:
- containerPort: 9090
protocol: TCP
resources:
limits:
cpu: 100m
memory: 50Mi
requests:
cpu: 100m
memory: 50Mi
dnsPolicy: ClusterFirst
restartPolicy: Always
使用https访问api server部署
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
spec:
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
spec:
containers:
- name: kubernetes-dashboard
image: docker.io/googlecontainer/kubernetes-dashboard-amd64:v1.6.1
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: 100m
memory: 512Mi
requests:
cpu: 100m
memory: 128Mi
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
ports:
- containerPort: 9090
args:
- --apiserver-host=https://192.168.20.128:6443
- --kubeconfig=/etc/kubernetes/kubelet-config
volumeMounts:
- name: config
mountPath: /etc/kubernetes/kubelet-config
readOnly: True
- name: certs
mountPath: /etc/ssl/kube
readOnly: True
volumes:
- name: certs
hostPath:
path: /etc/ssl/kube
- name: config
hostPath:
path: /etc/kubernetes/kubelet-config
service
cat dashboard-service.yaml
apiVersion: v1
kind: Service
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
spec:
selector:
k8s-app: kubernetes-dashboard
ports:
- port: 80
targetPort: 9090
kubectl create -f dashboard-controller.yaml kubectl create -f dashboard-service.yaml
访问地址
http:http://192.168.20.128:8080/ui
https:https://192.168.20.128:6443/ui
如果API Server配置文件中没有配置登陆账号和密码(--basic-auth-file=/etc/kubernetes/useraccount.csv),登陆失败; 如果配置了,账号和密码为/etc/kubernetes/useraccount.csv任意中的一个