Kubernetes 部署Web UI (Dashboard)
Kubernetes 部署Web UI (Dashboard)
项目下载地址:https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/dashboard
相关文件说明
# UI存放的配置信息 dashboard-configmap.yaml # UI的控制器 dashboard-controller.yaml # 授权文件 dashboard-rbac.yaml # 存放铭感数据信息 dashboard-secret.yaml # 将UI暴露 dashboard-service.yaml
1、解压k8s目录中的压缩文件、进入指定目录
tar -xvzf /root/k8s/kubernetes/kubernetes-src.tar.gz
cd cluster/addons/dashboard/
2、修改dashboard-controller.yaml配置文件中的镜像
- 镜像搜索地址推荐:https://promotion.aliyun.com/ntms/act/kubernetes.html
vim dashboard-controller.yaml
# 默认地址无法访问需要修改地址 - name: kubernetes-dashboard image: registry.cn-hangzhou.aliyuncs.com/kubernete/kubernetes-dashboard-amd64:v1.10.0
3、Master 端 k8s 创建配置文件中的配置
kubectl create -f dashboard-configmap.yaml kubectl create -f dashboard-rbac.yaml kubectl create -f dashboard-secret.yaml kubectl create -f dashboard-controller.yaml
4、查看创建进项
NAME READY STATUS RESTARTS AGE
kubernetes-dashboard-75584d7f6f-fpdhp 1/1 Running 0 21s
5、查看日志详情
2019/08/08 05:28:43 Starting overwatch 2019/08/08 05:28:43 Using in-cluster config to connect to apiserver 2019/08/08 05:28:43 Using service account token for csrf signing 2019/08/08 05:28:43 No request provided. Skipping authorization
6、修改 service 配置文件添加网络
apiVersion: v1 kind: Service metadata: name: kubernetes-dashboard namespace: kube-system labels: k8s-app: kubernetes-dashboard kubernetes.io/cluster-service: "true" addonmanager.kubernetes.io/mode: Reconcile spec: # 添加 NodePort 使service可访问 type: NodePort selector: k8s-app: kubernetes-dashboard ports: - port: 443 targetPort: 8443
7、创建 service 服务
kubectl create -f dashboard-service.yaml
8、查看创建信息
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes-dashboard NodePort 10.0.0.162 <none> 443:42487/TCP 46s
9、测试访问。使用Node节点外网IP
火狐:https://47.99.164.47:42487/#!/login
10、创建 k8s-admin.yaml 文件、创建管理绑定指定用户到cluster-admin
apiVersion: v1 kind: ServiceAccount metadata: name: dashboard-admin namespace: kube-system --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: dashboard-admin subjects: - kind: ServiceAccount name: dashboard-admin namespace: kube-system roleRef: kind: ClusterRole name: cluster-admin apiGroup: rbac.authorization.k8s.io
11、创建生成yaml文件中的服务
kubectl create -f k8s-admin.yaml
12、查看产生的 token 结果
NAME TYPE DA dashboard-admin-token-xhw6x kubernetes.io/service-account-token 3 default-token-zk7jr kubernetes.io/service-account-token 3 kubernetes-dashboard-certs Opaque 0 kubernetes-dashboard-key-holder Opaque 2 kubernetes-dashboard-token-xxwd9 kubernetes.io/service-account-token
13、复制下方token输出值、复制到网站 Kubernetes 仪表板中令牌
kubectl describe secret dashboard-admin-token-xhw6x -n kube-system
Name: dashboard-admin-token-xhw6x Namespace: kube-system Labels: <none> Annotations: kubernetes.io/service-account.name: dashboard-admin kubernetes.io/service-account.uid: 986e8ba8-b9a2-11e9-b85b-00163e088172 Type: kubernetes.io/service-account-token Data ==== token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4teGh3NngiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiOTg2ZThiYTgtYjlhMi0xMWU5LWI4NWItMDAxNjNlMDg4MTcyIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.iNshqwHJwKwVfuHDSsitxUgS8_zOo_rfCWi3wguCg3vVRu5RH1hamW-kiidAyVDnPNams3K8QzL4fqxDpbtCXa8c5aUFlDeP45j6bYYEP2huiLFDC-Pg3NUmSa5uxPxnVQPWNLen43WMwkQ1pX_lMD6uT9QRdQHZ7aSQQRJM5DEPaZipUACKNVZH4HDKLnE2vmB_zfQ2Ra2ZpOjkFcHhgywqreZ9a1iv_QJU1_fPy6JkcRZaWnxh6KrZ_m7rjFWsxHwD3wejXvwVXdtkY5UxOwuRjl0hUzHyr9YpqqRuhoBvo7uhaJcZhWUlttD60g_n7zGalgSA5VAZR7zYsMGnmw ca.crt: 1359 bytes namespace: 11 byte
14、仪表盘中输入令牌
15、登录后显示输出内容
16、使用
K8S UI 使用比较简单 支持中文随便点击熟悉就可以。
