Kubernetes部署Dashboard用户界面

Kubernetes部署Dashboard用户界面

Dashboard 是基于网页的 Kubernetes 用户界面。您可以使用 Dashboard 将容器应用部署到 Kubernetes 集群中,也可以对容器应用排错,还能管理集群本身及其附属资源。您可以使用 Dashboard 获取运行在集群中的应用的概览信息,也可以创建或者修改 Kubernetes 资源(如 Deployment,Job,DaemonSet 等等)。例如,您可以对 Deployment 实现弹性伸缩、发起滚动升级、重启 Pod 或者使用向导创建新的应用。

Kubernetes部署步骤

下载资源清单 如果下载不成功多试几次或则改下dns

[root@master1 ~]# wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.3.1/aio/deploy/recommended.yaml

安装部署 如果不成功 更改下镜像地址 利用阿里云做中转

[root@master1 ~]# kubectl apply -f recommended.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
....
....

修改Service kubernetes-dashboard 映射一个端口,用于外网访问

[root@master1 ~]# kubectl edit svc -n kubernetes-dashboard kubernetes-dashboard
spec:
  clusterIP: 10.96.93.138
  externalTrafficPolicy: Cluster
  ports:
  - nodePort: 47064
    port: 443
    protocol: TCP
    targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard
  sessionAffinity: None
  # type: ClusterIP   =>  type: NodePort
  type: NodePort

查看修改后的端口

[root@master1 ~]# kubectl get svc -n kubernetes-dashboard
NAME                        TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.96.104.63   <none>        8000/TCP        3h49m
kubernetes-dashboard        NodePort    10.96.93.138   <none>        443:47064/TCP   3h49m

查看部署状态以及部署资源

[root@master1 ~]# kubectl get -f recommended.yaml 
NAME                             STATUS   AGE
namespace/kubernetes-dashboard   Active   3h51m

NAME                                  SECRETS   AGE
serviceaccount/kubernetes-dashboard   1         3h51m

NAME                           TYPE       CLUSTER-IP     EXTERNAL-IP   PORT(S)         AGE
service/kubernetes-dashboard   NodePort   10.96.93.138   <none>        443:47064/TCP   3h51m

NAME                                     TYPE     DATA   AGE
secret/kubernetes-dashboard-certs        Opaque   0      3h51m
secret/kubernetes-dashboard-csrf         Opaque   1      3h51m
secret/kubernetes-dashboard-key-holder   Opaque   2      3h51m

NAME                                      DATA   AGE
configmap/kubernetes-dashboard-settings   0      3h51m

NAME                                                  CREATED AT
role.rbac.authorization.k8s.io/kubernetes-dashboard   2021-08-03T02:48:06Z

NAME                                                         CREATED AT
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard   2021-08-03T02:48:06Z

NAME                                                         ROLE                        AGE
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard   Role/kubernetes-dashboard   3h51m

NAME                                                                ROLE                               AGE
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard   ClusterRole/kubernetes-dashboard   3h51m

NAME                                   READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/kubernetes-dashboard   1/1     1            1           3h51m

NAME                                TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)    AGE
service/dashboard-metrics-scraper   ClusterIP   10.96.104.63   <none>        8000/TCP   3h51m

NAME                                        READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/dashboard-metrics-scraper   1/1     1            1           3h51m

创建token配置文件

[root@master1 ~]# vim token.yaml 

apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system

部署token到集群

[root@master1 ~]# kubectl apply -f token.yaml 
serviceaccount/admin-user created
clusterrolebinding.rbac.authorization.k8s.io/admin-user created

获取token

[root@master1 ~]# kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}') | grep token: | awk '{print $2}'
eyJhbGciOiJSUzI1NiIsImtpZCI6IkVrYkNBaEtYWHoteklLZy16NndXLXA4UUhULTZHLWktR08xTU5HaEU5aTAifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLWhmN3p0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJkNWFjNzZhMy05NDdlLTQ0NjUtYjk2ZS00MDcxN2I3ZGY1Y2YiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.YqEctVcddeW4_6hFCJHE_daCAO_CgxS06FgcLaJlubmbokXM647RfigPoq979pG8ZnLtzeuIIQWINQHBtbxqt0jyWaW6wTPUs0zhBAdI34CmXEY8O08iNEOpyyMC0rssLF-CzhVNhHsXi-b7gRzEIlf6ymEWBrajWEgOP5bsyMiX37XdkM9L-lOAiNGeuJx3216Zj5Nud1nXJyNZaQYeDiBHh_UNBn10MoxOmpsepwjCBz9YemGjTrCZ6MaZiV11PNEkn_OjY1bq8TvFWignb4cIud4ZnrS8up-mBgXI_cFGBr6uoMxXjMRXDNQgeQAxgM_Irvo6MZcWvaO7ufAoug

输入集群外网地址任意一个皆可进行访问

https://192.168.15.55:47064/#/login

页面登陆访问

登陆成功页面查看

posted @ 2021-08-03 14:59  nick_xm  阅读(229)  评论(0编辑  收藏  举报