k8s dashboard:v2.0.5

k8s Dashboard Github 主页:

https://github.com/kubernetes/dashboard

Dashboard 资源清单:

https://github.com/kubernetes/dashboard/tree/v1.10.0/src/deploy/recommended

使用版本:

dashboard     v2.0.5
Kubernetes    v1.19.14

下载dashboard images:

kubectl delete ns kubernetes-dashboard
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.5/aio/deploy/recommended.yaml

修改资源配置文件:

vim recommended.yaml

......
apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard

---

kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  type: NodePort                            # 新增此行, 默认是Cluster,改成Nodeport
  ports:
    - port: 443
      targetPort: 8443
      nodePort: 30001                       # 新增此行.固定端口号,如指定系统随机分配. 注意大小写
  selector:
    k8s-app: kubernetes-dashboard

......


kubectl apply -f recommended.yaml

创建认证用户和rbac.yaml:

vim dashboard-adminuser.yaml
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard
  
kubectl apply -f dashboard-adminuser.yaml

创建一个集群角色:

vim dashboard-ClusterRoleBinding.yaml
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard
  
kubectl apply -f dashboard-ClusterRoleBinding.yaml

获取token:

kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')

[root@k8s-master1 dashboard]# kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')
Name:         admin-user-token-mg8x4
Namespace:    kubernetes-dashboard
Labels:       
Annotations:  kubernetes.io/service-account.name: admin-user
              kubernetes.io/service-account.uid: d2c574ae-a140-4f2c-b1fb-47c027484d8c

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1066 bytes
namespace:  20 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6InFaOHY4ZEVSQTNqYUxUZ0MtaW9nM0M4S0hqZ2VmUmw4QkxCZzVjaktxSTQifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLW1nOHg0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJkMmM1NzRhZS1hMTQwLTRmMmMtYjFmYi00N2MwMjc0ODRkOGMiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.je4pE1t1qG5GcwPJ-uRqadO_1PGNQqv4pxrEhtFtcekk17ffv3rCO-3Bllul--y5MHc3iM96L67bwYHbRZtak6iutLJYEbMht5EfB9hGGISc1xxw6IFR6XuQeIA_no6VeY3BTeyCbvoqBwQnh1ohzKoMYwUX6EbjymSVTZQaz0iFacVO0mCYN5DtHpYVLRk8vPdevStnzKvRrMFzlGWUajX0wCP0zxDBc5KLYox1_ls1-WsF9-zp7_wPlPww6mvofdzAuSBRwVr-8OmkbddPM5oaHMhiMT27E9hr5tK2xEhTSjhHoaJbtfmP_L5DV7gydu3lHEs0ftsCWW9K6wduqQ

访问dashboard web 界面:


http://IP:30001

*** chrome 如果不能访问http的URL,可以改用火狐浏览器.

Docker+K8Sk8s

相关

SuperEdge 和 FabEdge 联合在边缘 K8s 集群支持原生 Service 云边互访和 PodIP 直通

k8s-调度亲和性和污点容忍、指定调度节点(nodeSelector)

在 k8s 中的 jenkins 集成 sonarqube 实现代码质量检查

k8s中的nginx-ingress如何配置路径重定向

k8s搭建手札-kubeadm

k8s的对象管理一(命令式与声明式API)

K8S集群etcd备份与恢复

理解 K8S Service

k8s部署

k8s-flannel

k8s-ingress(希望和悲伤,都是一缕光。总有一天,我们会再相遇。)

k8s创建mongodb复制集集群

标签