一个中年人
文章
122
标签
57
评论
1

一、下载kubernetes dashboard配置文件recommended.yaml

查看dashboard的github仓库:https://github.com/kubernetes/dashboard

image

根据服务器安装的kubernetes版本选择对应的dashboard版本,如果版本不对应的话,可能会发生各种问题。

如果是科学上网的话可以直接apply
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.4.0/aio/deploy/recommended.yaml

否则,在国内默认情况下,需要先下载配置文件,
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.4.0/aio/deploy/recommended.yaml
然后修改镜像地址,如下说明:

image: kubernetesui/dashboard:v2.4.0
改成
image: registry.aliyuncs.com/google_containers/dashboard:v2.4.0

image: kubernetesui/metrics-scraper:v1.0.7
改成
image: registry.aliyuncs.com/google_containers/metrics-scraper:v1.0.7

二、执行安装

kubectl apply -f recommended.yaml

查看Pod和服务状态: kubectl get pod,service -n kubernetes-dashboard
image-1670055520828

由于默认安装的kubernetes-dashboard是ClusterIP类型的,不方便直接通过浏览器访问,因此需要调整为NodePort类型的。

删除kubernetes dashboard服务
kubectl delete service kubernetes-dashboard --namespace=kubernetes-dashboard

image-1670055542154
创建dashboard-service.yml,内容如下:

kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  type: NodePort
  ports:
    - port: 443
      targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard

执行创建: kubectl apply -f dashboard-service.yml
查看状态:kubectl get service -n kubernetes-dashboard
image-1670055592391

从上面service的端口映射关系可以得知,对外映射的端口为32612,因此我们可以通过浏览器访问:
https://192.168.253.100:32612/
https://192.168.253.101:32612/
https://192.168.253.102:32612/

以上三个地址任意一个都是正常访问。
image-1670055616878

三、创建kubernetes dashboard访问Token

创建dashboard-account.yml文件,内容如下:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: dashboard-admin
  namespace: kube-system
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: dashboard-admin
subjects:
  - kind: ServiceAccount
    name: dashboard-admin
    namespace: kube-system
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io

执行账号的创建: kubectl apply -f dashboard-account.yml

获取token:
kubectl get secret -n kube-system |grep admin|awk ‘{print $1}’
image-1670055670338

kubectl describe secret dashboard-admin-token-2557b -n kube-system|grep ‘^token’|awk ‘{print $2}’
image-1670055697551
打印输出的字符串即为token

eyJhbGciOiJSUzI1NiIsImtpZCI6ImpDOFZNUGh0ejg0WWdLOUt4UTNNclM4NTQ2RlhwUWxBVXI4SV9fM012SmcifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tMjU1N2IiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiYWE0MThlOTAtOGNhNC00ZWY1LTlmZDEtYmE3ZDgxMTRlMzY0Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.X-d1ItdTi0As-7r-9kaseFq_LXNf1q5cXpdce_hlGnb5x5y1glMiSDoen4WXLz42-0Yo5XqAf4M_74We9UjgZkHm2gnrfuLypuH3L1CQr_goqn3S7Q6TS2zI0o8Y7D4zcMFatUKmhAIvLTB3KjF7YvYQyNakR1DV0TnA9IO74wqb-2qdZfTn0D_tnnXXvcTzaVROKKgDC-VL2Q0WKWF4uX72UB24Yo_VyWon18QvVWTsJ5LYVpK1ajucDLEdxf9oefjiiXqWjOt0d9rEmv59HVNnlaRPjn44GE9XeME6AOHHQKSj7bLz8IHG9VS9tHGw2HiensbeLMI6Q2R52LP9zg

打开浏览器输出dashboard访问地址
image-1670055744802

录入生成的token,点击【登录】按钮即可。
image-1670055772448

文章作者: 一个中年人
文章连结: /archives/kubernetes安装dashboard
版权声明: 本部落格所有文章除特别声明外,均採用 CC BY-NC-SA 4.0 许可协议。转载请註明来自 一个中年人
kubernetes
打赏
支付宝 微信
上一篇 下一篇