其他分享
首页 > 其他分享> > kubernetes 之dashboard

kubernetes 之dashboard

作者:互联网

部署

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.0/aio/deploy/recommended.yaml


[machangwei@mcwk8s-master ~]$ kubectl apply -f recommended.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
[machangwei@mcwk8s-master ~]$ kubectl get pod  --namespace=kubernetes-dashboard
NAME                                         READY   STATUS    RESTARTS   AGE
dashboard-metrics-scraper-799d786dbf-kmxqs   1/1     Running   0          4m14s
kubernetes-dashboard-546cbc58cd-292lp        1/1     Running   0          4m15s
[machangwei@mcwk8s-master ~]$ kubectl get service  --namespace=kubernetes-dashboard
NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE
dashboard-metrics-scraper   ClusterIP   10.106.156.251   <none>        8000/TCP   4m26s
kubernetes-dashboard        ClusterIP   10.103.171.207   <none>        443/TCP    4m28s
[machangwei@mcwk8s-master ~]$ kubectl get deployment  --namespace=kubernetes-dashboard
NAME                        READY   UP-TO-DATE   AVAILABLE   AGE
dashboard-metrics-scraper   1/1     1            1           4m50s
kubernetes-dashboard        1/1     1            1           4m52s


将部署配置文件kubernetes-dashboard这个service修改为NodePort类型,这里没有,直接添加
kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  ports:
    - port: 443
      targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard
  type: NodePort
[machangwei@mcwk8s-master ~]$ vim recommended.yaml 
[machangwei@mcwk8s-master ~]$ kubectl apply -f recommended.yaml
namespace/kubernetes-dashboard unchanged
serviceaccount/kubernetes-dashboard unchanged
service/kubernetes-dashboard configured
secret/kubernetes-dashboard-certs unchanged
secret/kubernetes-dashboard-csrf configured
Warning: resource secrets/kubernetes-dashboard-key-holder is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by kubectl apply. kubectl apply should only be used on resources created declaratively by either kubectl create --save-config or kubectl apply. The missing annotation will be patched automatically.
secret/kubernetes-dashboard-key-holder configured
configmap/kubernetes-dashboard-settings unchanged
role.rbac.authorization.k8s.io/kubernetes-dashboard unchanged
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard unchanged
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard unchanged
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard unchanged
deployment.apps/kubernetes-dashboard unchanged
service/dashboard-metrics-scraper unchanged
deployment.apps/dashboard-metrics-scraper unchanged
[machangwei@mcwk8s-master ~]$ kubectl get service  --namespace=kubernetes-dashboard
NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.106.156.251   <none>        8000/TCP        11m
kubernetes-dashboard        NodePort    10.103.171.207   <none>        443:30766/TCP   11m
[machangwei@mcwk8s-master ~]$ kubectl get pod  --namespace=kubernetes-dashboard
NAME                                         READY   STATUS    RESTARTS   AGE
dashboard-metrics-scraper-799d786dbf-kmxqs   1/1     Running   0          11m
kubernetes-dashboard-546cbc58cd-292lp        1/1     Running   0          11m
[machangwei@mcwk8s-master ~]$ kubectl get pod  --namespace=kubernetes-dashboard -o wide
NAME                                         READY   STATUS    RESTARTS   AGE   IP           NODE           NOMINATED NODE   READINESS GATES
dashboard-metrics-scraper-799d786dbf-kmxqs   1/1     Running   0          11m   10.244.1.2   mcwk8s-node1   <none>           <none>
kubernetes-dashboard-546cbc58cd-292lp        1/1     Running   0          11m   10.244.2.2   mcwk8s-node2   <none>           <none>
[machangwei@mcwk8s-master ~]$

由上可知,访问地址是:https://10.0.0.6:30766/  或者是.4 .5的ip也行

mcwk8s-node2  10.0.0.6   

页面访问

 

 需要使用token,如果没有创建账号和secret的话,

可以创建账号,这里其实部署的时候已经创建好了

[machangwei@mcwk8s-master ~]$ cat rolebd.yaml 
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: kubernetes-dashboard
  labels:
    k8s-app: kubernetes-dashboard
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: Cluster-admin
subjects:
- kind: ServiceAccount
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
[machangwei@mcwk8s-master ~]$

 

[machangwei@mcwk8s-master ~]$ kubectl get  secret   --namespace=kubernetes-dashboard #查看它的secret
NAME                               TYPE                                  DATA   AGE
default-token-jv99x                kubernetes.io/service-account-token   3      58m
kubernetes-dashboard-certs         Opaque                                0      58m
kubernetes-dashboard-csrf          Opaque                                1      58m
kubernetes-dashboard-key-holder    Opaque                                2      58m
kubernetes-dashboard-token-bszwp   kubernetes.io/service-account-token   3      58m
[machangwei@mcwk8s-master ~]$ kubectl describe   secret  kubernetes-dashboard-token-bszwp  --namespace=kubernetes-dashboard  #查看dashboard的token的详情
Name:         kubernetes-dashboard-token-bszwp
Namespace:    kubernetes-dashboard
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: kubernetes-dashboard
              kubernetes.io/service-account.uid: 2fdc3d0f-3d90-4231-be4b-408af9bc8b02

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1099 bytes
namespace:  20 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6InVZcVJ4N09mRTZMMWRYWThlTkY3T01JMFBrdnA3emhOTW1kMXpsVzFZUGMifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi1ic3p3cCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjJmZGMzZDBmLTNkOTAtNDIzMS1iZTRiLTQwOGFmOWJjOGIwMiIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.jZZRCvgQVUc_xS2R4hABNqmQ2DeU8DxXChihQ3gg-d7QmhPrqX8iSlijLwbAwPfZh8X8OArmZy6Fi2ijHpERvkSCXsQGKOrPpVtrlNURUhGwo4MNNEvxqjdbE2llDRLZm7Vdshf5GKiJpbrLjlLMx0KpUOYfaLG6Sv3macXzOmW39W-Hj9KflsvT_Zo4B5J36wsaI7d_Wex4pO6MPwJJUnoQ1bLHuPs8rRar5U_UAowDz78gWum42H_2NkD7IRkAL7b8UD-CaN9j2nVadnChRGes_nBELcP1EpPm-VCdxidkTKfzukL7EsqsifxUedTchzjDzl4AKDgGk3BeT_BJYg
[machangwei@mcwk8s-master ~]$  #直接复制上面token的值粘贴到输入token的框中,点击登录进入

 

 

 

 

 

 刚刚的操作这里有提示:

 

 右边可以创建资源,左边这个可以选择命名空间

 

 点一点又出来了,貌似没有权限把,额好像是没资源的提示

 

 添加一个,并上传

 

 还真是没有权限呀

 

标签:kubectl,kubernetes,created,dashboard,io,mcwk8s
来源: https://www.cnblogs.com/machangwei-8/p/15921415.html