墻內(nèi)kubernetes v1.15 體驗--3:dashboard部署

在前兩篇的基礎上,我們繼續(xù)基于Kubernetes搭建dashboard及應用服務。

安裝kubernetes dashboard

首先還是老套路,下載依賴鏡像:

docker pull gcr.azk8s.cn/google_containers/kubernetes-dashboard-amd64:v1.10.1

docker tag gcr.azk8s.cn/google_containers/kubernetes-dashboard-amd64:v1.10.1 k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1

docker rmi gcr.azk8s.cn/google_containers/kubernetes-dashboard-amd64:v1.10.1
  • 下載kubernetes-dashboard.yaml文件:
wget [https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml](https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml)
  • 修改 kubernetes-dashboard.yaml
    kubernetes的service默認的網(wǎng)絡模型是CLUSTER-IP,也就是暴露在service的網(wǎng)絡內(nèi),這里我們改成暴露在master機器的IP上。我們在targetPort后面添加兩行,分別指定dashboard以NodePort的方式暴露在哪個端口,端口記得限制只能在31000-33000之間,這里我們選擇了32001端口。
spec:
  ports:
    - port: 443
      targetPort: 8443
      nodePort: 32001
  type: NodePort
  • 安裝kubernetes dashboard
kubectl apply -f kubernetes-dashboard.yaml
  • 查看dashboard運行狀態(tài)
# kubectl get deployment kubernetes-dashboard -n kube-system
NAME                   READY   UP-TO-DATE   AVAILABLE   AGE
kubernetes-dashboard   1/1     1            1           25h
  • 查看kube-system這個namespace下的服務運行狀態(tài):
# kubectl get services -n kube-system
NAME                   TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                  AGE
kube-dns               ClusterIP   10.96.0.10      <none>        53/UDP,53/TCP,9153/TCP   28h
kubernetes-dashboard   NodePort    10.109.142.27   <none>        443:32001/TCP            25h
  • 查看端口暴露情況
# netstat -ntlp|grep 32001
tcp6       0      0 :::32001                :::*                    LISTEN      3741/kube-proxy

  • 通過virtualbox暴露網(wǎng)絡


    端口轉(zhuǎn)發(fā)

  • 訪問dashboard
    輸入: http://127.0.0.1:32001 訪問dashboard:


    image.png

    至此安裝完成。

創(chuàng)建用戶

## 創(chuàng)建用戶
# kubectl create serviceaccount  kaka -n kube-system
serviceaccount/kaka created
## 為用戶授權(quán)cluster-admin角色
# kubectl create clusterrolebinding kaka --clusterrole=cluster-admin --serviceaccount=kube-system:kaka
clusterrolebinding.rbac.authorization.k8s.io/kaka created
## 查看訪問Dashboard的令牌
# kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/kaka/{print $1}')
Name:         kaka-token-cfk4x
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: kaka
              kubernetes.io/service-account.uid: 44a30976-35b5-402c-a0dd-627432c01dc1

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1025 bytes
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJ
uZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXM
uaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrYWthLXRva2VuLWNmazR4Iiwia3ViZXJuZXR
lcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6Imtha2EiLCJrdWJlcm5ldGVz
LmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiI0NGEzMDk3Ni0zNWI1LTQwM
mMtYTBkZC02Mjc0MzJjMDFkYzEiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0Z
W06a2FrYSJ9.QM40KH3MsSmIZPIhdCVB744brQ-rxZoecnyG8dZ5s13WDAksf0ITrkXg-
ljHNORpszvDhJyx682i7z3ikqx2b8GKoNDHIrwuA6xVDZIJfQX3BioRoPcU_ENu-qaEQ24LlXbdy7-
hGeVpmpaBXNerjpamhgL9hMOJX2vOYSUZeW8AtR5KPIaRtThvw1ENQbI0Uj7sGJ5Wq1I7sfaKtbcEQ
LhGLToisqMGCGt8KZhnDN82f8B3DRfw3iyT5LLiQbIUH4a5lL8p5v3IK-
osIWaegnI4bqRWADrCmZglOMnjNYikL13_PGQPhFLsjQAgmoiLiZR5WFmYguoArkMjSDwb9g

將token復制粘貼到儀表板的令牌里,點擊登錄,進入管理頁面:


dashboard主頁

至此dashboard安裝配置完成。

?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時請結(jié)合常識與多方信息審慎甄別。
平臺聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點,簡書系信息發(fā)布平臺,僅提供信息存儲服務。

相關閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容