联网配置
上一次使用VirtualBox 创建3台虚拟机 发现其中2台不能联网
需要创建3个nat网络

net网络.png

并且修改虚拟机 ip自动获取 也可以手动指定
ONBOOT=no为ONBOOT=yes

1： 安装docker
yum install -y docker

2. 修改 /etc/docker/daemon.json 文件并添加上 registry-mirrors 键值
   {
   "registry-mirrors": ["https://registry.docker-cn.com"]
   }
3. 启动并测试
   sudo systemctl start docker

设置docker自启动

systemctl enable docker
sudo docker run hello-world

4. 安装 etcd
   sudo yum install etcd -y

5. kubectl安装 使用国内镜像源安装
   curl -LO https://kstarter-cn-hangzhou.oss-cn-hangzhou.aliyuncs.com/kubectl/kubectl/linux/amd64/kubectl
   chmod +x ./kubectl
   sudo mv ./kubectl /usr/local/bin/kubectl
   kubectl --help

6. 安装kind

curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.8.1/kind-linux-amd64
chmod +x ./kind
mv kind /usr/sbin/kind
查看版本
kind version

创建第一个节点
kind create cluster --nam yourname
查看节点
kind get clusters
删除节点
kind delete yournode

7. 安装 Kubernetes Dashboard 2种方式
8. kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta5/aio/deploy/recommended.yaml
9. kubectl apply -f https://kuboard.cn/install-script/k8s-dashboard/v2.0.0-beta5.yaml

创建 Service Account 和 ClusterRoleBinding

使用 kubeadm 安装集群时，默认创建了 ClusterRole cluster-admin。此时我们可以直接为刚才的 ServiceAccount 创建 ClusterRoleBinding。

apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard

---

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:

• kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

执行如下命令可创建 ServiceAccount 和 ClusterRoleBinding

kubectl apply -f https://kuboard.cn/install-script/k8s-dashboard/auth.yaml

获取Bearer Token

执行命令：

kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')

输出信息如下所示：

Name: admin-user-token-m9x8g
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: kubernetes.io/service-account.name: admin-user
kubernetes.io/service-account.uid: bb70b924-b0d2-4007-a65a-870798b66518

Type: kubernetes.io/service-account-token

Data

ca.crt: 1025 bytes
namespace: 20 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6InRXZXVOcmhqaUVzUHc0VlBac2xHMnVqbGNoRGhFN05hN0NvaUZRV0I1OWcifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLW05eDhnIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJiYjcwYjkyNC1iMGQyLTQwMDctYTY1YS04NzA3OThiNjY1MTgiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.jookLCTZvunnSHV4O0TXlRrcC3ZBFddZ1lv6HQcd-8ShYzgtOnVZGwEDywmR5RC1aPQ-yLYb_Dqsc9P7wltDE-6L2TPUmpcv60sDHp4ma_HuR8AiE0ctymFauJV4mplg4ruByC3Nf5BHtUM78fOkHTnkcgjKRcZSrZvCXzAHJ6mZDX4-3lKvJGclQD-4RPepduK2ETWlDoD4xfPkpPj5qcqS2IFlZ55sbXomtPecimDh6XaKWBOgC0xsrGanKLlteg0Y7Aku4HU0B0RbdBsrrkgzI9w1UUvyArtb7xvoeuEHvOxxl63t93gknuFGJLhTfpJkc15EvvZ0hAm-MiqWyw

执行 kubectl proxy 命令

您必须能够在自己的笔记本（工作电脑）上运行 kubectl 并访问您的集群。可参考文档 安装Kubectl

由于证书问题，我们使用代理的方式来访问
kubectl proxy --address='0.0.0.0'
然后访问：http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login