美文网首页
墙内kubernetes v1.15 体验--3:dashboa

墙内kubernetes v1.15 体验--3:dashboa

作者: chen_kaka | 来源:发表于2019-08-12 20:26 被阅读0次

在前两篇的基础上,我们继续基于Kubernetes搭建dashboard及应用服务。

安装kubernetes dashboard

首先还是老套路,下载依赖镜像:

docker pull gcr.azk8s.cn/google_containers/kubernetes-dashboard-amd64:v1.10.1

docker tag gcr.azk8s.cn/google_containers/kubernetes-dashboard-amd64:v1.10.1 k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1

docker rmi gcr.azk8s.cn/google_containers/kubernetes-dashboard-amd64:v1.10.1

  • 下载kubernetes-dashboard.yaml文件:
wget [https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml](https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml)
  • 修改 kubernetes-dashboard.yaml
    kubernetes的service默认的网络模型是CLUSTER-IP,也就是暴露在service的网络内,这里我们改成暴露在master机器的IP上。我们在targetPort后面添加两行,分别指定dashboard以NodePort的方式暴露在哪个端口,端口记得限制只能在31000-33000之间,这里我们选择了32001端口。
spec:
  ports:
    - port: 443
      targetPort: 8443
      nodePort: 32001
  type: NodePort
  • 安装kubernetes dashboard
kubectl apply -f kubernetes-dashboard.yaml
  • 查看dashboard运行状态
# kubectl get deployment kubernetes-dashboard -n kube-system
NAME                   READY   UP-TO-DATE   AVAILABLE   AGE
kubernetes-dashboard   1/1     1            1           25h
  • 查看kube-system这个namespace下的服务运行状态:
# kubectl get services -n kube-system
NAME                   TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                  AGE
kube-dns               ClusterIP   10.96.0.10      <none>        53/UDP,53/TCP,9153/TCP   28h
kubernetes-dashboard   NodePort    10.109.142.27   <none>        443:32001/TCP            25h
  • 查看端口暴露情况
# netstat -ntlp|grep 32001
tcp6       0      0 :::32001                :::*                    LISTEN      3741/kube-proxy
  • 通过virtualbox暴露网络


    端口转发
  • 访问dashboard
    输入: http://127.0.0.1:32001 访问dashboard:


    image.png

    至此安装完成。

创建用户

## 创建用户
# kubectl create serviceaccount  kaka -n kube-system
serviceaccount/kaka created
## 为用户授权cluster-admin角色
# kubectl create clusterrolebinding kaka --clusterrole=cluster-admin --serviceaccount=kube-system:kaka
clusterrolebinding.rbac.authorization.k8s.io/kaka created
## 查看访问Dashboard的令牌
# kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/kaka/{print $1}')
Name:         kaka-token-cfk4x
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: kaka
              kubernetes.io/service-account.uid: 44a30976-35b5-402c-a0dd-627432c01dc1

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1025 bytes
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJ
uZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXM
uaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrYWthLXRva2VuLWNmazR4Iiwia3ViZXJuZXR
lcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6Imtha2EiLCJrdWJlcm5ldGVz
LmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiI0NGEzMDk3Ni0zNWI1LTQwM
mMtYTBkZC02Mjc0MzJjMDFkYzEiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0Z
W06a2FrYSJ9.QM40KH3MsSmIZPIhdCVB744brQ-rxZoecnyG8dZ5s13WDAksf0ITrkXg-
ljHNORpszvDhJyx682i7z3ikqx2b8GKoNDHIrwuA6xVDZIJfQX3BioRoPcU_ENu-qaEQ24LlXbdy7-
hGeVpmpaBXNerjpamhgL9hMOJX2vOYSUZeW8AtR5KPIaRtThvw1ENQbI0Uj7sGJ5Wq1I7sfaKtbcEQ
LhGLToisqMGCGt8KZhnDN82f8B3DRfw3iyT5LLiQbIUH4a5lL8p5v3IK-
osIWaegnI4bqRWADrCmZglOMnjNYikL13_PGQPhFLsjQAgmoiLiZR5WFmYguoArkMjSDwb9g

将token复制粘贴到仪表板的令牌里,点击登录,进入管理页面:


dashboard主页

至此dashboard安装配置完成。

相关文章

网友评论

      本文标题:墙内kubernetes v1.15 体验--3:dashboa

      本文链接:https://www.haomeiwen.com/subject/oyjpjctx.html