安裝部署 Kubernetes 儀表板(Dashboard)
2023-06-20 09:00:54
簡介
Kubernetes 儀表板(Dashboard)是基於網頁的 Kubernetes 使用者介面。 你可以使用儀表板:
- 展示了 Kubernetes 叢集中的資源狀態資訊和所有報錯資訊。
- 把容器應用部署到 Kubernetes 叢集中。
- 對容器應用排錯。
- 管理叢集資源。
- 獲取執行在叢集中的應用的概覽資訊。
- 建立或者修改 Kubernetes 資源 (比如:Deployment,Job,DaemonSet 等等)。
安裝
根據 Kubernetes 版本選擇 Kubernetes 儀表板的版本號,具體如下表:
| Kubernetes 版本 | Kubernetes 儀表板版本 |
|---|---|
| 1.17 | 2.0.0-rc7 |
| 1.18 | 2.0.3 |
| 1.19 | 2.0.5 |
| 1.20 | 2.3.1 |
| 1.21 | 2.4.0 |
| 1.23 | 2.5.1 |
| 1.24 | 2.6.0 |
執行如下命令安裝 Kubernetes 儀表板 2.6.0:
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.6.0/aio/deploy/recommended.yaml
輸出如下:
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
執行如下命令檢視Pod是否已啟動:
kubectl get pod -n kubernetes-dashboard
當我們看到狀態都為 Running 時,就說明已經啟動成功了,如下所示:
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-8c47d4b5d-l9wrz 1/1 Running 0 2m46s
kubernetes-dashboard-5676d8b865-p9qkp 1/1 Running 0 2m46s
存取
執行 kubectl proxy 命令後,就可以存取了,存取路徑:
http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
我們可以看到Kubernetes 儀表板的登入介面,如下圖:
文章持續更新,微信搜尋「萬貓學社」第一時間閱讀,關注後回覆「電子書」,免費獲取12本Java必讀技術書籍。
建立使用者
我們要建立一個名為 one-more-admin 的 ServiceAccount ,用來登入 Kubernetes 儀表板。然後再為這個 ServiceAccount 建立一個 Secret ,最後建立一個 ClusterRolebinding,將其繫結到 Kubernetes 叢集中預設初始化的 cluster-admin 這個 ClusterRole 上面。
把以下內容儲存為one-more-admin.yaml:
apiVersion: v1
kind: ServiceAccount
metadata:
name: one-more-admin
namespace: kubernetes-dashboard
---
apiVersion: v1
kind: Secret
metadata:
name: one-more-admin
namespace: kubernetes-dashboard
annotations:
kubernetes.io/service-account.name: one-more-admin
type: kubernetes.io/service-account-token
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: one-more-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: one-more-admin
namespace: kubernetes-dashboard
然後,執行以下命令建立:
kubectl apply -f one-more-admin.yaml
輸出如下:
serviceaccount/one-more-admin created
secret/one-more-admin created
clusterrolebinding.rbac.authorization.k8s.io/one-more-admin created
然後,執行以下命令獲取到 Token :
kubectl -n kubernetes-dashboard describe secret one-more-admin
輸出如下:
Name: one-more-admin
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: kubernetes.io/service-account.name: one-more-admin
kubernetes.io/service-account.uid: 7ce2bedd-b32f-4ec9-8e42-feb1a09b27e5
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1099 bytes
namespace: 20 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IkJnMDBqZFA1eE5DNV9GVXZWQm9Ramp3ZG5wVGFaUXEzRUd1UlU4QTFTbDQifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJvbmUtbW9yZS1hZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJvbmUtbW9yZS1hZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjdjZTJiZWRkLWIzMmYtNGVjOS04ZTQyLWZlYjFhMDliMjdlNSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDpvbmUtbW9yZS1hZG1pbiJ9.GAXznIvsWtNJR5EAXMQ2iCa5P3ERg4vZmMYi5E3EDZvaFLD2yltjCv5Ib9sEeMEZ1n9Us6ij6RJNYggl-DhiZL4v8PwDq7LVEBjgbctDn1tOk0mEyWtK3I7vDsvpmc6IXpwIkCUhK427aBBDtz1IjBLIhR070nHmT-SeIoyPKuHle7vOPxSl1gsqnhpWFvhRxvhn65uUqIpz6F2yzqRs1afbmbuyocXt-FRTnHzgf4PZkkB_OU0vC3EUnyjLb_qE8hdWMyluAwFzXoOBkQFektOfHd5ypzfSf2jncrSjWOw_0TJtHsv3OLG9qEzcJm4IiRqW_XUDF3n9DXwnX6zdgQ
把其中的 token 輸入到 Kubernetes 儀表板登入即可,如下圖:
微信公眾號:萬貓學社
微信掃描二維條碼
關注後回覆「電子書」
獲取12本Java必讀技術書籍
作者:萬貓學社
出處:http://www.cnblogs.com/heihaozi/
版權宣告:本文遵循 CC 4.0 BY-NC-SA 版權協定,轉載請附上原文出處連結和本宣告。
微信掃描二維條碼,關注萬貓學社,回覆「電子書」,免費獲取12本Java必讀技術書籍。
出處:http://www.cnblogs.com/heihaozi/
版權宣告:本文遵循 CC 4.0 BY-NC-SA 版權協定,轉載請附上原文出處連結和本宣告。
微信掃描二維條碼,關注萬貓學社,回覆「電子書」,免費獲取12本Java必讀技術書籍。