k8s 安装 kubernetes-dashboard-2.X

懂信帝
懂信帝 2022-09-27 09:40:25 51048
分类专栏: 资讯
  • 安装使用 k8s 原生的 web 图形化界面来对资源进行查看与管理
  • 在官网查看镜像版本
    Docker Hub
  • 所有工作节点拉取镜像
    docker pull kubernetesui/dashboard:v2.4.0
    docker pull kubernetesui/metrics-scraper:latest

  • 获取官方yaml
    Web 界面 (Dashboard) | Kubernetes
  • 编辑 yaml
    mv recommended.yaml kubernetes-dashboard.yaml
    vim kubernetes-dashboard.yaml 
    1.  Copyright 2017 The Kubernetes Authors.
    3.  Licensed under the Apache License, Version 2.0 (the "License");
    4.  you may not use this file except in compliance with the License.
    5.  You may obtain a copy of the License at
    7.      http://www.apache.org/licenses/LICENSE-2.0
    9.  Unless required by applicable law or agreed to in writing, software
    10.  distributed under the License is distributed on an "AS IS" BASIS,
    11.  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12.  See the License for the specific language governing permissions and
    13.  limitations under the License.
    14.  
    15. apiVersion: v1
    16. kind: Namespace
    17. metadata:
    18.   name: kubernetes-dashboard
    19.  
    20. ---
    21.  
    22. apiVersion: v1
    23. kind: ServiceAccount
    24. metadata:
    25.   labels:
    26.     k8s-app: kubernetes-dashboard
    27.   name: kubernetes-dashboard
    28.   namespace: kubernetes-dashboard
    29.  
    30. ---
    31.  
    32. kind: Service
    33. apiVersion: v1
    34. metadata:
    35.   labels:
    36.     k8s-app: kubernetes-dashboard
    37.   name: kubernetes-dashboard
    38.   namespace: kubernetes-dashboard
    39. spec:
    40.   ports:
    41.     - port: 443
    42.       targetPort: 8443
    43.   selector:
    44.     k8s-app: kubernetes-dashboard
    45.   type: NodePort
    46.  
    47. ---
    48.  
    49. apiVersion: v1
    50. kind: Secret
    51. metadata:
    52.   labels:
    53.     k8s-app: kubernetes-dashboard
    54.   name: kubernetes-dashboard-certs
    55.   namespace: kubernetes-dashboard
    56. type: Opaque
    57.  
    58. ---
    59.  
    60. apiVersion: v1
    61. kind: Secret
    62. metadata:
    63.   labels:
    64.     k8s-app: kubernetes-dashboard
    65.   name: kubernetes-dashboard-csrf
    66.   namespace: kubernetes-dashboard
    67. type: Opaque
    68. data:
    69.   csrf: ""
    70.  
    71. ---
    72.  
    73. apiVersion: v1
    74. kind: Secret
    75. metadata:
    76.   labels:
    77.     k8s-app: kubernetes-dashboard
    78.   name: kubernetes-dashboard-key-holder
    79.   namespace: kubernetes-dashboard
    80. type: Opaque
    81.  
    82. ---
    83.  
    84. kind: ConfigMap
    85. apiVersion: v1
    86. metadata:
    87.   labels:
    88.     k8s-app: kubernetes-dashboard
    89.   name: kubernetes-dashboard-settings
    90.   namespace: kubernetes-dashboard
    91.  
    92. ---
    93.  
    94. kind: Role
    95. apiVersion: rbac.authorization.k8s.io/v1
    96. metadata:
    97.   labels:
    98.     k8s-app: kubernetes-dashboard
    99.   name: kubernetes-dashboard
    100.   namespace: kubernetes-dashboard
    101. rules:
    102.    Allow Dashboard to get, update and delete Dashboard exclusive secrets.
    103.   - apiGroups: [""]
    104.     resources: ["secrets"]
    105.     resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"]
    106.     verbs: ["get", "update", "delete"]
    107.      Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
    108.   - apiGroups: [""]
    109.     resources: ["configmaps"]
    110.     resourceNames: ["kubernetes-dashboard-settings"]
    111.     verbs: ["get", "update"]
    112.      Allow Dashboard to get metrics.
    113.   - apiGroups: [""]
    114.     resources: ["services"]
    115.     resourceNames: ["heapster", "dashboard-metrics-scraper"]
    116.     verbs: ["proxy"]
    117.   - apiGroups: [""]
    118.     resources: ["services/proxy"]
    119.     resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"]
    120.     verbs: ["get"]
    121.  
    122. ---
    123.  
    124. kind: ClusterRole
    125. apiVersion: rbac.authorization.k8s.io/v1
    126. metadata:
    127.   labels:
    128.     k8s-app: kubernetes-dashboard
    129.   name: kubernetes-dashboard
    130. rules:
    131.    Allow Metrics Scraper to get metrics from the Metrics server
    132.   - apiGroups: ["metrics.k8s.io"]
    133.     resources: ["pods", "nodes"]
    134.     verbs: ["get", "list", "watch"]
    135.  
    136. ---
    137.  
    138. apiVersion: rbac.authorization.k8s.io/v1
    139. kind: RoleBinding
    140. metadata:
    141.   labels:
    142.     k8s-app: kubernetes-dashboard
    143.   name: kubernetes-dashboard
    144.   namespace: kubernetes-dashboard
    145. roleRef:
    146.   apiGroup: rbac.authorization.k8s.io
    147.   kind: Role
    148.   name: kubernetes-dashboard
    149. subjects:
    150.   - kind: ServiceAccount
    151.     name: kubernetes-dashboard
    152.     namespace: kubernetes-dashboard
    153.  
    154. ---
    155.  
    156. apiVersion: rbac.authorization.k8s.io/v1
    157. kind: ClusterRoleBinding
    158. metadata:
    159.   name: kubernetes-dashboard
    160. roleRef:
    161.   apiGroup: rbac.authorization.k8s.io
    162.   kind: ClusterRole
    163.   name: kubernetes-dashboard
    164. subjects:
    165.   - kind: ServiceAccount
    166.     name: kubernetes-dashboard
    167.     namespace: kubernetes-dashboard
    168.  
    169. ---
    170.  
    171. kind: Deployment
    172. apiVersion: apps/v1
    173. metadata:
    174.   labels:
    175.     k8s-app: kubernetes-dashboard
    176.   name: kubernetes-dashboard
    177.   namespace: kubernetes-dashboard
    178. spec:
    179.   replicas: 1
    180.   revisionHistoryLimit: 10
    181.   selector:
    182.     matchLabels:
    183.       k8s-app: kubernetes-dashboard
    184.   template:
    185.     metadata:
    186.       labels:
    187.         k8s-app: kubernetes-dashboard
    188.     spec:
    189.       containers:
    190.         - name: kubernetes-dashboard
    191.           image: kubernetesui/dashboard:v2.4.0
    192.           imagePullPolicy: IfNotPresent
    193.           ports:
    194.             - containerPort: 8443
    195.               protocol: TCP
    196.           args:
    197.             - --auto-generate-certificates
    198.             - --namespace=kubernetes-dashboard
    199.              Uncomment the following line to manually specify Kubernetes API server Host
    200.              If not specified, Dashboard will attempt to auto discover the API server and connect
    201.              to it. Uncomment only if the default does not work.
    202.              - --apiserver-host=http://my-address:port
    203.           volumeMounts:
    204.             - name: kubernetes-dashboard-certs
    205.               mountPath: /certs
    206.                Create on-disk volume to store exec logs
    207.             - mountPath: /tmp
    208.               name: tmp-volume
    209.           livenessProbe:
    210.             httpGet:
    211.               scheme: HTTPS
    212.               path: /
    213.               port: 8443
    214.             initialDelaySeconds: 30
    215.             timeoutSeconds: 30
    216.           securityContext:
    217.             allowPrivilegeEscalation: false
    218.             readOnlyRootFilesystem: true
    219.             runAsUser: 1001
    220.             runAsGroup: 2001
    221.       volumes:
    222.         - name: kubernetes-dashboard-certs
    223.           secret:
    224.             secretName: kubernetes-dashboard-certs
    225.         - name: tmp-volume
    226.           emptyDir: {}
    227.       serviceAccountName: kubernetes-dashboard
    228.       nodeSelector:
    229.         "beta.kubernetes.io/os": linux
    230.        Comment the following tolerations if Dashboard must not be deployed on master
    231.       tolerations:
    232.         - key: node-role.kubernetes.io/master
    233.           effect: NoSchedule
    234.  
    235. ---
    236.  
    237. kind: Service
    238. apiVersion: v1
    239. metadata:
    240.   labels:
    241.     k8s-app: dashboard-metrics-scraper
    242.   name: dashboard-metrics-scraper
    243.   namespace: kubernetes-dashboard
    244. spec:
    245.   ports:
    246.     - port: 8000
    247.       targetPort: 8000
    248.   selector:
    249.     k8s-app: dashboard-metrics-scraper
    250.  
    251. ---
    252.  
    253. kind: Deployment
    254. apiVersion: apps/v1
    255. metadata:
    256.   labels:
    257.     k8s-app: dashboard-metrics-scraper
    258.   name: dashboard-metrics-scraper
    259.   namespace: kubernetes-dashboard
    260. spec:
    261.   replicas: 1
    262.   revisionHistoryLimit: 10
    263.   selector:
    264.     matchLabels:
    265.       k8s-app: dashboard-metrics-scraper
    266.   template:
    267.     metadata:
    268.       labels:
    269.         k8s-app: dashboard-metrics-scraper
    270.       annotations:
    271.         seccomp.security.alpha.kubernetes.io/pod: 'runtime/default'
    272.     spec:
    273.       containers:
    274.         - name: dashboard-metrics-scraper
    275.           image: kubernetesui/metrics-scraper:latest
    276.           imagePullPolicy: IfNotPresent
    277.           ports:
    278.             - containerPort: 8000
    279.               protocol: TCP
    280.           livenessProbe:
    281.             httpGet:
    282.               scheme: HTTP
    283.               path: /
    284.               port: 8000
    285.             initialDelaySeconds: 30
    286.             timeoutSeconds: 30
    287.           volumeMounts:
    288.           - mountPath: /tmp
    289.             name: tmp-volume
    290.           securityContext:
    291.             allowPrivilegeEscalation: false
    292.             readOnlyRootFilesystem: true
    293.             runAsUser: 1001
    294.             runAsGroup: 2001
    295.       serviceAccountName: kubernetes-dashboard
    296.       nodeSelector:
    297.         "beta.kubernetes.io/os": linux
    298.        Comment the following tolerations if Dashboard must not be deployed on master
    299.       tolerations:
    300.         - key: node-role.kubernetes.io/master
    301.           effect: NoSchedule
    302.       volumes:
    303.         - name: tmp-volume
    304.           emptyDir: {}
  • kubectl apply -f kubernetes-dashboard.yaml

    打开浏览器访问:https://192.168.1.30:31168/

  • 通过管理员 Token 登陆 dashboard
    kubectl create clusterrolebinding dashboard-cluster-admin --clusterrole=cluster-admin --serviceaccount=kubernetes-dashboard:kubernetes-dashboard
    获取 token

    复制到 输入 token  处: 点登陆

网站声明:如果转载,请联系本站管理员。否则一切后果自行承担。

本文链接:https://www.xckfsq.com/news/show.html?id=10500
赞同 0
评论 0 条

相关文章

懂信帝
懂信帝L0
粉丝 0 发表 12 + 关注 私信
上周热门
如何使用 StarRocks 管理和优化数据湖中的数据?  2969
【软件正版化】软件正版化工作要点  2888
统信UOS试玩黑神话:悟空  2860
信刻光盘安全隔离与信息交换系统  2746
镜舟科技与中启乘数科技达成战略合作,共筑数据服务新生态  1280
grub引导程序无法找到指定设备和分区  1249
华为全联接大会2024丨软通动力分论坛精彩议程抢先看!  169
2024海洋能源产业融合发展论坛暨博览会同期活动-海洋能源与数字化智能化论坛成功举办  168
点击报名 | 京东2025校招进校行程预告  165
华为纯血鸿蒙正式版9月底见!但Mate 70的内情还得接着挖...  161
本周热议
我的信创开放社区兼职赚钱历程 40
今天你签到了吗? 27
信创开放社区邀请他人注册的具体步骤如下 15
如何玩转信创开放社区—从小白进阶到专家 15
方德桌面操作系统 14
我有15积分有什么用? 13
用抖音玩法闯信创开放社区——用平台宣传企业产品服务 13
如何让你先人一步获得悬赏问题信息?(创作者必看) 12
2024中国信创产业发展大会暨中国信息科技创新与应用博览会 9
中央国家机关政府采购中心:应当将CPU、操作系统符合安全可靠测评要求纳入采购需求 8
热门标签更多

加入交流群

请使用微信扫一扫!