一、What is Dashboard ?上一章:基于K8S搭建Flink集群,轻松上手玩集群_LemonCoder呀的博客-CSDN博客_k8s安装flink
文章目录
- Dashboard 安装与使用
- 一、What is Dashboard ?
- 二、Kubernetes Dashboard 安装
- 1、通过官方模板创建dashboard容器
- 2、查看创建的容器状态
- 3、修改dashboard的service端口暴露模式为NodePort
- 4、 创建Service Account 及 ClusterRoleBinding
- 三、获取访问 Kubernetes Dashboard所需的 Token
- 1、token获取方式
- 2、kubeConfig生成方式
- 四、访问DashBoard UI
- 粘贴获取的token
二、Kubernetes Dashboard 安装 1、通过官方模板创建dashboard容器Kubernetes Dashboard是Kubernetes集群的Web UI,用户可以通过Dashboard进行管理集群内所有资源对象,例如查看资源对象的运行情况,部署新的资源对象,伸缩Deployment中的Pod数量等等一系列操作。
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml2、查看创建的容器状态
$ kubectl get deployment -n kuberenetes-dashboard $ kubectl get pods -n kuberenetes-dashboard3、修改dashboard的service端口暴露模式为NodePort
$ kubectl edit service kubernetes-dashboard -n kubernetes-dashboard
[root@k8s-master dashboard]# kubectl edit service kubernetes-dashboard -n kubernetes-dashboard
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: v1
kind: Service
metadata:
annotations:
# 添加暴露的端口
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"k8s-app":"kubernetes-dashboard"},"name":"kubernetes-dashboard","namespace":"kubernetes-dashboard"},"spec":{"ports":[{"nodePort":30009,"port":443,"targetPort":8443}],"selector":{"k8s-app":"kubernetes-dashboard"},"type":"NodePort"}}
creationTimestamp: "2022-05-10T06:51:23Z"
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
resourceVersion: "22566"
uid: 592e0ac4-c79e-4afe-a340-58f6450173d9
spec:
clusterIP: 10.1.214.46
clusterIPs:
- 10.1.214.46
externalTrafficPolicy: Cluster
internalTrafficPolicy: Cluster
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
ports:
# 添加暴露的端口
- nodePort: 30009
port: 443
protocol: TCP
targetPort: 8443
selector:
k8s-app: kubernetes-dashboard
sessionAffinity: None
# 修改模式
type: NodePort
status:
loadBalancer: {}
4、 创建Service Account 及 ClusterRoleBinding
# 创建一个yaml文件管理目录 $ mkdir -p /root/k8s/dashboard && cd /root/k8s/dashboard # 编写auth.yaml文件 $ cat << EOF >> auth.yaml apiVersion: v1 kind: ServiceAccount metadata: name: admin-user namespace: kubernetes-dashboard --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: admin-user roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: admin-user namespace: kubernetes-dashboard # 创建服务 $ kubectl apply -f auth.yaml三、获取访问 Kubernetes Dashboard所需的 Token 1、token获取方式
$ kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')
2、kubeConfig生成方式
# 获取token文件名
$ TOKEN_FILE=$(kubectl -n kubernetes-dashboard get secret | awk '/admin-user/{print $1}')
# 获取token
$ DASH_TOCKEN=$(kubectl -n kubernetes-dashboard get secrets $TOKEN_FILE -n kubernetes-dashboard -o jsonpath={.data.token} |base64 -d)
# 设置 kubeconfig 文件中的一个集群条目
$ kubectl config set-cluster kubernetes --server=192.168.3.90:30009 --kubeconfig=/usr/local/src/dashbord-admin.conf
# 设置 kubeconfig 文件中的一个用户条目
$ kubectl config set-credentials kubernetes-dashboard --token=$DASH_TOCKEN --kubeconfig=/usr/local/src/dashbord-admin.conf
# 设置 kubeconfig 文件中的一个上下文条目
$ kubectl config set-context kubernetes-dashboard@kubernetes --cluster=kubernetes --user=kubernetes-dashboard --kubeconfig=/usr/local/src/dashbord-admin.conf
# 设置 kubeconfig 文件中的当前上下文
$ kubectl config use-context kubernetes-dashboard@kubernetes --kubeconfig=/usr/local/src/dashbord-admin.conf
# 生成的kubeConfig文件路径
/usr/local/src
四、访问DashBoard UI
# 防火墙放行端口 $ firewall-cmd --zone=public --add-port=30009/tcp --permanent # 或者直接关闭防火墙(不建议) $ systemctl stop firewalld.service
# 测试 # IP为自己服务器地址,端口为修改dashboard的service暴露的端口 $ curl http://192.168.3.90:30009 # 浏览器访问 http://192.168.3.90:30009粘贴获取的token
参考文章:Kubernetes Dashboard 安装与使用-阿里云开发者社区 (aliyun.com)
