序:

Dashboard它可以给用户提供一个可视化的 Web 界面来查看当前集群的各种信息。用户可以用 Kubernetes Dashboard 部署容器化的应用、监控应用的状态、执行故障排查任务以及管理 Kubernetes 各种资源。
image.png

一、部署Dashboard

1、执行yaml文件直接部署

  1. kubectl apply -f  https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml
  3. #可以采用gitlab上面的yaml文件
  4. kubectl apply -f  https://gitlab.com/jaeck/kubernetes/-/raw/master/kubernetes-dashboard.yaml

2、查看dashboard运行状态,以deployment方式部署,运行2个pod及2个service:

  1. [root@k8smaster tmp]# kubectl -n kubernetes-dashboard get pods
  2. NAME                                         READY   STATUS    RESTARTS   AGE
  3. dashboard-metrics-scraper-7445d59dfd-dqm7t   1/1     Running   0          31m
  4. kubernetes-dashboard-7d8466d688-5cxv9        1/1     Running   0          31m
  7. [root@k8smaster tmp]# kubectl -n kubernetes-dashboard get svc
  8. NAME                        TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE
  9. dashboard-metrics-scraper   ClusterIP   10.102.47.233   <none>        8000/TCP        45m
  10. kubernetes-dashboard        NodePort    10.111.31.52    <none>        443:30443/TCP   45m

3、访问dashboard,需要配置NodePort端口

  1. kubectl  patch svc kubernetes-dashboard -n kubernetes-dashboard \
  2. -p '{"spec":{"type":"NodePort","ports":[{"port":443,"targetPort":8443,"nodePort":30443}]}}'

4、查看暴露的service,已修改为nodeport类型:

  1. [root@k8smaster tmp]# kubectl -n kubernetes-dashboard get svc
  2. NAME                        TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE
  3. dashboard-metrics-scraper   ClusterIP   10.102.47.233   <none>        8000/TCP        45m
  4. kubernetes-dashboard        NodePort    10.111.31.52    <none>        443:30443/TCP   45m

5、或者下载下来手动修改Service

  1. https://gitlab.com/jaeck/kubernetes/-/raw/master/kubernetes-dashboard.yaml

修改内容:

  1. ...
  2. ---
  4. kind: Service
  5. apiVersion: v1
  6. metadata:
  7.   labels:
  8.     k8s-app: kubernetes-dashboard
  9.   name: kubernetes-dashboard
  10.   namespace: kubernetes-dashboard
  11. spec:
  12.   type: NodePort  #新增
  13.   ports:
  14.     - port: 443
  15.       targetPort: 8443
  16.       nodePort: 30443  #新增
  17.   selector:
  18.     k8s-app: kubernetes-dashboard
  20. ---
  21. ...
  23. ##更新配置
  24. kubectl apply -f kubernetes-dashboard.yaml

6、登录dashboard(必须Firefox)
https://any_node_ip:30443
image.png
**

二、配置登录用户

1、创建dashboard-adminuser.yaml:

  1. cat > dashboard-adminuser.yaml << EOF
  2. apiVersion: v1
  3. kind: ServiceAccount
  4. metadata:
  5.   name: admin-user
  6.   namespace: kubernetes-dashboard
  8. ---
  9. apiVersion: rbac.authorization.k8s.io/v1
  10. kind: ClusterRoleBinding
  11. metadata:
  12.   name: admin-user
  13. roleRef:
  14.   apiGroup: rbac.authorization.k8s.io
  15.   kind: ClusterRole
  16.   name: cluster-admin
  17. subjects:
  18. - kind: ServiceAccount
  19.   name: admin-user
  20.   namespace: kubernetes-dashboard  
  21. EOF

2、创建登录用户

  1. kubectl apply -f dashboard-adminuser.yaml

3、查看admin-user的token

  1. kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')