|
|
k8s(kubernetes) 部署dashboard可视化界面及相关操作
( q4 ^' j! p4 p) X7 c! m0 ]
" N2 U4 @& F) ~' T2 z3 d3 j
; `$ y* u4 E1 C( Z" ~/ F$ }3 W, r3 u* r- P- g
kubernetes相关部署详见:https://www.bbs168x.cn/forum.php ... ge=1&extra=#pid5461: E& ?7 C4 B$ W' h% C5 W2 ^
9 Y' J) V2 d w: g3 q
#创建danshboard; B# }+ ?' h" W0 E+ X
kubectl create -f recommended.yaml3 }9 E' Q n& M. H0 ?8 s
3 C. m: `5 N. E( `7 t l+ I, M7 X[root@kubernetes-master ~]# kubectl create -f recommended.yaml$ A- X4 O' ^; @
namespace/kubernetes-dashboard created+ g: i# {2 B9 e) r
serviceaccount/kubernetes-dashboard created+ C/ ~6 h- f- w( I
service/kubernetes-dashboard created
) s6 P1 p! U- Vsecret/kubernetes-dashboard-certs created2 h. h2 f# g& d* f. T
secret/kubernetes-dashboard-csrf created
8 u$ x: J: S* d( c$ q2 hsecret/kubernetes-dashboard-key-holder created
2 s9 O, _5 Y2 O4 N% iconfigmap/kubernetes-dashboard-settings created2 P% O) E% o$ \
role.rbac.authorization.k8s.io/kubernetes-dashboard created
. K& ?% }& \. P& Z/ x$ ~: {clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created# Z2 e+ m& {2 d: }/ C
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
" c7 e6 C3 [0 H$ y5 A8 Qclusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created' X O" g( |# o7 U" O
deployment.apps/kubernetes-dashboard created
5 `4 h. E( @% N; N7 gservice/dashboard-metrics-scraper created3 t) w( m# ?6 M1 @
deployment.apps/dashboard-metrics-scraper created
9 j* e: N8 }2 p& U8 g
: S3 V5 G) o) v2 x5 Z. i) N( N! w j* s1 l( k# r+ h
~0 J p2 L1 B* G m
dashboard安装后
; i( p: j: t" A" }; U查看pod的状态确保dashboard已经部署成功/ a" J" x2 J. J6 J& l# t; n: R7 v, D
! `: P4 l- `2 e. j9 q* g# L
6 J! }& y$ m. C
[root@kubernetes-master ~]# kubectl get pod -n kubernetes-dashboard + R9 z5 s% z$ I6 w
NAME READY STATUS RESTARTS AGE
) E+ p5 Y0 s4 j# x# w% a1 b* _dashboard-metrics-scraper-5657497c4c-vf2hz 1/1 Running 0 18h( }1 O6 F, x# S6 {0 Z
kubernetes-dashboard-78f87ddfc-b65kc 1/1 Running 0 18h
& p0 a) Y: d% y L u/ x
4 B0 ^4 X/ H7 Z( Q
0 |* P4 l U8 A% }1 Z( m, J+ Z访问dashboard1)查看service,访问端口为32333 k0 y# Q+ v1 j: V
: E4 g- W4 y2 H% G5 v6 t3 |' r[root@kubernetes-master ~]# kubectl get service -n kubernetes-dashboard$ c/ _ B7 r* L% K* x+ Q- F
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
0 G/ G0 _" t) _; a; odashboard-metrics-scraper ClusterIP 100.184.128.141 <none> 8000/TCP 18h
; R$ n. d: l, P1 P! ckubernetes-dashboard NodePort 100.186.249.64 <none> 443:32333/TCP 18h! c% I6 m$ j( E2 W! E! j) n
3 p: r# v R, q3 E/ L2 G6 m
3 V! E& x g# G+ m6 }7 n) S' [
2)浏览器输入https://masterIP:端口号访问即可;我的是https://172.24.110.182:32333,然后选择token登录
: x. v8 S S6 I, Y" Q' \2 t; Z [url=]kubernetes-dashboard.jpg[/url]& U& c9 b2 k. s r
& o K. p: k+ s; A
6 g# o) H/ `/ ]* ^% M
3)编写 dashboard-adminuser.yaml文件并应用
) A" r# ^7 ?3 L) C
8 i; U. j% e$ ^* r) kcat> dashboard-adminuser.yaml <<EOF
" @1 h. y U: j H U5 D$ h' N' ?apiVersion: v1
R3 j. \# @7 okind: ServiceAccount V, b2 ]; c1 m
metadata:
: X% O, x/ X( c& m! b$ B name: admin-user8 I, |7 V4 v. F. a5 Z' l- {# {8 ]
namespace: kube-system& H: K& N/ U+ |. w$ K" A% P. ?
---, k9 i4 L6 h. Q) J6 j. k- b: h- p3 g
apiVersion: rbac.authorization.k8s.io/v1
: T; }5 t$ q1 m6 d1 j5 `kind: ClusterRoleBinding
F, ?% Q, p& Zmetadata:& W7 a: M2 E7 a, _
name: admin-user
8 ?7 U( C9 M4 v9 |roleRef:
; o% R) T5 r5 J( F2 S- f apiGroup: rbac.authorization.k8s.io. v% F3 q; G R3 A' Z, S
kind: ClusterRole0 C& c3 h1 g* J, V* u) R
name: cluster-admin8 g& n4 P$ q9 s: _7 u) }' I
subjects:
$ |, a- f" \$ x" F6 C; r: Y" Z' O- kind: ServiceAccount
: [! F% x& @# P& P0 A# O( h8 Z name: admin-user; v# _: ?* N8 v2 ^) N4 G* ?
namespace: kube-system" y: `: V% L- B* k* D
EOF" b8 J9 b) c" Y0 _2 l
/ z- k: l- R' _7 s
5 c, k9 G7 @) s8 o$ L3 ]* y W5 _
B- D# n8 x1 p0 p3 ^2 I6 j+ p3 ?1 i6 g# d
[root@kubernetes-master ~]# kubectl apply -f dashboard-adminuser.yaml
_( p4 t% d6 u2 g" \serviceaccount/admin-user created& w L- Q7 `1 ]
clusterrolebinding.rbac.authorization.k8s.io/admin-user created
8 L7 w/ A X9 x0 y6 J& ~6 x- d
5 L6 V0 S9 L( Y% u& O' ^- @* @) E. u/ ^ h
& K' M6 X d# i' ]4)获取token并登录7 Y% O% f1 h+ \* o7 U0 ~
) m: e% e) ~2 G4 h/ n! {# S% q) D( R8 K
[root@kubernetes-master ~]# kubectl create token admin-user --namespace kube-system
% G& K. J1 g! @+ h, C7 BeyJhbGciOiJSUzI1NiIsImtpZCI6IktWTDdRU29nYkJ6R2dFMU1SeDRJOGhWUjlSdE9VZE5Eck9CNkk0cThVUlkifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNzI2NzE5MTcxLCJpYXQiOjE3MjY3MTU1NzEsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbi11c2VyIiwidWlkIjoiNzJiOGY3ODMtZjY1MC00MTBjLTk1YTktN2MxYTIyZjRlYjkzIn19LCJuYmYiOjE3MjY3MTU1NzEsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTphZG1pbi11c2VyIn0.DkFFYdUTzbBUhn6uNbIKpuf9CLnU1CKBSUoLiTssg8uyHgmgk6Z_G_elfOIdVHwP8xlnF7ZmAOCzBC6Mgr9keNoXOm5ttZ3wLXIoo_9LKYn3i_UrR6ucj4N2mxiQWpxqjrmpHcKsmPnmKdvzaW653opkP2s2VPcGHU73XSZ9eRit82hUnEQcxdWGsA0shkbTV_ICUzbMVs4vUNbPVENnRYivkYAzKBwakoPTK3mYiQQKdrWiqRbd9e-ag3t9MtGL2oU8hzzXoyvuqAUbGtzRandOjb3_t8v6e5ftt460oW_LM86uJVZ0OU-GbqlvoJSa1dJfrQBD2rkDkOOise-FFA% \% y4 y/ A/ [1 n5 c
[root@kubernetes-master ~]#
+ K" H8 M$ ~# P* Q3 V
4 \. V" M- w7 [2 C. S2 _; |4 Q6 h0 F& f; D* a! T
输入token到浏览器中,点击登录即可:1 Z, |6 H# ]; X C1 g+ _3 l" J
[url=]微信图片_20240919111611.p ...[/url]
1 Y+ F8 c2 e2 I$ e; ^4 u% |+ D- D! C0 g" @7 \" I
|
|
发表于 2024-9-19 11:12:23