|
|
k8s(kubernetes) 部署dashboard可视化界面及相关操作
- b1 _$ g2 W+ v$ h8 x! C. v5 j( ]0 K+ |5 |' W5 P1 R
; g7 w; Z" I% m+ p6 L8 j& t, C
! r, f6 p- W Y# ]/ b, vkubernetes相关部署详见:https://www.bbs168x.cn/forum.php ... ge=1&extra=#pid5461& v' O6 }; O. l& C# k
% q* G' a( y5 K1 F7 b. R! d( C
#创建danshboard
9 c v Y0 l, j% V' _9 q8 hkubectl create -f recommended.yaml2 Z/ N! E6 {9 r q: M2 f I% ~
1 L& G# j; }" I, x4 ?, Q3 N% }8 o[root@kubernetes-master ~]# kubectl create -f recommended.yaml
! \6 f$ \ r3 T# z1 a9 Jnamespace/kubernetes-dashboard created
/ K" p4 Y9 ? j* g$ r: l+ d6 u+ qserviceaccount/kubernetes-dashboard created9 h- }# H/ ]& Q. u
service/kubernetes-dashboard created4 H3 v! }2 i5 I$ T5 q, J- F: w A
secret/kubernetes-dashboard-certs created& P: m9 m5 u0 x" |% _# t1 A
secret/kubernetes-dashboard-csrf created3 U* S. C) W+ m
secret/kubernetes-dashboard-key-holder created( s* b- G! T6 A6 ~
configmap/kubernetes-dashboard-settings created
- f5 o3 j" g! C3 H$ r3 Erole.rbac.authorization.k8s.io/kubernetes-dashboard created
& M! p' T) ?7 O9 Dclusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
8 O4 u3 S7 J: M7 _% F. Brolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created3 a% C z, f& F5 w" d& d" C3 a
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created5 `7 x! b6 f8 P" n S
deployment.apps/kubernetes-dashboard created
5 z/ _, w. f- K, Z6 @$ @% a9 Zservice/dashboard-metrics-scraper created$ v$ B% d3 {7 q. S$ }; N1 b! x/ V
deployment.apps/dashboard-metrics-scraper created0 H* p& _5 c- C: k C: }
) e+ Y! J8 M: X, K
M! |2 | t" O, c% k$ }. E
, d V2 _ q+ ~+ w2 L# z/ A
dashboard安装后, I9 e$ d( v! S- v) z
查看pod的状态确保dashboard已经部署成功
/ I9 C5 O7 @* S! p( K9 N7 u2 j1 }5 m$ v& ~: H
$ }2 W8 b$ A+ a
[root@kubernetes-master ~]# kubectl get pod -n kubernetes-dashboard 9 i6 r' m7 X7 q5 w; G% [
NAME READY STATUS RESTARTS AGE) C7 F1 s8 F. `# N+ T6 Q& _$ I
dashboard-metrics-scraper-5657497c4c-vf2hz 1/1 Running 0 18h' D% d+ m6 Z: Q/ u
kubernetes-dashboard-78f87ddfc-b65kc 1/1 Running 0 18h
9 o) }6 {& O7 L4 `% t4 U
g/ D% ?" c4 d
9 M1 @) V3 u! W3 S+ B访问dashboard1)查看service,访问端口为32333 , ]$ X" f9 d8 v! k1 j, {/ y
0 m W7 z0 y) w% B[root@kubernetes-master ~]# kubectl get service -n kubernetes-dashboard
E. X* G6 n/ J0 r* W2 G$ U8 t3 c% JNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
0 R& ~5 P7 S8 f+ y3 E% Jdashboard-metrics-scraper ClusterIP 100.184.128.141 <none> 8000/TCP 18h+ q: C0 P8 V6 [" p' ]3 h4 m u
kubernetes-dashboard NodePort 100.186.249.64 <none> 443:32333/TCP 18h D, p! O2 C0 w0 P1 |$ ]4 d! E
w/ ^! O3 D9 [* w) D$ r7 k/ \1 W
5 K/ r) S" b5 c2)浏览器输入https://masterIP:端口号访问即可;我的是https://172.24.110.182:32333,然后选择token登录
6 j0 z; _' W6 o [url=]kubernetes-dashboard.jpg[/url]
; }6 P$ K2 @4 z; c% `( o# V- M/ v0 E; q Z
1 Y0 v7 ]0 R H, a+ Q
3)编写 dashboard-adminuser.yaml文件并应用
8 a+ Q1 J; L. a0 e9 V( ~% p' H" U, X
cat> dashboard-adminuser.yaml <<EOF
# v( V7 |; n2 l5 M# YapiVersion: v18 \; i9 z3 j( _/ [- @- |, W0 `
kind: ServiceAccount
7 u& I5 y" I `- L( @; Pmetadata:/ D( ]5 P3 E5 i" ~7 e
name: admin-user
2 f5 t2 ?2 G- e1 L4 ~ K& C namespace: kube-system
5 j V7 _: W# q2 w2 u---
3 j4 n& {2 k0 n7 A8 K' NapiVersion: rbac.authorization.k8s.io/v1
% w$ g4 w6 z1 J- @5 i7 ^0 ukind: ClusterRoleBinding
2 N: o x# Z8 K* Smetadata:
; Y, N6 ^% `4 l" A( e6 ~( J, y name: admin-user
& N( G* |& j P, \2 k- Z0 zroleRef:
7 c9 [' e' r" X5 L# b$ T apiGroup: rbac.authorization.k8s.io: j0 X# C' T: y) w9 {
kind: ClusterRole
. \. X, j" e' D N6 s# _ name: cluster-admin1 L, L8 C' W$ ?! l
subjects:
1 e9 ]5 l9 {* a$ w- kind: ServiceAccount
% H4 P; U2 z9 W/ g. n. l name: admin-user
# y; F% m& D7 i1 G: E2 E$ s namespace: kube-system
/ Q* p5 @* j2 {) IEOF
' B" n+ f+ Q7 S. Q5 f; p' S: W
8 c/ x# d+ D' t. f
7 J% N+ l* w. @" V: X
0 T; x+ @/ v9 D$ ~- f: Z I
4 I4 h, P8 _, {' ~. c% g) A8 M[root@kubernetes-master ~]# kubectl apply -f dashboard-adminuser.yaml * E, F. Z/ N7 y% ^8 _( A
serviceaccount/admin-user created. E" a+ B: e3 ~+ m, f
clusterrolebinding.rbac.authorization.k8s.io/admin-user created
( d+ y$ W! i0 c
4 ^! V& ^8 m7 [. A8 D8 X2 k7 |( l, |( O! E' T
" }; W% }4 D* T. R4 t% m
4)获取token并登录# R1 Y# ?. {( K. `1 v
) {, m4 w6 q# g9 {
( S( c. v9 w1 U[root@kubernetes-master ~]# kubectl create token admin-user --namespace kube-system
( @; @3 V7 s1 r) L" r# ^6 A7 V4 V2 beyJhbGciOiJSUzI1NiIsImtpZCI6IktWTDdRU29nYkJ6R2dFMU1SeDRJOGhWUjlSdE9VZE5Eck9CNkk0cThVUlkifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNzI2NzE5MTcxLCJpYXQiOjE3MjY3MTU1NzEsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbi11c2VyIiwidWlkIjoiNzJiOGY3ODMtZjY1MC00MTBjLTk1YTktN2MxYTIyZjRlYjkzIn19LCJuYmYiOjE3MjY3MTU1NzEsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTphZG1pbi11c2VyIn0.DkFFYdUTzbBUhn6uNbIKpuf9CLnU1CKBSUoLiTssg8uyHgmgk6Z_G_elfOIdVHwP8xlnF7ZmAOCzBC6Mgr9keNoXOm5ttZ3wLXIoo_9LKYn3i_UrR6ucj4N2mxiQWpxqjrmpHcKsmPnmKdvzaW653opkP2s2VPcGHU73XSZ9eRit82hUnEQcxdWGsA0shkbTV_ICUzbMVs4vUNbPVENnRYivkYAzKBwakoPTK3mYiQQKdrWiqRbd9e-ag3t9MtGL2oU8hzzXoyvuqAUbGtzRandOjb3_t8v6e5ftt460oW_LM86uJVZ0OU-GbqlvoJSa1dJfrQBD2rkDkOOise-FFA4 L# W" [+ v7 M6 o- f9 G) O
[root@kubernetes-master ~]#
; u2 M6 g$ k/ n6 t" [8 L& c3 t/ g' w+ [" k/ u2 x" R
2 Q% @" V1 H7 g4 v8 I& g" u3 B, Y: C输入token到浏览器中,点击登录即可:
4 [7 l K8 `+ l8 K[url=]微信图片_20240919111611.p ...[/url]
. t. d! d# {$ ^: H
" |% G0 C) f9 h' n |
|
发表于 2024-9-19 11:12:23