|
|
k8s(kubernetes) 部署dashboard可视化界面及相关操作
5 U1 k' A6 O; g8 H
: L: F3 |3 P- k- G! c, r+ J3 R- Z0 {) A G! B7 s
( p1 z5 `6 d( }; K) s7 a8 Wkubernetes相关部署详见:https://www.bbs168x.cn/forum.php ... ge=1&extra=#pid54612 ?+ A" y$ r6 @' M. {( \
+ K6 g4 [: B7 r* `' L#创建danshboard
/ |0 T/ `6 I1 n; Ckubectl create -f recommended.yaml
8 t+ ~ B( \7 c3 u' `& d8 g/ I, U: M* |- _7 o/ k
[root@kubernetes-master ~]# kubectl create -f recommended.yaml
3 V. C$ U9 r9 C1 ^2 a* j& ynamespace/kubernetes-dashboard created
/ l9 I2 J& q& Yserviceaccount/kubernetes-dashboard created1 C" T+ b: f& h+ k" r: M" c' J4 B
service/kubernetes-dashboard created
, F! {! X, C) V2 k/ }secret/kubernetes-dashboard-certs created
; |. r1 g* w w, x+ ?8 J) ysecret/kubernetes-dashboard-csrf created
4 V8 V' F" m% [4 Q% n6 hsecret/kubernetes-dashboard-key-holder created
% k/ q" p) r5 M5 pconfigmap/kubernetes-dashboard-settings created
% u/ y" E, ] ~8 Q6 c+ V7 Irole.rbac.authorization.k8s.io/kubernetes-dashboard created
* ?4 {6 q6 j0 [. f8 uclusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created9 g3 k% D. K: [0 M
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created/ @3 T% a% s4 D* p: Z+ ^2 [+ v
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created0 ]* }+ X$ }$ r2 y; d! |
deployment.apps/kubernetes-dashboard created
# }6 K3 ]) Z7 ~4 Xservice/dashboard-metrics-scraper created1 B/ w ~9 I( A ]* c& K2 U, _! Y
deployment.apps/dashboard-metrics-scraper created
2 ?3 g7 l& q! X$ T, |' F# L9 s7 c9 |1 b# y! ?
" X6 \! i- s1 x1 U$ H5 i( M8 |8 s/ n, {/ @+ e: z, a+ D3 e
dashboard安装后
% k y1 A0 I3 t& x S查看pod的状态确保dashboard已经部署成功9 G. G: O; I9 ]/ N. v& B
: w1 Y6 I) l' O8 a! s
7 a% v- D; ?1 p; o2 R[root@kubernetes-master ~]# kubectl get pod -n kubernetes-dashboard 4 L! o, R3 h0 P ] N: o v
NAME READY STATUS RESTARTS AGE
1 `' @3 S1 M: n0 [dashboard-metrics-scraper-5657497c4c-vf2hz 1/1 Running 0 18h9 j1 d0 Y3 R& Q' P! D5 H8 J
kubernetes-dashboard-78f87ddfc-b65kc 1/1 Running 0 18h
1 _0 M y! e. G. o; v- {9 G* a. A" H
$ ~5 Y& w% F! H* d
访问dashboard1)查看service,访问端口为32333
$ X% ~. n' j# |8 H3 H q% H0 ^
, E3 h8 Q* z# K) D: T$ u- @, g[root@kubernetes-master ~]# kubectl get service -n kubernetes-dashboard/ ?2 N$ D/ o. B1 [) C" H' ~
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE W7 _ G' d2 ~7 }
dashboard-metrics-scraper ClusterIP 100.184.128.141 <none> 8000/TCP 18h) @' G$ P1 @; M6 Z. G
kubernetes-dashboard NodePort 100.186.249.64 <none> 443:32333/TCP 18h; X* R4 H: ~8 w+ q8 O% B
, m" }4 N: P$ {& @3 X4 w/ O* K2 Q
2)浏览器输入https://masterIP:端口号访问即可;我的是https://172.24.110.182:32333,然后选择token登录3 z. q% @8 ]; ~9 @" U
 [url=]kubernetes-dashboard.jpg[/url]4 a6 l9 X2 h% D: ~! S1 Y6 _
1 N3 t! d4 N6 s
a& W$ i8 t0 \
3)编写 dashboard-adminuser.yaml文件并应用
- O( q o* ^( @, A0 a
, P* H5 M* R% y- X5 fcat> dashboard-adminuser.yaml <<EOF 1 u7 V; e" z' V3 o( Y# _3 w
apiVersion: v14 ]/ e L4 K. Y8 Q6 i; i
kind: ServiceAccount
# H( C6 C/ O& ^" T8 H; o Wmetadata:$ {6 y4 R+ q2 w1 K
name: admin-user0 o6 Z, B3 @( J0 A [
namespace: kube-system
6 @5 ^3 ?' x8 t0 I0 M( z# P3 s& g---
2 M G: i2 g5 j4 oapiVersion: rbac.authorization.k8s.io/v1; M" E2 _. c5 @0 N" L" q
kind: ClusterRoleBinding: o) M& k4 p e7 `9 J
metadata:
6 O0 m. N" w8 E3 ~ name: admin-user( a4 \( H1 l# c" i! C' q+ T
roleRef: ?$ D8 I: w4 \5 ?6 Z/ H
apiGroup: rbac.authorization.k8s.io
; ~% [6 V' n0 B) d7 R9 g" ] kind: ClusterRole
( U# r# L7 H/ m# Q: K name: cluster-admin/ t/ n; [) i) f4 v4 I* D6 i
subjects:% u+ C3 |9 u `% l
- kind: ServiceAccount
4 P0 z7 h( ?" Q) ?( } b7 I name: admin-user4 f0 y5 M5 i8 M0 V' r% W d; b s+ e
namespace: kube-system5 H) T, L* H' M0 y' F& T) g
EOF
/ Y# y# V' Z. _; q: Q4 {7 ^$ |! r: Z. U5 e
" {7 ^+ j1 A+ [% o9 E N! U4 a
$ n, _4 O% ~1 K) u, X4 d
' y5 ~9 d6 ]" c4 x[root@kubernetes-master ~]# kubectl apply -f dashboard-adminuser.yaml
- M- q. K7 \0 C0 R: f$ x$ fserviceaccount/admin-user created
+ v2 j2 w3 `& \. `; l" Vclusterrolebinding.rbac.authorization.k8s.io/admin-user created
. U$ A3 Y6 V y- v# x) K& _' J8 v: _' a' T
2 Z% E3 S9 q& p2 u" ]2 V) g
m: ~, n% ~' n; |; D# A4)获取token并登录+ R4 W6 I( X, K1 J# l
4 O# N/ ]" D; H2 n/ `' _/ w
$ b) K1 ~5 `7 Q; Y3 W: e( s! ~[root@kubernetes-master ~]# kubectl create token admin-user --namespace kube-system 1 A* E& j4 n% ~2 w8 q" m* }
eyJhbGciOiJSUzI1NiIsImtpZCI6IktWTDdRU29nYkJ6R2dFMU1SeDRJOGhWUjlSdE9VZE5Eck9CNkk0cThVUlkifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNzI2NzE5MTcxLCJpYXQiOjE3MjY3MTU1NzEsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbi11c2VyIiwidWlkIjoiNzJiOGY3ODMtZjY1MC00MTBjLTk1YTktN2MxYTIyZjRlYjkzIn19LCJuYmYiOjE3MjY3MTU1NzEsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTphZG1pbi11c2VyIn0.DkFFYdUTzbBUhn6uNbIKpuf9CLnU1CKBSUoLiTssg8uyHgmgk6Z_G_elfOIdVHwP8xlnF7ZmAOCzBC6Mgr9keNoXOm5ttZ3wLXIoo_9LKYn3i_UrR6ucj4N2mxiQWpxqjrmpHcKsmPnmKdvzaW653opkP2s2VPcGHU73XSZ9eRit82hUnEQcxdWGsA0shkbTV_ICUzbMVs4vUNbPVENnRYivkYAzKBwakoPTK3mYiQQKdrWiqRbd9e-ag3t9MtGL2oU8hzzXoyvuqAUbGtzRandOjb3_t8v6e5ftt460oW_LM86uJVZ0OU-GbqlvoJSa1dJfrQBD2rkDkOOise-FFA
1 V$ M3 @4 Y6 `5 _[root@kubernetes-master ~]# * L6 I- [) Q# s, G9 w% `
% ?- O4 J) n6 r! @ t, m- Y
" _6 k5 l8 f, r, D, a5 e6 g; [5 U
输入token到浏览器中,点击登录即可:
/ H: r7 n4 z- T% X[url=]微信图片_20240919111611.p ...[/url]
2 o/ x3 E( Y/ F0 U* W+ Y2 X& e
( V+ g3 ?" Z0 _- ]$ U a |
|
发表于 2024-9-19 11:12:23