使用 Helm 安装部署 Dashboard 仪表盘
目录
一、安装Helm
- 下载helm二进制包 官方下载地址https://github.com/helm/helm/releases
[root@master helm]# wget https://get.helm.sh/helm-v3.7.1-linux-amd64.tar.gz
--2022-09-15 14:23:54-- https://get.helm.sh/helm-v3.7.1-linux-amd64.tar.gz
Resolving get.helm.sh (get.helm.sh)... 152.199.39.108, 2606:2800:247:1cb7:261b:1f9c:2074:3c
Connecting to get.helm.sh (get.helm.sh)|152.199.39.108|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 13862382 (13M) [application/x-tar]
Saving to: ‘helm-v3.7.1-linux-amd64.tar.gz’
100%[=======================================================================================================================>] 13,862,382 1.45MB/s in 8.6s
2022-09-15 14:24:09 (1.54 MB/s) - ‘helm-v3.7.1-linux-amd64.tar.gz’ saved [13862382/13862382]
[root@master helm]# ls
helm-v3.7.1-linux-amd64.tar.gz
- 解压二进制包
[root@master helm]# tar -xzvf helm-v3.7.1-linux-amd64.tar.gz
linux-amd64/
linux-amd64/helm
linux-amd64/LICENSE
linux-amd64/README.md
- 移动二进制文件到bin目录下
[root@master helm]# mv linux-amd64/helm /usr/local/bin/helm
[root@master helm]# ls
helm-v3.7.1-linux-amd64.tar.gz linux-amd64
- 配置helm命令自动补全
[root@master helm]# yum install -y bash-completion
Loaded plugins: fastestmirror, langpacks, product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
Determining fastest mirrors
epel/x86_64/metalink | 7.3 kB 00:00:00
* base: mirrors.huaweicloud.com
* epel: mirror.01link.hk
* extras: mirrors.aliyun.com
* updates: mirrors.njupt.edu.cn
base | 3.6 kB 00:00:00
docker-ce-stable | 3.5 kB 00:00:00
epel | 4.7 kB 00:00:00
extras | 2.9 kB 00:00:00
kubernetes | 1.4 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/6): epel/x86_64/group_gz | 97 kB 00:00:06
(2/6): docker-ce-stable/7/x86_64/primary_db | 82 kB 00:00:06
(3/6): epel/x86_64/primary_db | 7.0 MB 00:00:03
(4/6): extras/7/x86_64/primary_db | 250 kB 00:00:06
(5/6): updates/7/x86_64/primary_db | 17 MB 00:00:19
(6/6): epel/x86_64/updateinfo | 1.0 MB 00:00:53
Resolving Dependencies
There are unfinished transactions remaining. You might consider running yum-complete-transaction, or "y um-complete-transaction --cleanup-only" and "yum history redo last", first to finish them. If those don 't work you'll have to try removing/installing packages by hand (maybe package-cleanup can help).
--> Running transaction check
---> Package bash-completion.noarch 1:2.1-6.el7 will be updated
---> Package bash-completion.noarch 1:2.1-8.el7 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
========================================================================================================
Package Arch Version Repository Size
========================================================================================================
Updating:
bash-completion noarch 1:2.1-8.el7 base 87 k
Transaction Summary
========================================================================================================
Upgrade 1 Package
Total download size: 87 k
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
bash-completion-2.1-8.el7.noarch.rpm | 87 kB 00:00:06
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : 1:bash-completion-2.1-8.el7.noarch 1/2
Cleanup : 1:bash-completion-2.1-6.el7.noarch 2/2
Verifying : 1:bash-completion-2.1-8.el7.noarch 1/2
Verifying : 1:bash-completion-2.1-6.el7.noarch 2/2
Updated:
bash-completion.noarch 1:2.1-8.el7
Complete!
[root@master helm]# echo "source <(helm completion bash)" >> ~/.bashrc
[root@master helm]# source /root/.bashrc
二、安装部署Dashboard
1. 添加helm repo源
[root@master helm]# helm repo add kubernetes-dashboard https://kubernetes.github.io/dashboard/
"kubernetes-dashboard" has been added to your repositories
2. 安装Dashboard
[root@master helm]# helm install kubernetes-dashboard kubernetes-dashboard/kubernetes-dashboard --namespace kubernetes-dashboard --create-namespace --set replicaCount=2 --set service.type=NodePort --set service.nodePort=30080 --set resources.limits.cpu=200m
NAME: kubernetes-dashboard
LAST DEPLOYED: Thu Sep 15 15:04:29 2022
NAMESPACE: kubernetes-dashboard
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
*********************************************************************************
*** PLEASE BE PATIENT: kubernetes-dashboard may take a few minutes to install ***
*********************************************************************************
Get the Kubernetes Dashboard URL by running:
export NODE_PORT=$(kubectl get -n kubernetes-dashboard -o jsonpath="{.spec.ports[0].nodePort}" services kubernetes-dashboard)
export NODE_IP=$(kubectl get nodes -o jsonpath="{.items[0].status.addresses[0].address}")
echo https://$NODE_IP:$NODE_PORT/
3. 查看Dashboard运行状态
[root@master helm]# kubectl -n kubernetes-dashboard get pods
NAME READY STATUS RESTARTS AGE
kubernetes-dashboard-68df56d58f-jvmvc 1/1 Running 0 19s
kubernetes-dashboard-68df56d58f-z2v7s 1/1 Running 0 19s
[root@master helm]# kubectl -n kubernetes-dashboard get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes-dashboard NodePort 10.104.192.250 <none> 443:30080/TCP 35s
4. 创建dashboard-admin.yaml
文件
Dashboard 支持 Kubeconfig 和 Token 两种认证方式,这里选择Token认证方式登录,默认serviceaccount只有读权限,这里创建admin用户。
yaml文件内容如下:
[root@master helm]# cat dashboard-admin.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard
namespace: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kubernetes-dashboard
5. 创建登录用户
[root@master helm]# kubectl apply -f dashboard-admin.yaml
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
6. 查看admin-user账户的token
[root@master helm]# kubectl -n kubernetes-dashboard get secret $(kubectl -n kubernetes-dashboard get sa/kubernetes-dashboard -o jsonpath="{.secrets[0].name}") -o go-template="{{.data.token | base64decode}}"
eyJhbGciOiJSUzI1NiIsImtpZCI6IjdTRmd0QUE1Q2lkMEF4Ujh4d3dFTVpKLXlzRVpwTXpTNm5aRTBxS1VsWE0ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi1xbnA5eiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImFkY2JmMjY5LTRmYmMtNDFmOS04MDZhLTg1M2ExYTE0YmY0OCIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.GekfgCeRO5U3n35E6uaNvJksZooH3vVvYLscrSr4OyHid0_1pY-W9fJx4QZZ7c1WAblbTRkEl87gqoJFURwUwQaKWF_nlZhIY4kh2W0emAnjUCPkPYw0Z_8mzELG1t5j3TZXHwWb45IR8tHIe8HOzJS1asmS_d0GDzDevyv1QE2gdLyrj2aLvTubxekbzbGLKeq-6SHqgglwGT3l4hUyrVT0ABox5hde4yg62UUbJ8TvVl8YfDkFWZhSl_0d77F23-8janyRbZVYg3IP_3jrifSTS3FkatV5CRfN8rtMzyEJCLxXb6yzMTKCEZdONQnTgp8fuN_b-8-7snsTAQWzKA
注意:此处token为我自己的token,当使用浏览器进行访问时,需要使用自己的token登录,不要复制我的token进行登录。
7. 登陆Dashboard
浏览器输入:任意节点IP+Node端口号
粘贴token,登录。
8. 删除Dashboard
[root@master helm]# helm -n kubernetes-dashboard uninstall kubernetes-dashboard
release "kubernetes-dashboard" uninstalled
[root@master helm]# kubectl -n kubernetes-dashboard get pods
No resources found in kubernetes-dashboard namespace.
[root@master helm]# kubectl -n kubernetes-dashboard get svc
No resources found in kubernetes-dashboard namespace.
删除完成。