kubernetes部署dashboard2.4.0

最新推荐文章于 2023-05-31 10:29:05 发布
最新推荐文章于 2023-05-31 10:29:05 发布
阅读量1.2k 收藏 3
点赞数
分类专栏: kubernetes 文章标签: kubernetes docker 容器
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/boomxiaolong/article/details/122557720
版权

1、镜像

docker pull kubernetesui/dashboard:v2.4.0

2、tag

docker images | grep dashboard
kubernetesui/dashboard    v2.4.0   72f07539ffb5   3 months ago    221M

docker tag 72f07539ffb5 registry.cn-shenzhen.aliyuncs.com/hqyinfra/dashboard:v2.4.0

3、推送

docker push registry.cn-shenzhen.aliyuncs.com/hqyinfra/dashboard:v2.4.0

4、ns.yaml

kubectl apply -f ns.yaml

apiVersion: v1
kind: Namespace
metadata:
  name: kubernetes-dashboard

5、secret.yaml

kubectl apply -f secret.yaml

apiVersion: v1
kind: Secret
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-certs
  namespace: kubernetes-dashboard
type: Opaque
---
apiVersion: v1
kind: Secret
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-csrf
  namespace: kubernetes-dashboard
type: Opaque
data:
  csrf: ""
---
apiVersion: v1
kind: Secret
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-key-holder
  namespace: kubernetes-dashboard
type: Opaque

6、rbac.yaml

kubectl apply -f rbac.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: kubernetes-dashboard
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
  - kind: ServiceAccount
    name: kubernetes-dashboard
    namespace: kubernetes-dashboard

7、dp.yaml

kubectl apply -f dp.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      k8s-app: kubernetes-dashboard
  template:
    metadata:
      labels:
        k8s-app: kubernetes-dashboard
    spec:
      containers:
        - name: kubernetes-dashboard
          image: registry.cn-shenzhen.aliyuncs.com/hqyinfra/dashboard:v2.4.0
          imagePullPolicy: IfNotPresent
          ports:
            - containerPort: 8443
              protocol: TCP
          args:
            - --auto-generate-certificates
            - --namespace=kubernetes-dashboard
            # Uncomment the following line to manually specify Kubernetes API server Host
            # If not specified, Dashboard will attempt to auto discover the API server and connect
            # to it. Uncomment only if the default does not work.
            # - --apiserver-host=http://my-address:port
          volumeMounts:
            - name: kubernetes-dashboard-certs
              mountPath: /certs
              # Create on-disk volume to store exec logs
            - mountPath: /tmp
              name: tmp-volume
          livenessProbe:
            httpGet:
              scheme: HTTPS
              path: /
              port: 8443
            initialDelaySeconds: 30
            timeoutSeconds: 30
          securityContext:
            allowPrivilegeEscalation: false
            readOnlyRootFilesystem: true
            runAsUser: 1001
            runAsGroup: 2001
      volumes:
        - name: kubernetes-dashboard-certs
          secret:
            secretName: kubernetes-dashboard-certs
        - name: tmp-volume
          emptyDir: {}
      serviceAccountName: kubernetes-dashboard
      nodeSelector:
        "kubernetes.io/os": linux
      # Comment the following tolerations if Dashboard must not be deployed on master
      tolerations:
        - key: node-role.kubernetes.io/master
          effect: NoSchedule

8、svc.yaml

kubectl apply -f svc.yaml

apiVersion: v1
kind: Service
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  ports:
    - port: 443
      targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard

9、ingress.yaml

kubectl apply -f ingress.yaml

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
  annotations:
    kubernetes.io/ingress.class: traefik
spec:
  rules:
  - host: dashboard.candy.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: kubernetes-dashboard
            port:
              number: 443

10、生成dashboard证书
ca-csr.json

{
	"CN": "CandyHome",
	"hosts": [
	],
	"key": {
	    "algo": "rsa",
	    "size": 2048
	},
	"names": [
	    {
	        "C": "CN",
	        "ST": "BJ",
	        "L": "Beijing",
	        "O": "CandyHome",
	        "OU": "ops"
	    }
	],
	"ca": {
	    "expiry": "175200h"
	}
}

ca-config.json

{
    "signing": {
        "default": {
            "expiry": "175200h"
        },
        "profiles": {
            "server": {
                "expiry": "175200h",
                "usages": [
                    "signing",
                    "key encipherment",
                    "server auth"
                ]
            },
            "client": {
                "expiry": "175200h",
                "usages": [
                    "signing",
                    "key encipherment",
                    "client auth"
                ]
            },
            "peer": {
                "expiry": "175200h",
                "usages": [
                    "signing",
                    "key encipherment",
                    "server auth",
                    "client auth"
                ]
            }
        }
    }
}

dashboard-csr.json

{
	"CN": "dashboard.candy.com",
	"hosts": [
	],
	"key": {
	    "algo": "rsa",
	    "size": 2048
	},
	"names": [
	    {
	        "C": "CN",
	        "ST": "BJ",
	        "L": "Beijing",
	        "O": "candyHome",
	        "OU": "ops"
	    }
	]
}

cfssl gencert -initca ca-csr.json | cfssl-json -bare ca

cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=server dashboard-csr.json | cfssl-json -bare dashboard

11、配置nginx卸载证书

docker cp dashboard.pem nginx:/dashboard.pem
docker cp dashboard-key.pem nginx:/dashboard-key.pem

docker exec -it nginx sh
vi /etc/nginx/conf.d/dashboard.candy.com.conf

dashboard.candy.com.conf

server {
    listen 80;
    server_name dashboard.candy.com;
    rewrite ^(.*)$ https://${server_name}$1 permanent;
}
server {
    listen 443 ssl;
    server_name dashboard.candy.com;
    ssl_certificate "/dashboard.pem";
    ssl_certificate_key "/dashboard-key.pem";
#    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout 10m;
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers on;
    location / {
        proxy_pass http://default_backend_traefik;
        proxy_set_header Host $http_host;
        proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
    }
}

nginx -s reload
exit

12、获取Token

kubectl get secret -n kubernetes-dashboard
default-token-mw474                kubernetes.io/service-account-token   3      11d
kubernetes-dashboard-certs         Opaque                                0      11d
kubernetes-dashboard-csrf          Opaque                                1      11d
kubernetes-dashboard-key-holder    Opaque                                2      11d
kubernetes-dashboard-token-95lrt   kubernetes.io/service-account-token   3      11d

kubectl describe secret kubernetes-dashboard-token-95lrt -n kubernetes-dashboard

在这里插入图片描述
13、配置hosts

vi /etc/hosts
127.0.0.1 dashboard.candy.com

14、浏览器访问:dashboard.candy.com
在这里插入图片描述
在这里插入图片描述

huaiqiongying
关注
  • 0
    点赞
  • 3
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
Kubernetes】K8s Dashboard部署说明
cnskylee的博客
05-15 588
Kubenetes-dashboard是官方发布的一款优秀的K8s WEB-UI,部署后就可以通过浏览器对已经部署的K8s集群进行资源监控和管理了。 由于K8s版本迭代还是非常快的,因此Kubenetes-dashboard与K8s的版本之间存在一个兼容性关系。官方也给出了明确的版本兼容性关系说明。大家可以自行去官网查阅,下载和本地安装的K8s集群的版本兼容的dashboard。兼容性关系这里就不做赘述了。 我本地虚拟机安装的K8s集群的版本为1.21.1...
搭建dashboard
weixin_44946147的博客
05-30 428
一. 环境: kubernetes 1.21.10 ubuntu 18.04.6 二. 操作步骤: 1) 去找到k8s版本对应的dashboard版本 获取对应版本 2) 我这里的环境是1.21.10 对应的是 v2.40 kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.4.0/aio/deploy/recommended.yaml # 可能因为网络原因导致下
K8S部署web管理页面dashboard
DBA之路的博客
10-19 3682
官网https://kubernetes.io/zh/docs/tasks/access-application-cluster/web-ui-dashboard/ 先来看一张部署成功的效果图 ,dashboard作为k8s的webUI ,可以方便我们管理k8s集群以及应用。 1kubernetes-dashboard.yaml文件 apiVersion: v1 kind: Secret metadata: labels: k8s-app: kubernetes-dashb...
dashboard-v2.4.0镜像包和安装文件
01-27
dashboard-v2.4.0镜像包和安装文件
k8s 安装 kubernetes-dashboard-2.X
热门推荐
高飞的博客
12-24 19万+
安装使用 k8s 原生的 web图形化界面
kubernetes安装dashboard教程
binglong_world的专栏
05-31 982
kubernetes集群安装完毕。
kubernetes: Failed to pull image...rpc error: code = Canceled desc = context canceled
feiger的专栏
09-03 4万+
背景: 部署deployment服务之后,pod拉起失败, describe 显示code = Canceled desc = context canceled 分析: 1.查看harbor,排除网络问题 2.服务器上可以 docker pull ,排除image问题 3.查看pull image policy 为 IfNotPresent 排除镜像策略问题 4.查看 pod日志,code = ...
kubernetes-dashboard.yaml
08-11
resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs"] verbs: ["get", "update", "delete"] # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map. -...
Kubernetes Dashboard 部署.docx
08-06
Kubernetes Dashboard 部署 解决证书过期问题 快照后的恢复访问
kubernetes-dashboard-amd64-v1.8.3镜像包
05-13
kubernetes-dashboard-amd64-v1.8.3镜像包,由于国外镜像无法下载,可以用这个包load到本地镜像,再上传到你的私有仓库,实现离线部署安装dashboard。解压后有操作命令
k8s dashboard安装部署实战详细手册
少说,多做
11-25 6683
k8s采用的是基于角色的访问控制策略,Role-Based Access Control, 即”RBAC”,使用”rbac.authorization.k8s.io” API Group实现授权决策,涉及到ServiceAccount,Role,ClusterRole,RoleBinding,ClusterRoleBinding,Secret等概念。复制最后的token字符串到登录界面,点击登录,可以看到dashboard首页。k8s提供两种登录机制,本文采用Token访问机制进行登录。
kubernetes(k8s)中部署dashboard可视化面板
小云的博客
10-28 6179
Web 界面 (Dashboard)Dashboard 是基于网页的 Kubernetes 用户界面。你可以使用 Dashboard容器应用部署Kubernetes 集群中,也可以...
Kubernetes 部署 Kubernetes-Dashboard v2.0.0
云深海阔专栏
04-24 4219
部署文件 Github 地址:https://github.com/my-dlq/blog-example/tree/master/kubernetes/kubernetes-dashboard2.0.0-deploy 系统环境: Kubernetes 版本:1.18.1 kubernetes-dashboard 版本v2.0.0 一、简介 Kubernetes Dashbo...
k8s-1:dashboard使用用户名,密码登录以及使用http方式登录
Datura_qing的博客
02-17 7857
目录 一、安装 二、设置用户名密码登录 三、报错: 四、http方式登录 一、安装 访问地址: https://192.168.50.26:30001/ admin/admin 项目下载地址: https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/dashboard 本次安装的版本2.4.0,最下面是修改后的yaml可直接复制使用 install kubectl apply -f htt
部署kubernetes dashboard v2.0.4
DBA之路的博客
10-20 431
https://blog.csdn.net/CHEndorid/article/details/108510429
kubernetes实践之二:Kubernetes可视WEB UI Dashboard搭建
技术黑板
07-05 3867
Kubernetes可视WEBUI Dashboard搭建 快速查找登录密码token: kubectl get secret -n kube-system kubectl get secret -n kube-system | grep dashboard-token kubectl -n kube-system describe secret dashboard-token-cg...
recommended.yaml
kevinmartin的专栏
03-07 2135
#Copyright2017TheKubernetesAuthors. # #LicensedundertheApacheLicense,Version2.0(the"License"); #youmaynotusethisfileexceptincompliancewiththeLicense. #YoumayobtainacopyoftheLicenseat # #http://www.apache.org/li...
kubernetes-dashboard 部署
最新发布
06-08
curl -LO https://raw.githubusercontent.com/kubernetes/dashboard/v2.4.0/aio/deploy/recommended.yaml ``` 2. 修改 Kubernetes Dashboard Service 类型: 将 recommended.yaml 文件中的 Service 类型从 Cluster...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值