kubernetes-Dashboard
交流QQ号:555913397
有什么问题可以加群大家一起交流
1.部署Dashboard
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml
2.查看dashboard运行状态
kubectl get pod -n kubernetes-dashboard
如果出现上图的情况
查看日志
kubectl logs kubernetes-dashboard-5d4dc8b976-v2wzv -n kubernetes-dashboard
显示如下报错
Initializing csrf token from kubernetes-dashboard-csrf secret panic: Get https://10.96.0.1:443/api/v1/namespaces/kubernetes-dashboard/secrets/kubernetes-dashboard-csrf: dial tcp 10.10.0.1:443: i/o timeout
#部署到非master节点,网络原因无法正常运行
#解决,把kubernetes-dashboard部署到master节点,修改的配置文件添加内容nodeName: master节点名,如下:
#查看master节点名
kubectl get node
在recommended.yaml文件内插入nodeName: master节点名
重启pod容器
kubectl replace --force -f recommended.yaml
查看pod节点,正常启动
3.修改Dashboard端口
查看容器端口
kubectl get svc -n kubernetes-dashboard
kubectl patch svc kubernetes-dashboard \
-n kubernetes-dashboard \
-p '{"spec":{"type":"NodePort","ports":[{"port":443,"targetPort":8443,"nodePort":30001}]}}'
再次查看端口
kubectl get svc -n kubernetes-dashboard
4.通过ip:30001访问Kubernetes-dashboard
5.创建账户
生成yaml文件
cat > dashboard-adminuser.yaml << EOF
apiVersion: v1
kind: ServiceAccount
metadata:
name: fqydhk
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: fqydhk
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: fqydhk
namespace: kubernetes-dashboard
EOF
创建登录用户
kubectl apply -f dashboard-adminuser.yaml
说明:上面创建了一个叫fqydhk的服务账号,并放在kubernetes-dashboard 命名空间下,并将cluster-admin角色绑定到admin-user账户,这样fqydhk账户就有了管理员的权限。默认情况下,kubeadm创建集群时已经创建了cluster-admin角色,我们直接绑定即可。
6.获取Token
查看账户的token
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep fqydhk | awk '{print $1}')
7.登录Kubernetes-dashboard
[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-blZUoILk-1618476617622)(C:\Users\fqydh\AppData\Roaming\Typora\typora-user-images\image-20210415164846066.png)]