部署Dashboard图形界面控制docker集群

最新推荐文章于 2024-05-30 14:18:55 发布
最新推荐文章于 2024-05-30 14:18:55 发布
阅读量550 收藏
点赞数 1
分类专栏: 容器 文章标签: docker
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/kali_yao/article/details/120150742
版权

一.dashboard介绍

Dashboard是基于网页的Kuberbetes用户界面,可以使用Dashboard将容器应用部署到Kubernetes集群中,也可以使用对容器应用排错,还能管理集群资源,可以使用Dashboard获取或者修改Kubernetes资源(如Deployment,Job,DaemonSet等等)

Dashboard同时展示了Kubernetes集群中的资源状态信息和所有报错

官网:https://github.com/kubernetes/dashboard

二.dashboard安装

1.上传镜像到私有仓库

# 上传 dashboard 镜像
[root@master dashboard]# docker load -i dashboard.tar.gz 
[root@master dashboard]# docker tag kubernetesui/dashboard:v2.0.0 192.168.1.100:5000/dashboard:v2.0.0
[root@master dashboard]# docker push 192.168.1.100:5000/dashboard:v2.0.0
# 上传 metrics-scraper 镜像
[root@master dashboard]# docker load -i metrics-scraper.tar.gz 
[root@master dashboard]# docker tag kubernetesui/metrics-scraper:v1.0.4 192.168.1.100:5000/metrics-scraper:v1.0.4
[root@master dashboard]# docker push 192.168.1.100:5000/metrics-scraper:v1.0.4

2.安装发布服务

[root@master dashboard]# vim recommended.yaml
          # 190 行修改为
          image: 192.168.1.100:5000/dashboard:v2.0.0
          # 274 行修改为
          image: 192.168.1.100:5000/metrics-scraper:v1.0.4
[root@master dashboard]# kubectl apply -f recommended.yaml
 cat recommended.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: v1
kind: Namespace
metadata:
  name: kubernetes-dashboard

---

apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard

---

kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  ports:
    - port: 443
      targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard

---

apiVersion: v1
kind: Secret
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-certs
  namespace: kubernetes-dashboard
type: Opaque

---

apiVersion: v1
kind: Secret
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-csrf
  namespace: kubernetes-dashboard
type: Opaque
data:
  csrf: ""

---

apiVersion: v1
kind: Secret
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-key-holder
  namespace: kubernetes-dashboard
type: Opaque

---

kind: ConfigMap
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-settings
  namespace: kubernetes-dashboard

---

kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
rules:
  # Allow Dashboard to get, update and delete Dashboard exclusive secrets.
  - apiGroups: [""]
    resources: ["secrets"]
    resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"]
    verbs: ["get", "update", "delete"]
    # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
  - apiGroups: [""]
    resources: ["configmaps"]
    resourceNames: ["kubernetes-dashboard-settings"]
    verbs: ["get", "update"]
    # Allow Dashboard to get metrics.
  - apiGroups: [""]
    resources: ["services"]
    resourceNames: ["heapster", "dashboard-metrics-scraper"]
    verbs: ["proxy"]
  - apiGroups: [""]
    resources: ["services/proxy"]
    resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"]
    verbs: ["get"]

---

kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
rules:
  # Allow Metrics Scraper to get metrics from the Metrics server
  - apiGroups: ["metrics.k8s.io"]
    resources: ["pods", "nodes"]
    verbs: ["get", "list", "watch"]

---

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: kubernetes-dashboard
subjects:
  - kind: ServiceAccount
    name: kubernetes-dashboard
    namespace: kubernetes-dashboard

---

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: kubernetes-dashboard
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: kubernetes-dashboard
subjects:
  - kind: ServiceAccount
    name: kubernetes-dashboard
    namespace: kubernetes-dashboard

---

kind: Deployment
apiVersion: apps/v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      k8s-app: kubernetes-dashboard
  template:
    metadata:
      labels:
        k8s-app: kubernetes-dashboard
    spec:
      containers:
        - name: kubernetes-dashboard
          image: 192.168.1.100:5000/dashboard:v2.0.0
          imagePullPolicy: Always
          ports:
            - containerPort: 8443
              protocol: TCP
          args:
            - --auto-generate-certificates
            - --namespace=kubernetes-dashboard
            # Uncomment the following line to manually specify Kubernetes API server Host
            # If not specified, Dashboard will attempt to auto discover the API server and connect
            # to it. Uncomment only if the default does not work.
            # - --apiserver-host=http://my-address:port
          volumeMounts:
            - name: kubernetes-dashboard-certs
              mountPath: /certs
              # Create on-disk volume to store exec logs
            - mountPath: /tmp
              name: tmp-volume
          livenessProbe:
            httpGet:
              scheme: HTTPS
              path: /
              port: 8443
            initialDelaySeconds: 30
            timeoutSeconds: 30
          securityContext:
            allowPrivilegeEscalation: false
            readOnlyRootFilesystem: true
            runAsUser: 1001
            runAsGroup: 2001
      volumes:
        - name: kubernetes-dashboard-certs
          secret:
            secretName: kubernetes-dashboard-certs
        - name: tmp-volume
          emptyDir: {}
      serviceAccountName: kubernetes-dashboard
      nodeSelector:
        "kubernetes.io/os": linux
      # Comment the following tolerations if Dashboard must not be deployed on master
      tolerations:
        - key: node-role.kubernetes.io/master
          effect: NoSchedule

---

kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: dashboard-metrics-scraper
  name: dashboard-metrics-scraper
  namespace: kubernetes-dashboard
spec:
  ports:
    - port: 8000
      targetPort: 8000
  selector:
    k8s-app: dashboard-metrics-scraper

---

kind: Deployment
apiVersion: apps/v1
metadata:
  labels:
    k8s-app: dashboard-metrics-scraper
  name: dashboard-metrics-scraper
  namespace: kubernetes-dashboard
spec:
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      k8s-app: dashboard-metrics-scraper
  template:
    metadata:
      labels:
        k8s-app: dashboard-metrics-scraper
      annotations:
        seccomp.security.alpha.kubernetes.io/pod: 'runtime/default'
    spec:
      containers:
        - name: dashboard-metrics-scraper
          image: 192.168.1.100:5000/metrics-scraper:v1.0.4
          ports:
            - containerPort: 8000
              protocol: TCP
          livenessProbe:
            httpGet:
              scheme: HTTP
              path: /
              port: 8000
            initialDelaySeconds: 30
            timeoutSeconds: 30
          volumeMounts:
          - mountPath: /tmp
            name: tmp-volume
          securityContext:
            allowPrivilegeEscalation: false
            readOnlyRootFilesystem: true
            runAsUser: 1001
            runAsGroup: 2001
      serviceAccountName: kubernetes-dashboard
      nodeSelector:
        "kubernetes.io/os": linux
      # Comment the following tolerations if Dashboard must not be deployed on master
      tolerations:
        - key: node-role.kubernetes.io/master
          effect: NoSchedule
      volumes:
        - name: tmp-volume
          emptyDir: {}

# ---------------------------------- 查询验证 --------------------------------------

[root@master dashboard]# kubectl -n kubernetes-dashboard get pod
NAME                                         READY   STATUS    RESTARTS   AGE
dashboard-metrics-scraper-57bf85fcc9-vsz74   1/1     Running   0          52s
kubernetes-dashboard-7b7f78bcf9-5k8vq        1/1     Running   0          52s
[root@master dashboard]# kubectl -n kubernetes-dashboard get service
NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)
dashboard-metrics-scraper   ClusterIP   10.254.76.85     <none>        8000/TCP
kubernetes-dashboard        ClusterIP   10.254.211.125   <none>        443/TCP

# ---------------------------------- 对外发布服务 -----------------------------------

[root@master dashboard]# vim service.yaml
---
kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  ports:
    - port: 443
      nodePort: 30443                # 新添加
      targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard
  type: NodePort                     # 新添加
[root@master dashboard]# kubectl apply -f service.yaml 
service/kubernetes-dashboard configured
[root@master dashboard]# kubectl -n kubernetes-dashboard get service
NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.254.66.25     <none>        8000/TCP        2m6s
kubernetes-dashboard        NodePort    10.254.165.155   <none>        443:30443/TCP   2m6s
[root@master dashboard]#

在华为云上为 node 节点绑定弹性公网IP [ https://弹性公网IP:30443/ ]

 3.token认证登录

[root@master dashboard]# cat admin-token.yaml 
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard
[root@master dashboard]# kubectl apply -f admin-token.yaml 
serviceaccount/admin-user created
clusterrolebinding.rbac.authorization.k8s.io/admin-user created

[root@master dashboard]# kubectl apply -f admin-token.yaml
[root@master ~]# kubectl -n kubernetes-dashboard get secrets 
NAME                               TYPE                                  DATA   AGE
admin-user-token-bxjlz             kubernetes.io/service-account-token   3      23s
[root@master ~]# kubectl -n kubernetes-dashboard describe secrets admin-user-token-bxjlz
Name:         admin-user-token-bxjlz
... ...
ca.crt:     1025 bytes
namespace:  20 bytes
token:      这里这个很长的字符串就是你要找的认证 token

使用获取的 token 登录,通过 web 页面访问即可

 

kali_yao
关注
  • 1
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
OpenSearch-Dashboards:OpenSearch的开源可视化仪表板
04-17
OpenSearch仪表板 你好! OpenSearch Dashboards是源自Kibana 7.10.2的开源搜索和分析可视化文件,当前处于Alpha状态。 尽管我们仍在设置过程中,但我们很高兴能与您一起为星球上的OpenSearch建立最佳的可视化平台。 我们已于2021年1月21日正式开始新分支的工作。此后,我们一直在删除不符合Apache 2.0的代码,并对该项目进行了完整的重命名。 随意查看我们所做的一切,然后前往以跟踪初始发布目标,或者加入并或。 指导原则 这是我们用来指导我们发展的原则。 来自 : 当我们(贡献者)成功时,OpenSearch项目将是: 1.很棒的软件。 如果它不能解决您的问题,那么其他一切都没有意义。 这将是您喜欢使用的软件。 2.像我们所说的那样开源。 从长远来看,我们投资于这是一个成功的开源项目。 都是Apache 2.0。 没有“贡献者许
二进制部署k8s集群.pdf
09-13
3. **部署 Dashboard**:可选地,部署 Kubernetes Dashboard 提供图形界面集群管理工具。 **六、监控与维护** - 安装 Prometheus 和 Grafana 监控 Kubernetes 集群的状态。 - 设置日志收集工具如 Fluentd 或 ELK...
Docker安装Sentinel-dashboard
zg
05-07 2682
目录   1. 处理的情况   2. sentinel-dashboard   3. sentinel-client 1. 处理的情况 ① 当sentinel-dashboard、sentinel-client都位于localhost,dashboard能显示client中的资源; ② 当用docker安装sentinel-dashboard(桥接到docker0),而sentinel-client位于localhost,dashboard不能显示client中的资源; sentinel-dashbo
docker-compose安装 rocketmq server、dashboard
Ricardo.M.Yu的博客
06-02 931
rocket分为3个服务:nameserver、broker、dashboard这边我计划分开安装:安装版本为4.5.0。
Docker学习-04-容器管理工具 Docker架构及部署
最新发布
qq_22772699的博客
05-30 1850
用于存储已生成容器运行模板的仓库,用户使用时,可直接从容器镜像仓库中下载容器镜像,即容器运行模板,就可以运行容器镜像中包含的应用了。Docker Daemon客户端工具,用于同Docker Daemon进行通信,执行用户指令,可部署Docker Host上,也可以部署在其它主机,能够连接到Docker Daemon即可操作。由容器镜像生成,用于应用程序运行的环境,包含容器镜像中所有文件及用户后添加的文件,属于基于容器镜像生成的可读写层,这也是应用程序活跃的空间。安装Docker-ce版本。
Docker desktop简单部署K8s+dashboard
qq_22213171的博客
11-08 1145
Docker desktop简单部署K8s+dashboard
K8S(kubernetes)学习(六):K8S之Dashboard图形界面
HaleyTiger的博客
01-15 2442
一、Dashboard简介 官网:https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/   Dashboard是基于web的Kubernetes用户界面。您可以使用指示板将容器化的应用程序部署到Kubernetes集群,对容器化的应用程序进行故障排除,并管理集群资源。您可以使用Dashboard来获得运行在集群上的应用程序的概览,以及创建或修改单独的Kubernetes资源(例如部署、作业、守.
docker_k8s_dns.tar.gz、kubernetes-dashboard.tar.gz oldboy58
04-01
Kubernetes Dashboard是一个Web UI,允许用户通过图形界面直观地管理和监控Kubernetes集群。这个工具对运维人员尤其有用,因为它提供了创建、更新、删除Pod、Deployment、Service等资源的能力,同时还能查看集群状态...
minikube之带你玩转k8s集群
06-22
1. `minikube dashboard`:此命令将打开Kubernetes Dashboard,这是一个图形化的界面,用于监控和管理集群。 2. `minikube stop`和`minikube start`:用于暂停和重启集群。 3. `minikube ip`:显示Minikube集群的IP...
kubernetes-dashboard
12-29
Kubernetes Dashboard 是 Kubernetes 集群的一种图形化管理工具,为用户提供了一种直观的 Web 界面,用于管理和监控集群中的应用和服务。它允许管理员和开发人员通过简单的界面执行常见的集群管理任务,如创建、更新...
Kubenetes on Docker
05-01
部署Dashboard,可以使用`kubectl apply -f dashboard.yaml`命令。 - **Kubernetes Dashboard详解**: Dashboard提供了图形化界面,使得非命令行用户也能进行资源操作,如创建Pod、Service、Deployment等。它也...
本地使用 docker 运行OpenSearch + Dashboard + IK 分词插件
Dexter's Laboratory
12-21 1693
写这篇文章的时候 IK 最新版本2.11.0, 而 dockerhub 上 OpenSearch 最新版是2.11.1如果版本不匹配的话是不能用的, 小版本号对不上也不行!已经踩过坑了…
k8s部署dashboard
qq_34041723的博客
11-12 1273
一、部署dashboard的Web-UI界面! 官网地址:https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/ 1、下载yaml文件配置并执行 wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.4.0/aio/deploy/recommended.yaml #39行左右 新增type: NodePort 和 nodePort:31
recommended.yaml
kevinmartin的专栏
03-07 2141
#Copyright2017TheKubernetesAuthors. # #LicensedundertheApacheLicense,Version2.0(the"License"); #youmaynotusethisfileexceptincompliancewiththeLicense. #YoumayobtainacopyoftheLicenseat # #http://www.apache.org/li...
使用docker启动kong和kong-dashboard
。。
06-25 2448
docker创建一个网络 docker network create kong-net 创建一个存储卷 docker volume create kong-vol 查看卷信息 docker volume inspect kong-vol 内容应该如下结构: [ { "CreatedAt": "2019-05-28T12:40:09Z", "Driv...
部署Dashboard
qq_69041923的博客
09-20 823
之前在kubernetes中完成的所有操作都是通过命令行工具kubectl完成的。其实,为了提供更丰富的用户体验,kubernetes还开发了一个基于web的用户界面(Dashboard)。用户可以使用Dashboard部署容器化的应用,还可以监控应用的状态,执行故障排查以及管理kubernetes中各种资源。
Dashboard部署
heiwa110的博客
11-13 284
官网 https://kubernetes.io/zh-cn/docs/tasks/access-application-cluster/web-ui-dashboard/ 一、下载资源清单文件 上述官网提供的地址无法访问,所以无法直接部署 #官方给的地址 kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashbo...
解决kubernetes启动容器时,容器一直是ContainerCreating不能running
热门推荐
gezilan的博客
04-19 2万+
表象 kubectl -f create redis.yaml kubectl get pod redis NAME READY STATUS RESTARTS AGE kubetest-8s1rt1 0/1 ContainerCreating 0 12s pod的状态一直是Co...
kubernetes 1.15.0使用的dashboardDocker镜像下载
wujingang的专栏
08-06 1422
由于国内限制下载不到k8s 1.15.0使用的dashboard镜像。 [root@localhost ~]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE kubernetesui/dashboard...
Kubernetes Dashboard部署:证书过期与恢复访问指南
Kubernetes Dashboard是Kubernetes生态系统中的一个重要组件,它提供了一个图形用户界面(GUI),使得集群管理员和开发者能够更直观地操作和管理Kubernetes集群。通过Dashboard,用户可以创建、更新、删除Pod、...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值