1,下载dashboard 配置清单
wget -C https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.0/aio/deploy/recommended.yaml
2,根据清单确定需要的镜像版本:
[root@master dashboard]# cat recommended.yaml |grep image
image: kubernetesui/dashboard:v2.5.1
imagePullPolicy: Always
image: kubernetesui/metrics-scraper:v1.0.7
docker pull kubernetesui/dashboard:v2.5.1
docker pull kubernetesui/metrics-scraper:v1.0.7
3,修改配置文件,添加全局用户
- 官方给的配置文件启动dashboard service 是ClusterIp 类型不便于集群外部访问,type修改为NodePort.
- 官方给的默认角色权限太小,需要修改,在这里为了省事重新创建一个角色,并作绑定
cat > dashboard-svc-account.yaml << EOF
apiVersion: v1
kind: ServiceAccount
metadata:
name: dashboard-admin
namespace: kube-system
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: dashboard-admin
subjects:
- kind: ServiceAccount
name: dashboard-admin
namespace: kube-system
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io
EOF
kubectl apply -f dashboard-svc-account.yaml # 执行
获取token值
[root@master dashboard]# a=`kubectl get secret -n kube-system |grep admin|awk '{print $1}'`
[root@master dashboard]# kubectl describe secret $a -n kube-system|grep '^token'|awk '{print $2}'
最终就可以登录dashboard 了