K8s部署Dashboard
上一篇文章讲述了自己如果使用 Kubeadm 安装k8s,部署应用还是需要一个前端页面,这样便于操作。
0. 序言
0.1 本文的目录
0.2 阅读本文可以给你带来什么
简单了解在社区k8s上部署Dashboard。
1. 部署Dashboard
1.1 官网推荐部署
其实也就是简单的2步
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml
kubectl proxy
# 访问
http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
1.2 通过NodePort访问Dashboard
1.下载yaml
wget -e robots=off https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml
2.创建namespace
kubectl create ns kubernetes-dashboard
将recommended.yaml中的创建namespace的配置删除
3.创建证书
# 创建目录
mkdir certs
cd certs
openssl genrsa -out dashboard.key 2048
openssl req -new -out dashboard.csr -key dashboard.key -subj '/CN=kubernetes-dashboard'
openssl x509 -req -in dashboard.csr -signkey dashboard.key -out dashboard.crt
4.创建secret
kubectl create secret generic kubernetes-dashboard-certs --from-file=dashboard.key --from-file=dashboard.crt -nkubernetes-dashboard
5.删除recommended.yaml中secret
6.修改service类型位nodeport
7.修改ClusterRoleBinding绑定用户——当前集群管理员用户
8.添加跳过登陆参数
详细 yaml 信息如下:
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
---
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
ports:
- port: 443
targetPort: 8443
nodePort: 30001
type: NodePort
selector:
k8s-app: kubernetes-dashboard
---
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-csrf
namespace: kubernetes-dashboard
type: Opaque
data:
csrf