Kubernetes 版本: 1.20.0
Dashboard 版本 : v2.1.0
检查dashboard版本与kubernetes版本兼容性:
https://github.com/kubernetes/dashboard/releases
部署Dashboard
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.1.0/aio/deploy/recommended.yaml
查看dashboard运行状态
[root@k8s dashboard]# kubectl get pod -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-79c5968bdc-49fm4 1/1 Running 0 49m
kubernetes-dashboard-7448ffc97b-kmph6 1/1 Running 0 49m
[root@k8s dashboard]# kubectl get svc -n kubernetes-dashboard
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
dashboard-metrics-scraper ClusterIP 10.98.20.211 <none> 8000/TCP 50m
kubernetes-dashboard ClusterIP 10.99.48.189 <none> 443/TCP 50m
修改Dashboard
通过NodePort方式暴露端口,这里指定30001,可自定义:
kubectl patch svc kubernetes-dashboard \
-n kubernetes-dashboard \
-p '{"spec":{"type":"NodePort","ports":[{"port":443,"targetPort":8443,"nodePort":30001}]}}'
登录Dashboard
浏览器访问dashboard:
https://<NODE_IP>:30001
选择token方式
创建dashboard-adminuser.yaml:
cat > dashboard-adminuser.yaml << EOF
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard
EOF
创建登录用户
kubectl apply -f dashboard-adminuser.yaml
说明:上面创建了一个叫admin-user的服务账号,并放在kubernetes-dashboard 命名空间下,并将cluster-admin角色绑定到admin-user账户,这样admin-user账户就有了管理员的权限。默认情况下,kubeadm创建集群时已经创建了cluster-admin角色,我们直接绑定即可。
查看admin-user账户的token
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')
把获取到的Token复制到登录界面的Token输入框中,成功登陆dashboard:
参考链接:https://blog.csdn.net/networken/article/details/85607593(包含Dashboard使用方法)