Kubernetes附加组件Dashboard部署实战篇

最新推荐文章于 2024-06-09 22:59:32 发布
最新推荐文章于 2024-06-09 22:59:32 发布
阅读量693 收藏 1
点赞数
文章标签: kubernetes docker dashboard 分布式 运维
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/xtjatswc/article/details/109234576
版权

一.Kubernetes的附加组件Dashboard概述

复制代码 
  在Kubernetes有一个著名的附加组件叫面板(Dashboard),该组件实现了Kubernetes的WebUI,通过该组件我们可以实现对Kubernetes集群的管理。

  Kubernetes支持多用户管理,换句话说,就是你可以使用不同权限的用户通过Dashboard进行登录从而获得不同的角色权限对Kubernetes集群进行管理,但是Dashborad组件本身并不做任何的认证功能,Dashboard仅仅将认证请求代理至Kubernetes。

  由于Dashboard组件是以Pod形式运行在Kubernetes集群之上,因此他通过ServiceAccount的用户账号进行认证。

  由于Dashboard组件一般都是在集群外部需要进行访问,因此我们应该将Dashboard组件的网络设置为NodePort类型,或者使用Ingress进行代理,生产环境中推荐使用后者。
复制代码

二.基于Kubernetes自建ca证书进行证书认证

1>.创建私钥

[root@master200.yinzhengjie.org.cn /etc/kubernetes/pki]# openssl genrsa -out dashboard.key 2048

2>.创建证书请求

[root@master200.yinzhengjie.org.cn /etc/kubernetes/pki]# openssl req -new -key dashboard.key -out dashboard.csr -subj "/O=jason/CN=dashboard"

3>.使用kubernetes自建的ca证书进行认证

[root@master200.yinzhengjie.org.cn /etc/kubernetes/pki]# openssl x509 -req -in dashboard.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out dashboard.crt -days 3650

三.基于自建的证书和私钥创建secret用于Dashborad

1>.创建用于Dashboard组件的Secret资源

[root@master200.yinzhengjie.org.cn /etc/kubernetes/pki]# kubectl create secret generic kubernetes-dashboard-certs -n kube-system --from-file=dashboard.crt --from-file=dashboard.key

2>.查看Dashboard的secret文件

[root@master200.yinzhengjie.org.cn ~]# kubectl get secret -n kube-system kubernetes-dashboard-certs -o yaml

四.部署Dashboard

1>.参考官方文档

  博主推荐阅读:
    https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/#deploying-the-dashboard-ui

2>.查看官方的资源清单

3>.如下图所示,将Google官网的镜像指向国内的阿里镜像仓库(需要登录阿里官网查看)

4>.将修好后的yaml文件上传到服务器(window如果使用另存为的网页文件的后缀名是".txt",需要我们上传到服务器后进行更名)并应用

[root@master200.yinzhengjie.org.cn ~]# cat recommended.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f recommended.yaml
[root@master200.yinzhengjie.org.cn ~]# kubectl get all -n kubernetes-dashboard

5>.修改service的类型

[root@master200.yinzhengjie.org.cn ~]# cat recommended.yaml        #修改名为kubernetes-dashboard的service资源将其TYPE类型改为NodePort类型,也可以使用命令行的方式修改,如下所示。
复制代码 
[root@master200.yinzhengjie.org.cn ~]# kubectl get all  -n kubernetes-dashboard
NAME                                             READY   STATUS    RESTARTS   AGE
pod/dashboard-metrics-scraper-76978898b7-hh7pp   1/1     Running   0          5m23s
pod/kubernetes-dashboard-5677747d9d-k8h4n        1/1     Running   0          5m23s

NAME                                TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
service/dashboard-metrics-scraper   ClusterIP   10.105.15.32    <none>        8000/TCP   5m23s
service/kubernetes-dashboard        ClusterIP   10.103.133.58   <none>        443/TCP    5m23s

NAME                                        READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/dashboard-metrics-scraper   1/1     1            1           5m23s
deployment.apps/kubernetes-dashboard        1/1     1            1           5m23s

NAME                                                   DESIRED   CURRENT   READY   AGE
replicaset.apps/dashboard-metrics-scraper-76978898b7   1         1         1       5m23s
replicaset.apps/kubernetes-dashboard-5677747d9d        1         1         1       5m23s
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl edit service/kubernetes-dashboard -n kubernetes-dashboard
service/kubernetes-dashboard edited
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get all  -n kubernetes-dashboard
NAME                                             READY   STATUS    RESTARTS   AGE
pod/dashboard-metrics-scraper-76978898b7-hh7pp   1/1     Running   0          8m24s
pod/kubernetes-dashboard-5677747d9d-k8h4n        1/1     Running   0          8m24s

NAME                                TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE
service/dashboard-metrics-scraper   ClusterIP   10.105.15.32    <none>        8000/TCP        8m24s
service/kubernetes-dashboard        NodePort    10.103.133.58   <none>        443:32242/TCP   8m24s

NAME                                        READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/dashboard-metrics-scraper   1/1     1            1           8m24s
deployment.apps/kubernetes-dashboard        1/1     1            1           8m24s

NAME                                                   DESIRED   CURRENT   READY   AGE
replicaset.apps/dashboard-metrics-scraper-76978898b7   1         1         1       8m24s
replicaset.apps/kubernetes-dashboard-5677747d9d        1         1         1       8m24s
[root@master200.yinzhengjie.org.cn ~]#
复制代码

6>.使用Google浏览器访问Dashboard的WebUI失败,但是使用360的浏览器访问正常

  如下图所示,使用Google浏览器访问Dashboard的WebUI时失败:
    https://master200.yinzhengjie.org.cn:31797/#/login


  如下图所示,使用浏览器浏览器访问Dashboard的WebUI时成功:
    https://master200.yinzhengjie.org.cn:31797/#/login

7>.于是从互联网找到较老的yaml版本并做简要修改(还是中文版本的哟~,接下来的试验我就是用这个版本试验了,毕竟母语看起来舒服点~)

[root@master200.yinzhengjie.org.cn ~]# cat kubernetes-dashboard.yaml
复制代码 
[root@master200.yinzhengjie.org.cn ~]# ll
total 16
-rw-r--r-- 1 root root 4689 Feb 19 08:29 kubernetes-dashboard.yaml
-rw-r--r-- 1 root root 7772 Feb 19 08:11 recommended.yaml
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl apply -f kubernetes-dashboard.yaml 
secret/kubernetes-dashboard-certs created
serviceaccount/kubernetes-dashboard created
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
deployment.apps/kubernetes-dashboard created
service/kubernetes-dashboard created
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get service -n kube-system | grep dashboard
kubernetes-dashboard   NodePort    10.110.69.244   <none>        443:31358/TCP            14s
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]#
复制代码

五.登录dashboard

1>.创建服务账户(serviceaccount)资源

复制代码 
[root@master200.yinzhengjie.org.cn ~]# kubectl create serviceaccount ui-admin -n kube-system
serviceaccount/ui-admin created
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get sa  -n kube-system ui-admin
NAME       SECRETS   AGE
ui-admin   1         63s
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]#
复制代码

2>.创建集群角色绑定

复制代码 
[root@master200.yinzhengjie.org.cn ~]# kubectl get sa  -n kube-system ui-admin
NAME       SECRETS   AGE
ui-admin   1         135m
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get clusterrole  -n kube-system cluster-admin
NAME            AGE
cluster-admin   14d
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl create clusterrolebinding cluster-ui-admin --clusterrole=cluster-admin --serviceaccount=kube-system:ui-admin
clusterrolebinding.rbac.authorization.k8s.io/cluster-ui-admin created
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl get clusterrolebinding cluster-ui-admin
NAME               AGE
cluster-ui-admin   26s
[root@master200.yinzhengjie.org.cn ~]#
复制代码

3>.获取ui-admin的token

复制代码 
[root@master200.yinzhengjie.org.cn ~]# kubectl get sa ui-admin -n kube-system -o yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  creationTimestamp: "2020-02-19T00:47:06Z"
  name: ui-admin
  namespace: kube-system
  resourceVersion: "175736"
  selfLink: /api/v1/namespaces/kube-system/serviceaccounts/ui-admin
  uid: 1b64fa2d-ade7-4a8e-91c8-f73e224b058c
secrets:
- name: ui-admin-token-rgh7t
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl describe secret ui-admin-token-rgh7t -n kube-system
Name:         ui-admin-token-rgh7t
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: ui-admin
              kubernetes.io/service-account.uid: 1b64fa2d-ade7-4a8e-91c8-f73e224b058c

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1025 bytes
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6ImViN0hUNExFU2dOZ2NhNmZSS0dGMFNIM3JnR0ZQTXN5azlRV2hkS3BPS00ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV
0Lm5hbWUiOiJ1aS1hZG1pbi10b2tlbi1yZ2g3dCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJ1aS1hZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjFiNjRmYTJkLWFkZTctNGE4ZS05MWM4LWY3M2UyMjRiMDU4YyIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTp1aS1hZG1pbiJ9.Ap5rByabSmJezjHgh78tpxsqxRvE-uTkOUn_UaW-G9LDX91Bb5WjAv5yQ4tbnC9Y4VjKUI86AO9AI3RMFUNI80A62LuhX8JdxgEVmAEttMsrFc3H2LHCRfjiPYfkobRftk82OX6Ks4cnxRN9bOFTLIOqVIump4Vj9y_5MrbelkAcRdMSIhQMkHVhwuiAzR_r81FLunf6udSsBf_Zwl4feu5QSB2IkCkNtVrEYDbsGe1a1X8EUA89IEDy5bgjrZxlDgdiWvk-3mKz_5Q8r4ZZuXE75c6xKM6gIbAmVKJat3jwTN8pYJIkJqohYtOQyndcEBihyvI2JwytU8I-yncaJA[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]#
复制代码

4>.基于ui-admin绑定的secrets的token进行认证,如下图所示

5>.创建kubeconfig的配置文件并在dashboard的WebUI中选择以kubeconfig的方式登录

复制代码 
[root@master200.yinzhengjie.org.cn ~]# kubectl get sa ui-admin -n kube-system -o yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  creationTimestamp: "2020-02-19T00:47:06Z"
  name: ui-admin
  namespace: kube-system
  resourceVersion: "175736"
  selfLink: /api/v1/namespaces/kube-system/serviceaccounts/ui-admin
  uid: 1b64fa2d-ade7-4a8e-91c8-f73e224b058c
secrets:
- name: ui-admin-token-rgh7t
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl describe secret  -n kube-system ui-admin-token-rgh7t
Name:         ui-admin-token-rgh7t
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: ui-admin
              kubernetes.io/service-account.uid: 1b64fa2d-ade7-4a8e-91c8-f73e224b058c

Type:  kubernetes.io/service-account-token

Data
====
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6ImViN0hUNExFU2dOZ2NhNmZSS0dGMFNIM3JnR0ZQTXN5azlRV2hkS3BPS00ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV
0Lm5hbWUiOiJ1aS1hZG1pbi10b2tlbi1yZ2g3dCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJ1aS1hZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjFiNjRmYTJkLWFkZTctNGE4ZS05MWM4LWY3M2UyMjRiMDU4YyIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTp1aS1hZG1pbiJ9.Ap5rByabSmJezjHgh78tpxsqxRvE-uTkOUn_UaW-G9LDX91Bb5WjAv5yQ4tbnC9Y4VjKUI86AO9AI3RMFUNI80A62LuhX8JdxgEVmAEttMsrFc3H2LHCRfjiPYfkobRftk82OX6Ks4cnxRN9bOFTLIOqVIump4Vj9y_5MrbelkAcRdMSIhQMkHVhwuiAzR_r81FLunf6udSsBf_Zwl4feu5QSB2IkCkNtVrEYDbsGe1a1X8EUA89IEDy5bgjrZxlDgdiWvk-3mKz_5Q8r4ZZuXE75c6xKM6gIbAmVKJat3jwTN8pYJIkJqohYtOQyndcEBihyvI2JwytU8I-yncaJAca.crt:     1025 bytes
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl config set-cluster yinzhengjie-k8s --server="https://172.200.1.200:6443" --certificate-authority=/etc/kubernetes/pki/ca.crt --embed-certs=true --kubeconfig=/tmp/ui-admin.kubeconfig
Cluster "yinzhengjie-k8s" set.
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl config set-credentials ui-admin --token=eyJhbGciOiJSUzI1NiIsImtpZCI6ImViN0hUNExFU2dOZ2NhNmZSS0dGMFNIM3JnR0ZQTXN5azlRV2hkS3BPS00ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJ1aS1hZG1pbi10b2tlbi1yZ2g3dCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJ1aS1hZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjFiNjRmYTJkLWFkZTctNGE4ZS05MWM4LWY3M2UyMjRiMDU4YyIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTp1aS1hZG1pbiJ9.Ap5rByabSmJezjHgh78tpxsqxRvE-uTkOUn_UaW-G9LDX91Bb5WjAv5yQ4tbnC9Y4VjKUI86AO9AI3RMFUNI80A62LuhX8JdxgEVmAEttMsrFc3H2LHCRfjiPYfkobRftk82OX6Ks4cnxRN9bOFTLIOqVIump4Vj9y_5MrbelkAcRdMSIhQMkHVhwuiAzR_r81FLunf6udSsBf_Zwl4feu5QSB2IkCkNtVrEYDbsGe1a1X8EUA89IEDy5bgjrZxlDgdiWvk-3mKz_5Q8r4ZZuXE75c6xKM6gIbAmVKJat3jwTN8pYJIkJqohYtOQyndcEBihyvI2JwytU8I-yncaJA --kubeconfig=/tmp/ui-admin.kubeconfig
User "ui-admin" set.
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl config set-context ui-admin@yinzhengjie-k8s --cluster=yinzhengjie-k8s --user=ui-admin --kubeconfig=/tmp/ui-admin.kubeconfig
Context "ui-admin@yinzhengjie-k8s" created.
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl config use-context ui-admin@yinzhengjie-k8s --kubeconfig=/tmp/ui-admin.kubeconfig
Switched to context "ui-admin@yinzhengjie-k8s".
[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]# kubectl config view --kubeconfig=/tmp/ui-admin.kubeconfig
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: https://172.200.1.200:6443
  name: yinzhengjie-k8s
contexts:
- context:
    cluster: yinzhengjie-k8s
    user: ui-admin
  name: ui-admin@yinzhengjie-k8s
current-context: ui-admin@yinzhengjie-k8s
kind: Config
preferences: {}
users:
- name: ui-admin
  user:
    token: eyJhbGciOiJSUzI1NiIsImtpZCI6ImViN0hUNExFU2dOZ2NhNmZSS0dGMFNIM3JnR0ZQTXN5azlRV2hkS3BPS00ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0
Lm5hbWUiOiJ1aS1hZG1pbi10b2tlbi1yZ2g3dCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJ1aS1hZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjFiNjRmYTJkLWFkZTctNGE4ZS05MWM4LWY3M2UyMjRiMDU4YyIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTp1aS1hZG1pbiJ9.Ap5rByabSmJezjHgh78tpxsqxRvE-uTkOUn_UaW-G9LDX91Bb5WjAv5yQ4tbnC9Y4VjKUI86AO9AI3RMFUNI80A62LuhX8JdxgEVmAEttMsrFc3H2LHCRfjiPYfkobRftk82OX6Ks4cnxRN9bOFTLIOqVIump4Vj9y_5MrbelkAcRdMSIhQMkHVhwuiAzR_r81FLunf6udSsBf_Zwl4feu5QSB2IkCkNtVrEYDbsGe1a1X8EUA89IEDy5bgjrZxlDgdiWvk-3mKz_5Q8r4ZZuXE75c6xKM6gIbAmVKJat3jwTN8pYJIkJqohYtOQyndcEBihyvI2JwytU8I-yncaJA[root@master200.yinzhengjie.org.cn ~]# 
[root@master200.yinzhengjie.org.cn ~]#
复制代码
xtjatswc
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
Kubernetes Dashboard 部署.docx
08-06
### Kubernetes Dashboard 部署详解 #### 一、概述 Kubernetes Dashboard 是一款基于 Web 的图形界面工具,用于管理 Kubernetes 集群。通过 Dashboard,用户可以执行多种操作,包括但不限于部署应用程序、管理资源...
kubernetes查看用户token
拒绝熬夜啊的博客
02-28 6383
kubernetes查看用户token
十分钟部署Kubernetes dashboard配置(k8s页面)
zhangpeng999123的博客
06-02 1961
十分钟部署Kubernetes dashboard配置(k8s页面) 一、概述 Kubernetes 简称为K8S,是用于自动部署,扩展和管理容器化应用程序的开源系统。Kubernetes的目标是让部署容器化的应用简单并且高效(powerful),Kubernetes提供了应用部署,规划,更新,维护的一种机制。 现在的云平台,基本上都是基于k8s实现的。 Kubernetes需要用到docker,应该说是Kubernetes本身就是对docker容器的管理。 Docker 是一个开源的应用容器引擎
Kubernetes篇(完)— DashBoard
最新发布
脚踏实地,实事求是。
06-09 418
之前在kubernetes中完成的所有操作都是通过命令行工具kubectl完成的。其实,为了提供更丰富的用户体验,kubernetes还开发了一个基于web的用户界面(Dashboard)。用户可以使用Dashboard部署容器化的应用,还可以监控应用的状态,执行故障排查以及管理kubernetes中各种资源。
kubernetes dashboard 授权/权限/角色绑定问题导致页面报错
rockstics的博客
02-16 7111
报错: namespaces is forbidden: User “system:serviceaccount:kubernetes-dashboard:kubernetes-dashboard” cannot list resource “namespaces” in API group “” at the cluster scope system:serviceaccount:kubernetes-dashboard:kubernetes-dashboard events is forbidden:
serviceaccounts is forbidden: User “system:serviceaccount:kubernetes-dashboard:kubernetes-dashboard
kongkong的专栏
04-22 3644
错误信息 serviceaccounts is forbidden: User “system:serviceaccount:kubernetes-dashboard:kubernetes-dashboard” cannot list resource “serviceaccounts” in API group “” in the namespace “default” 费了老大的功夫才明白是serviceaccount的问题,k8sdashboard出厂的serviceaccount权限太低,需要配置
docker kubernetes dashboard安装部署详细介绍
09-30
主要介绍了docker kubernetes dashboard安装部署详细介绍的相关资料,需要的朋友可以参考下
部署和操作使用kubernetes可视化插件dashboard操作手册.pdf
10-21
部署和操作使用kubernetes可视化插件dashboard操作手册,亲自操作整理,无坑。
Kubernetes Dashboard
01-20
Kubernetes DashboardKubernetes 集群的 Web UI,用于管理集群。 安装 GitHub 地址:Kubernetes Dashboard 找到合适Kubernetes 的版本 下载配置文件,实在下载不了可以用迅雷。 wget ...
KubernetesDashboard
qq_41619571的博客
10-12 8845
参考文件: Kubectl Reference Docs (kubernetes.io) 配置对多集群的访问 | Kubernetes
kubeasz 安装K8S 错误解决
热门推荐
疯飙的蜗牛
02-21 1万+
问题一、couldn't get resource list for metrics.k8s.io/v1beta1: the server is currently unable to handle the request 问题二、FAILED - RETRYING: 轮询等待calico-node 运行 (15 retries left). FAILED - RETR 问题三、提示没有kubectl(其它相关命令)命令。问题四、安装calico网络中的一些问题。
启动用户不报错 交互式用户和下列用户报错_kubernetes报错汇总 k8s
weixin_39978749的博客
11-28 435
问题一:MountVolume.SetUp failed for volume "etcd-certs" : secret "etcd-certs" not found 解决方案:kubectl -n kube-system create secret generic etcd-certs --from-file=/etc/kubernetes/pki/etcd/server.crt --from...
k8s安装kubernetes dashboard
tearofthemyth的专栏
01-27 1426
文章目录GitHub地址一、安装k8s dashboard二、配置权限1.访问dashboard2.配置权限三、附件1.原版recommended.yaml2.修改后的recommended.yaml GitHub地址 k8s dashboard的GitHub地址可以点这里。 一、安装k8s dashboard 首先我们参考GitHub上的说明进行安装,只需执行下面的一行命令: $ kubectl apply -f https://raw.githubusercontent.com/kubernetes/d
kubernetes(k8s)中部署dashboard可视化面板
小云的博客
10-28 6198
Web 界面 (Dashboard)Dashboard 是基于网页的 Kubernetes 用户界面。你可以使用 Dashboard 将容器应用部署Kubernetes 集群中,也可以...
kubernates dashboard管理界面安装及管理员用户配置
请大家直接把问题写在评论区或留言,不要只说一句"你好 或 在吗",我会尽快回复的。
06-25 1508
kubernetes 安装 dashboard配置登录管理员用户
k8s更新资源的时候报错
Laiyunpeng666的博客
06-30 1798
问题一:创建资源的时候报错–validate=false [root@hdss7-22 ~]# kubectl apply -f http://k8s-yaml.od.com/dashboard/rbac-minimal.yaml serviceaccount/kubernetes-dashboard unchanged role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal unchanged error: error validating
Kubernetes-容器资源限制、容器资源监控、Dashboard部署(可视化)
qq_46490950的博客
08-03 548
目录一.kubernetes容器资源限制1.内存限制2.CPU限制3.namespace设置资源限制4.namespace设置资源配额5. Namespace 配置Pod配额二. kubernetes资源监控1.Metrics-Server介绍2.Metrics-Server安装部署3.解决报错3.1 错误一3.2 错误二3.3 错误三4.测试 一.kubernetes容器资源限制 Kubernetes采用request和limit两种限制类型来对资源进行分配。 request(资源需求):即运行Pod的节
k8s集群的部分pod卡在ContainerCreating状态
qq_42063179的博客
08-29 1672
k8s集群状态正常,部分pod无法正常运行,经排查是glusterfs提供的卷异常
kubernetes-dashboard 部署
06-08
以下是部署 Kubernetes Dashboard 的步骤: 1. 下载 Kubernetes Dashboard YAML 文件: ```bash curl -LO https://raw.githubusercontent.com/kubernetes/dashboard/v2.4.0/aio/deploy/recommended.yaml ``` 2. ...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值