dashboard

可以从微软中国提供的 gcr.io :http://mirror.azure.cn/help/gcr-proxy-cache.html免费代理下载被墙的镜像

docker pull gcr.azk8s.cn/google_containers/<imagename>:<version>

1. 下载文件

下载三个文件:https://github.com/gjmzj/kubeasz/tree/master/manifests/dashboard

[root@hs-k8s-master01 dashboard]# pwd

/data/k8s/dashboard

[root@hs-k8s-master01 dashboard]# ll

总用量 32

-rw-r--r-- 1 root root  843 2月   5 15:31 admin-user-sa-rbac.yaml

-rw-r--r-- 1 root root 8026 2月   5 15:38 kubernetes-dashboard.yaml

-rw-r--r-- 1 root root 3084 2月   5 15:33 read-user-sa-rbac.yaml

2. 部署dashboard主yaml配置文件

#修改镜像下载地址

[root@hs-k8s-master01 dashboard]# cat kubernetes-dashboard.yaml |grep image

          image: registry.cn-hangzhou.aliyuncs.com/google_containers/dashboard:v2.0.0-rc3

          image: registry.cn-hangzhou.aliyuncs.com/google_containers/metrics-scraper:v1.0.3

[root@hs-k8s-master01 dashboard]# kubectl apply -f kubernetes-dashboard.yaml

secret/kubernetes-dashboard-certs created

serviceaccount/kubernetes-dashboard created

role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created

rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created

deployment.apps/kubernetes-dashboard created

service/kubernetes-dashboard created

3. 创建可读可写admin Service Account

[root@hs-k8s-master01 dashboard]# kubectl apply -f admin-user-sa-rbac.yaml

serviceaccount/admin-user created

clusterrolebinding.rbac.authorization.k8s.io/admin-user created

4. 创建只读 read Service Account

[root@hs-k8s-master01 dashboard]# kubectl apply -f read-user-sa-rbac.yaml

serviceaccount/dashboard-read-user created

clusterrolebinding.rbac.authorization.k8s.io/dashboard-read-binding created

clusterrole.rbac.authorization.k8s.io/dashboard-read-clusterrole created

5. 查看

#查看pod运行状态

[root@hs-k8s-master01 dashboard]# kubectl get pod -n kube-system | grep dashboard

dashboard-metrics-scraper-6b66849c9-8lvqd   1/1     Running   0          23m

kubernetes-dashboard-6dc6c4f59-84526        1/1     Running   0          23m

#查看dashboard service

[root@hs-k8s-master01 dashboard]#  kubectl get svc -n kube-system|grep dashboard

dashboard-metrics-scraper   ClusterIP   10.107.131.160   <none>        8000/TCP                 23m

kubernetes-dashboard        NodePort    10.99.144.160    <none>        443:31110/TCP            23m

#查看集群服务

[root@hs-k8s-master01 dashboard]# kubectl cluster-info

Kubernetes master is running at https://20.0.0.250:8443

KubeDNS is running at https://20.0.0.250:8443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy

kubernetes-dashboard is running at https://20.0.0.250:8443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy

To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.

#查看pod运行日志

[root@hs-k8s-master01 dashboard]# kubectl logs kubernetes-dashboard-6dc6c4f59-84526 -n kube-system

6. 生成证书

供本地google浏览器使用

#生成client-certificate-data

[root@k8s-master01 dashboard]# grep 'client-certificate-data' ~/.kube/config | head -n 1 | awk '{print $2}' | base64 -d >> kubecfg.crt

#生成client-key-data

[root@k8s-master01 dashboard]# grep 'client-key-data' ~/.kube/config | head -n 1 | awk '{print $2}' | base64 -d >> kubecfg.key

#生成p12

[root@k8s-master01 dashboard]# openssl pkcs12 -export -clcerts -inkey kubecfg.key -in kubecfg.crt -out kubecfg.p12 -name "kubernetes-client"

Enter Export Password:   1

Verifying - Enter Export Password:     1

[root@hs-k8s-master01 dashboard]# ll

总用量 28

-rw-r--r-- 1 root root  843 2月   5 15:31 admin-user-sa-rbac.yaml

-rw-r--r-- 1 root root 1082 2月   5 15:41 kubecfg.crt

-rw-r--r-- 1 root root 1679 2月   5 15:41 kubecfg.key

-rw-r--r-- 1 root root 2464 2月   5 15:43 kubecfg.p12

-rw-r--r-- 1 root root 8026 2月   5 15:38 kubernetes-dashboard.yaml

-rw-r--r-- 1 root root 3084 2月   5 15:33 read-user-sa-rbac.yaml

[root@k8s-master01 dashboard]# sz kubecfg.p12

谷歌浏览器导入证书:

备注把上一步骤的kubecfg.p12 文件导入证书后需要重启浏览器:

7. 导出令牌

[root@hs-k8s-master01 dashboard]#  kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

Name:         admin-user-token-4d2r4

Namespace:    kube-system

Labels:       <none>

Annotations:  kubernetes.io/service-account.name: admin-user

              kubernetes.io/service-account.uid: cf8638e0-1434-4f61-aded-262f213dd803

Type:  kubernetes.io/service-account-token

Data

====

ca.crt:     1025 bytes

namespace:  11 bytes

token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IjZaOTZ5MmR5MEs3eUVnclJ4R0MtOTNmVDlTTGlteGdzQ1RJc1ZZT2xvT00ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLTRkMnI0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJjZjg2MzhlMC0xNDM0LTRmNjEtYWRlZC0yNjJmMjEzZGQ4MDMiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.HXlI_vXP4b9VVP6_jptMFjp99u1NLlmgC26ITfA7cHRPIyjxW6vKv97GjAOxF3Ne691cTZLcOAh_b1dNXExLkmUqKoWY8Cg_ys5hvQ2rcC_CEpS7S4shKWEb_DeLUUgr4UjjIDQKCH_tczX3nNpfsqiooMsMYkac-MlwgCHVvxgkqKmfrkub6ifP02yuaWBLhvuYvJc6DX_NvHQzy9w8FFbB2d4gpthzt_sinSR4x84MzgKHdOsj9CHXqwHMdCMwu0A-FM-bg7yr1fHZLKORrSrHz9OZ1pJeU-82VYRSOEntW7o6X3b0zOi2nB6yIpDmVDzzk5g30sI32vivmrNEJg

#导出令牌

[root@k8s-master01 dashboard]# vim /root/.kube/config   加

token: eyJhbGciOiJSUzI1NiIsImtpZCI6IjZaOTZ5MmR5MEs3eUVnclJ4R0MtOTNmVDlTTGlteGdzQ1RJc1ZZT2xvT00ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLTRkMnI0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJjZjg2MzhlMC0xNDM0LTRmNjEtYWRlZC0yNjJmMjEzZGQ4MDMiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.HXlI_vXP4b9VVP6_jptMFjp99u1NLlmgC26ITfA7cHRPIyjxW6vKv97GjAOxF3Ne691cTZLcOAh_b1dNXExLkmUqKoWY8Cg_ys5hvQ2rcC_CEpS7S4shKWEb_DeLUUgr4UjjIDQKCH_tczX3nNpfsqiooMsMYkac-MlwgCHVvxgkqKmfrkub6ifP02yuaWBLhvuYvJc6DX_NvHQzy9w8FFbB2d4gpthzt_sinSR4x84MzgKHdOsj9CHXqwHMdCMwu0A-FM-bg7yr1fHZLKORrSrHz9OZ1pJeU-82VYRSOEntW7o6X3b0zOi2nB6yIpDmVDzzk5g30sI32vivmrNEJg

 [root@k8s-master01 dashboard]#  cp /root/.kube/config /data/k8s/tmp/k8s-dashboard.kubeconfig

[root@k8s-master01 dashboard]#  sz /data/k8s/tmp/k8s-dashboard.kubeconfig

kubernetes dashboard 2.0 部署的更多相关文章

  1. Kubernetes V1.16.2部署Dashboard V2.0(beta5)

    Kubernetes V1.16.2部署Dashboard V2.0(beta5) 在Master上部署Dashboard 集群安装部署请看安装Kubernetes V1.16.2 kubectl g ...

  2. kubernetes学习之二进制部署1.16

    服务器规划和系统初始化 一.服务器规划 10.255.20.205 Master01 kube-apiserver.kube-controller-manager.kube-scheduler.ETC ...

  3. centos7下kubernetes(5。部署kubernetes dashboard)

    基于WEB的dashboard,用户可以用kubernetes dashboard部署容器话的应用,监控应用的状态,执行故障排查任务以及管理kubernetes各种资源. 在kubernetes da ...

  4. [原]部署kubernetes dashboard(二)

    #######################    以下为声明  ##################### 此文档是之前做笔记在两台机上进行的实践,kubernetes处于不断开发阶段 不能保证每 ...

  5. 微服务探索之路02篇liunx ubuntu服务器部署k8s(kubernetes)-kubernetes/dashboard

    本章介绍所需环境:ubuntu18.04,建立在上一篇微服务探索之路01篇已经安装了docker的基础上. 1 替换k8s镜像源为国内镜像 进入目录 cd /etc/apt/sources.list. ...

  6. kubernetes 1.14安装部署dashboard

    简单介绍: Dashboard是一个基于web的Kubernetes用户界面.您可以使用Dashboard将容器化应用程序部署到Kubernetes集群,对容器化应用程序进行故障诊断,并管理集群资源. ...

  7. 二进制方式部署Kubernetes 1.6.0集群(开启TLS)

    本节内容: Kubernetes简介 环境信息 创建TLS加密通信的证书和密钥 下载和配置 kubectl(kubecontrol) 命令行工具 创建 kubeconfig 文件 创建高可用 etcd ...

  8. Ubuntu下搭建Kubernetes集群(4)--部署K8S Dashboard

    K8S Dashboard是官方的一个基于WEB的用户界面,专门用来管理K8S集群,并可展示集群的状态.K8S集群安装好后默认没有包含Dashboard,我们需要额外创建它. 首先我们执行命令: wg ...

  9. Kubernetes 1.5.1 部署

    > kubernetes 1.5.0 , 配置文档 # 1 初始化环境 ## 1.1 环境: | 节 点  |      I P      ||--------|-------------||n ...

随机推荐

  1. npm & package.json & directories & files

    npm & package.json & directories & files package.json https://docs.npmjs.com/files/packa ...

  2. websockets & auto close & bug & solution

    websockets & auto close & bug & solution WS 连接总是被关闭 ??? refs https://wdd.js.org/websocke ...

  3. js 脏检测

    参考 基础知识 <!DOCTYPE html> <html lang="en"> <head> <meta charset="U ...

  4. 彻底理解c++的隐式类型转换

    隐式类型转换可以说是我们的老朋友了,在代码里我们或多或少都会依赖c++的隐式类型转换. 然而不幸的是隐式类型转换也是c++的一大坑点,稍不注意很容易写出各种奇妙的bug. 因此我想借着本文来梳理一遍c ...

  5. spring5学习笔记

    Spring5 框架概述 1.Spring 是轻量级的开源的 JavaEE 框架 2.Spring 可以解决企业应用开发的复杂性 3.Spring 有两个核心部分:IOC 和 Aop (1)IOC:控 ...

  6. Vue为何采用异步渲染

    Vue为何采用异步渲染 Vue在更新DOM时是异步执行的,只要侦听到数据变化,Vue将开启一个队列,并缓冲在同一事件循环中发生的所有数据变更,如果同一个watcher被多次触发,只会被推入到队列中一次 ...

  7. oracle ora-01114 IO error writing block to file 207 (block # )

    oracle ORA-01114 IO error writing block to file 207 (block # ) Reference: https://stackoverflow.com/ ...

  8. 判断app是否安装

    Intent intent = new Intent(Settings.ACTION_APPLICATION_DETAILS_SETTINGS); intent.setData(Uri.fromPar ...

  9. AndroidStudio 中 gradle.properties 的中文值获取乱码问题

    0x01 现象 在gradle.properties中定义了全局变量,然后从 build.gradle 中设置 app_name: resValue "string", " ...

  10. FFT HDL Optimized模块HDL综合代码生成及与Xilinx xfft IP MEX接口精度详细比较

    前面一篇随笔叙述了关于MATLAB中FFT_HDL_Optimzed模块定点(IEEE754单精度float格式)二进制与十进制转换实现,有需要的往前翻一下即可.这一篇随笔将叙述 FFT HDL Op ...