参考:
K8s-k8s集群部署-8-部署Dashboard_8. 部署 dashboard-CSDN博客k8s-kubernetes常用命令,服务部署,可视化控制台安装及token的生成_kubernetes-dashboard 生成token-CSDN博客
-
首先下载yaml文件
$ wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml// 查看yaml里面使用的kubernetes-dashboard 和 metrics-scraper的版本kind: Deployment
apiVersion: apps/v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard
spec:replicas: 1revisionHistoryLimit: 10selector:matchLabels:k8s-app: kubernetes-dashboardtemplate:metadata:labels:k8s-app: kubernetes-dashboardspec:securityContext:seccompProfile:type: RuntimeDefaultcontainers:- name: kubernetes-dashboardimage: kubernetesui/dashboard:v2.7.0kind: Deployment
apiVersion: apps/v1
metadata:labels:k8s-app: dashboard-metrics-scrapername: dashboard-metrics-scrapernamespace: kubernetes-dashboard
spec:replicas: 1revisionHistoryLimit: 10selector:matchLabels:k8s-app: dashboard-metrics-scrapertemplate:metadata:labels:k8s-app: dashboard-metrics-scraperspec:securityContext:seccompProfile:type: RuntimeDefaultcontainers:- name: dashboard-metrics-scraperimage: kubernetesui/metrics-scraper:v1.0.8
-
部署dashboard
- 如果网络没问题,就直接执行下面的命令,应该就直接部署好了,可以跳过下面的步骤,直接看创建用户并用token登录那部分
$ kubectl apply -f recommended.yaml- 如果出现image pull error,那么就需要离线部署
//首先下载离线包
$ sudo docker pull kubernetesui/dashboard:v2.7.0
$ sudo docker save kubernetesui/dashboard:v2.7.0 -o dashboard.tar
$ sudo docker pull kubernetesui/metrics-scraper:v1.0.8
$ sudo docker save kubernetesui/metrics-scraper:v1.0.8 -o metrics-scraper.tar//然后加载到k8s命名空间中
$ sudo ctr -n k8s.io images import dashboard.tar
$ sudo ctr -n k8s.io images import metrics-scraper.tar//修改yaml,在kubernetes-dashboard和metrics-scraper中加下面内容
containers:- name: kubernetes-dashboardimage: kubernetesui/dashboard:v2.7.0imagePullPolicy: IfNotPresentcontainers:- name: dashboard-metrics-scraperimage: kubernetesui/metrics-scraper:v1.0.8imagePullPolicy: IfNotPresent//最后部署dashboard
$ kubectl apply -f recommended.yaml-
查看pod,svc
$ kubectl get pod,svc -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
pod/dashboard-metrics-scraper-5657497c4c-fr2gh 1/1 Running 0 21m
pod/kubernetes-dashboard-5b749d9495-6db76 1/1 Running 0 21mNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/dashboard-metrics-scraper ClusterIP 10.109.181.241 <none> 8000/TCP 21m
service/kubernetes-dashboard NodePort 10.106.145.226 <none> 443:32331/TCP 21m
kubernetes-dashboard暴露的访问端口号是32331,然后可以通过网页访问UI,在登录时需要输入token
-
创建用户及角色
需要新建一个用户用于登录dashboard,创建下面的dashboard-adminuser.yaml,内容如下:
apiVersion: v1
kind: ServiceAccount
metadata:name: admin-usernamespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:name: admin-user
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: cluster-admin
subjects:- kind: ServiceAccountname: admin-usernamespace: kubernetes-dashboard// 执行下面命令创建用户
$ kubectl apply -f dashboard-adminuser.yaml
创建了一个名为admin-user的用户
-
生成访问token
用下面的命令生成token
$ kubectl -n kubernetes-dashboard create token admin-user
eyJhbGciOdasdasdaiJSUzI1NiIsImtpZCI6IlloQUZ3MzhTTVJsZWw4QjZtU0w4V2d1ZkpheU15SGd1OTFKZHlVazVQN1EifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNzIzNjMxNjc0LCJpYXQiOjE3MjM2MjgwNzQsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbi11c2VyIiwidWlkIjoiZTZiZmFmOWEtMDM3OC00MWQ0LWIwNGUtZjYyMDc1OWQ5MTdjIn19LCJuYmYiOjE3MjM2MjgwNzQsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDphZG1pbi11c2VyIn0.45HWFcn9uFEn1M1C6yMMmf8UniUtv882N6QHjrpH3Jcas0DnHFZIZzriRk5WoY7FbTmurv6avXJx3hlf9Pm-enhfqziiSZuCxhdH0orz7njnC6z8A5AJkHZualRwvyQZkJFryQthFfetHn_5JMiadRr8XxYBdU3uspzGNmcVlm03NccAuCYd0UN-zRJqU69_OPiWVBpgJ8jQPdIKkUVhI5U5aNb78n4zQc9OMp70WWBYg5S_Z2VL66j44jadZfDfWqLVHg8ornH3RcZ-OwXZggfzho_n2HE3OLbk1Guxq_A-OZAhn5PRkPpwkLbIPDEOtx1fhxsIuTobWOPXXDWD6g//也可以用--duration 指定token有效期
$ kubectl -n kubernetes-dashboard create token admin-user --duration=720h然后在网页上就可以用这个token登录dashboard了
部署完成。
