容器云----kubernetes-dashboard(kubernetes管理界面)

容器云----kubernetes-dashboard(kubernetes管理界面)

首先,需要搭建好完成的kubernetes集群,详见文章容器云----kubernetes+docker-ce。

 

一.创建dashboard的yaml文件

vim  kubernetes-dashboard.yaml

1# Copyright 2017 The Kubernetes Authors. 2# 3# Licensed under the Apache License, Version 2.0 (the "License"); 4# you may not use this file except in compliance with the License. 5# You may obtain a copy of the License at 6# 7# http://www.apache.org/licenses/LICENSE-2.0 8# 9# Unless required by applicable law or agreed to in writing, software 10# distributed under the License is distributed on an "AS IS" BASIS, 11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12# See the License for the specific language governing permissions and 13# limitations under the License. 14 15# Configuration to deploy release version of the Dashboard UI compatible with 16# Kubernetes 1.8. 17# 18# Example usage: kubectl create -f <this_file> 19 20# ------------------- Dashboard Secret ------------------- # 21 22apiVersion: v1 23kind: Secret 24metadata: 25 labels: 26 k8s-app: kubernetes-dashboard 27 name: kubernetes-dashboard-certs 28 namespace: kube-system 29type: Opaque 30 31--- 32# ------------------- Dashboard Service Account ------------------- # 33 34apiVersion: v1 35kind: ServiceAccount 36metadata: 37 labels: 38 k8s-app: kubernetes-dashboard 39 name: kubernetes-dashboard 40--- 41kind: Role 42apiVersion: rbac.authorization.k8s.io/v1 43metadata: 44 name: kubernetes-dashboard-minimal 45 namespace: kube-system 46rules: 47 # Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret. 48- apiGroups: [""] 49 resources: ["secrets"] 50 verbs: ["create"] 51 # Allow Dashboard to create 'kubernetes-dashboard-settings' config map. 52- apiGroups: [""] 53 resources: ["configmaps"] 54 verbs: ["create"] 55 # Allow Dashboard to get, update and delete Dashboard exclusive secrets. 56- apiGroups: [""] 57 resources: ["secrets"] 58 verbs: ["get", "update", "delete"] 59- apiGroups: [""] 60 resources: ["configmaps"] 61 resourceNames: ["kubernetes-dashboard-settings"] 62 verbs: ["get", "update"] 63 # Allow Dashboard to get metrics from heapster. 64- apiGroups: [""] 65 resources: ["services"] 66 resourceNames: ["heapster"] 67 verbs: ["proxy"] 68- apiGroups: [""] 69 resources: ["services/proxy"] 70 resourceNames: ["heapster", "http:heapster:", "https:heapster:"] 71 verbs: ["get"] 72 73--- 74apiVersion: rbac.authorization.k8s.io/v1 75kind: RoleBinding 76metadata: 77 name: kubernetes-dashboard-minimal 78 namespace: kube-system 79roleRef: 80 apiGroup: rbac.authorization.k8s.io 81 kind: Role 82 name: kubernetes-dashboard-minimal 83subjects: 84- kind: ServiceAccount 85 name: kubernetes-dashboard 86 namespace: kube-system 87 88--- 89# ------------------- Dashboard Deployment ------------------- # 90 91kind: Deployment 92apiVersion: apps/v1beta2 93metadata: 94 labels: 95 k8s-app: kubernetes-dashboard 96 revisionHistoryLimit: 10 97 selector: 98 matchLabels: 99 k8s-app: kubernetes-dashboard 100 template: 101 metadata: 102 labels: 103 k8s-app: kubernetes-dashboard 104 spec: 105 serviceAccountName: kubernetes-dashboard 106 containers: 107 - name: kubernetes-dashboard 108 image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.8.3 109 ports: 110 - containerPort: 9090 111 protocol: TCP 112 args: 113 #- --auto-generate-certificates 114 volumeMounts: 115 - name: kubernetes-dashboard-certs 116 mountPath: /certs 117 # Create on-disk volume to store exec logs 118 - mountPath: /tmp 119 name: tmp-volume 120 livenessProbe: 121 httpGet: 122 scheme: HTTP 123 path: / 124 port: 9090 125 initialDelaySeconds: 30 126 timeoutSeconds: 30 127 volumes: 128 - name: kubernetes-dashboard-certs 129 secret: 130 secretName: kubernetes-dashboard-certs 131 - name: tmp-volume 132 emptyDir: {} 133 serviceAccountName: kubernetes-dashboard-admin 134 tolerations: 135 - key: node-role.kubernetes.io/master 136 effect: NoSchedule 137 138--- 139# ------------------- Dashboard Service ------------------- # 140 141kind: Service 142apiVersion: v1 143metadata: 144 labels: 145 k8s-app: kubernetes-dashboard 146 name: kubernetes-dashboard 147 namespace: kube-system 148spec: 149 ports: 150 - port: 9090 151 targetPort: 9090 152 selector: 153 k8s-app: kubernetes-dashboard 154 155# ------------------------------------------------------------ 156kind: Service 157apiVersion: v1 158metadata: 159 labels: 160 k8s-app: kubernetes-dashboard 161 name: kubernetes-dashboard-external 162 namespace: kube-system 163spec: 164 ports: 165 - port: 9090 166 targetPort: 9090 167 nodePort: 30090 168 type: NodePort 169 selector: 170 k8s-app: kubernetes-dashboard 171

 

二.创建dashboard的认证yaml文件

vim  kubernetes-dashboard-admin.yaml

1apiVersion: v1 2kind: ServiceAccount 3metadata: 4 labels: 5 k8s-app: kubernetes-dashboard 6 name: kubernetes-dashboard-admin 7 namespace: kube-system 8 9--- 10apiVersion: rbac.authorization.k8s.io/v1beta1 11kind: ClusterRoleBinding 12metadata: 13 name: kubernetes-dashboard-admin 14 labels: 15 k8s-app: kubernetes-dashboard 16roleRef: 17 apiGroup: rbac.authorization.k8s.io 18 kind: ClusterRole 19 name: cluster-admin 20subjects: 21- kind: ServiceAccount 22 name: kubernetes-dashboard-admin 23 namespace: kube-system 24

 

三.启动dashboard

kubectl  apply  -f  ./kubernetes-dashboard.yaml  -f  ./kubernetes-dashboard-admin.yaml

 

四.查看dashboard的创建状态

kubectl get svc,pods -n kube-system | grep dashboard

1service/kubernetes-dashboard-external NodePort 10.96.28.16 <none> 9090:30090/TCP 3d 2pod/kubernetes-dashboard-5cc6564db9-m98fw 1/1 Running 4 3d 3

kubectl describe pod kubernetes-dashboard-5cc6564db9-m98fw -n kube-system

1Name: kubernetes-dashboard-5cc6564db9-m98fw 2Namespace: kube-system 3Node: yun02/172.22.6.242 4Start Time: Sat, 10 Nov 2018 12:01:53 +0800 5Labels: k8s-app=kubernetes-dashboard 6 pod-template-hash=1772120865 7Annotations: <none> 8Status: Running 9IP: 10.244.1.2 10Controlled By: ReplicaSet/kubernetes-dashboard-5cc6564db9 11Containers: 12 kubernetes-dashboard: 13 Container ID: docker://c108de98d182217caa6ab214845f3e132737735c083d1c0e99c7e09b4e92e418 14 Image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.8.3 15 Image ID: docker://sha256:0c60bcf89900cff208874ae172a972e75cedb5b1b7c99dbcf18ada134c599357 16 Port: 9090/TCP 17 Host Port: 0/TCP 18 State: Running 19 Started: Tue, 13 Nov 2018 14:07:15 +0800 20 Last State: Terminated 21 Reason: Error 22 Exit Code: 2 23 Started: Tue, 13 Nov 2018 14:06:45 +0800 24 Finished: Tue, 13 Nov 2018 14:06:56 +0800 25 Ready: True 26 Restart Count: 4 27 Liveness: http-get http://:9090/ delay=30s timeout=30s period=10s #success=1 #failure=3 28 Environment: <none> 29 Mounts: 30 /certs from kubernetes-dashboard-certs (rw) 31 /tmp from tmp-volume (rw) 32 /var/run/secrets/kubernetes.io/serviceaccount from kubernetes-dashboard-admin-token-nxgrv (ro) 33Conditions: 34 Type Status 35 Initialized True 36 Ready True 37 PodScheduled True 38Volumes: 39 kubernetes-dashboard-certs: 40 Type: Secret (a volume populated by a Secret) 41 SecretName: kubernetes-dashboard-certs 42 Optional: false 43 tmp-volume: 44 Type: EmptyDir (a temporary directory that shares a pod's lifetime) 45 Medium: 46 kubernetes-dashboard-admin-token-nxgrv: 47 Type: Secret (a volume populated by a Secret) 48 SecretName: kubernetes-dashboard-admin-token-nxgrv 49 Optional: false 50QoS Class: BestEffort 51Node-Selectors: <none> 52Tolerations: node-role.kubernetes.io/master:NoSchedule 53 node.kubernetes.io/not-ready:NoExecute for 300s 54 node.kubernetes.io/unreachable:NoExecute for 300s 55Events: <none> 56

可以看到,dashboard创建在172.22.6.242这台机器上。

接下来可以访问172.22.6.242:30090

 

转载于:https://www.cnblogs.com/QicongLiang/p/9953579.html

代码交流 2021