k8s集群部署使用(kubernetesK8S集群部署)
k8s集群部署使用(kubernetesK8S集群部署)输入刚才生成token登录如下图所示
1.下载dashboard的yaml文件
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.1/aio/deploy/recommended.yaml
mv recommended.yaml kubernetes-dashboard.yaml
#下载下来需要修改nodePort为30011或者其他
sed -i '/targetPort:/a\ \ \ \ \ \ nodePort: 30011\n\ \ type: NodePort' kubernetes-dashboard.yaml
2.部署dashboard
[root@master1 ~]# kubectl apply -f kubernetes-dashboard.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
deployment.apps/dashboard-metrics-scraper created
#查看部署信息
[root@master1 ~]# kubectl get pods svc -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
pod/dashboard-metrics-scraper-5b8896d7fc-qvpzf 1/1 Running 0 8d
pod/kubernetes-dashboard-7b5d774449-snk78 1/1 Running 0 8d
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/dashboard-metrics-scraper NodePort 10.96.152.149 <none> 8000:30001/TCP 8d
service/kubernetes-dashboard NodePort 10.104.106.104 <none> 443:30011/TCP 8d
3.创建service account并绑定默认cluster-admin管理员集群角色
[root@master1 ~]# kubectl create serviceaccount dashboard-admin -n kube-system
serviceaccount/dashboard-admin created
[root@master1 ~]# kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
clusterrolebinding.rbac.authorization.k8s.io/dashboard-admin created
[root@master1 ~]# kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/dashboard-admin/{print $1}')
Name: dashboard-admin-token-kzxjr
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: dashboard-admin
kubernetes.io/service-account.uid: 514a3d71-73e3-46ca-8a9d-d3e9d3e6006d
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1066 bytes
namespace: 11 bytes
token: fyJhbGciOiJSUzI1NiIsImtpZCI6IjRkYWc0YWpuOVpuWDdMSFRGc2Y5bzNLeUl4dC0wUkQwUVZBV3o5OHBfWUUifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4ta3p4anIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiNTE0YTNkNzEtNzNlMy00NmNhLThhOWQtZDNlOWQzZTYwMDZkIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.aSMboRFRd_BloslOWcyIoA5cqmnE-WLy9ZRTv6UE-rqLI9dWn3Y5xiEqoChDasjyb4IVcJqfF109EZ-6UB4lvfuiYoRgm1HF9XntSstpLEiMksWY7r_gfHnnaFRiz-iS7zGlOzpPjOa7ioVK7Yy0ng-cS0ZesOgDDyf1DpuzeXjN4pXEcqAvuvLWrqdHtaEqAL4HFuQ1wyyTX3mCFSWnIbiId1_AKfjtYfuVdyh_whYMQctfZmtshfx39CT4KVbuVmyg6K0UFBOGEFBs7x-hySkh0oKWSURs9q4DYeWmMHZXSPD9UqsY2ajLwYir3dGy7XAf6ZHODdl_kNMVjL_xHc
4.访问地址:https://NodeIP:30011 此环境为https://172.16.102.12:30011
输入刚才生成token登录如下图所示