侧边栏壁纸
  • 累计撰写 244 篇文章
  • 累计创建 16 个标签
  • 累计收到 0 条评论
隐藏侧边栏

Kubernetes 部署 Dashboard

kaixindeken
2021-02-23 / 0 评论 / 0 点赞 / 136 阅读 / 3,151 字

一、下载并修改 Dashboard 安装脚本

  • github 下载最新脚本的 recommended.yaml

    wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.4/aio/deploy/recommended.yaml
    
  • 修改 recommended.yaml 的文件内容

    #apiVersion: v1
    #kind: Namespace
    #metadata:
    #	name: kubernetes-dashboard
    
    ---
    #增加直接访问端口
    kind: Service
    apiVersion: v1
    metadata:
      labels:
        k8s-app: kubernetes-dashboard
      name: kubernetes-dashboard
      namespace: kubernetes-dashboard
    spec:
      type: NodePort #增加
      ports:
        - port: 443
          targetPort: 8443
          nodePort: 30001 #增加
      selector:
        k8s-app: kubernetes-dashboard
    
    ---
    #因为自动生成的证书很多浏览器无法使用,所以我们自己创建,注释掉kubernetes-dashboard-certs对象声明
    #apiVersion: v1
    #kind: Secret
    #metadata:
    #  labels:
    #    k8s-app: kubernetes-dashboard
    #  name: kubernetes-dashboard-certs
    #  namespace: kubernetes-dashboard
    #type: Opaque
    
    #---
    

二、自签发证书

mkdir dashboard-certs

cd dashboard-certs/

#创建命名空间
kubectl create namespace kubernetes-dashboard

# 创建key文件
openssl genrsa -out dashboard.key 2048

#证书请求
openssl req -days 36000 -new -out dashboard.csr -key dashboard.key -subj '/CN=dashboard-cert'

#自签证书
openssl x509 -req -in dashboard.csr -signkey dashboard.key -out dashboard.crt

#创建kubernetes-dashboard-certs对象
kubectl create secret generic kubernetes-dashboard-certs --from-file=dashboard.key --from-file=dashboard.crt -n kubernetes-dashboard

三、安装 Dashboard

#安装
kubectl create -f  ~/recommended.yaml

#检查结果
kubectl get pods -A  -o wide

kubectl get service -n kubernetes-dashboard  -o wide

四、创建管理员

  • 创建并编辑 dashboard-admin.yaml

    apiVersion: v1
    kind: ServiceAccount
    metadata:
      labels:
        k8s-app: kubernetes-dashboard
      name: dashboard-admin
      namespace: kubernetes-dashboard
    
  • 保存退出后执行

    kubectl create -f dashboard-admin.yaml
    
  • 为用户分配权限,创建 dashboard-admin-bind-cluster-role.yaml

    apiVersion: rbac.authorization.k8s.io/v1
    kind: ClusterRoleBinding
    metadata:
      name: dashboard-admin-bind-cluster-role
      labels:
        k8s-app: kubernetes-dashboard
    roleRef:
      apiGroup: rbac.authorization.k8s.io
      kind: ClusterRole
      name: cluster-admin
    subjects:
    - kind: ServiceAccount
      name: dashboard-admin
      namespace: kubernetes-dashboard
    
  • 保存退出后执行

    kubectl create -f dashboard-admin-bind-cluster-role.yaml
    

五、获取用户 token 并访问 Dashboard

  • 查看并复制用户 token

    kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep dashboard-admin | awk '{print $1}')
    
  • 访问:https://<自己搭建的 master 的 IP>:30001,谷歌浏览器不行,但其他浏览器可以,比如Safari,选择Token登录,输入刚才复制的密钥就能登录了。

六、安装 metrics-server

  • 拉取镜像

    docker pull rancher/metrics-server:v0.3.6 
    docker tag rancher/metrics-server:v0.3.6  k8s.gcr.io/metrics-server-amd64:v0.3.6 
    
  • 下载安装脚本

    cd ~
    mkdir metrics-server
    cd metrics-server
    wget https://github.com/kubernetes-sigs/metrics-server/releases/download/v0.3.6/components.yaml
    
  • 修改安装脚本

    spec:
      serviceAccountName: metrics-server
      volumes:
      # mount in tmp so we can safely use from-scratch images and/or read-only containers
      - name: tmp-dir
        emptyDir: {}
      containers:
      - name: metrics-server
        image: k8s.gcr.io/metrics-server-amd64:v0.3.6
        imagePullPolicy: IfNotPresent
        args:
          - --cert-dir=/tmp
          - --secure-port=4443
        ports:
        - name: main-port
          containerPort: 4443
          protocol: TCP
        securityContext:
          readOnlyRootFilesystem: true
          runAsNonRoot: true
          runAsUser: 1000
        command: #增加
          - /metrics-server
          - --kubelet-insecure-tls
          - --kubelet-preferred-address-types=InternalDNS,InternalIP,ExternalDNS,ExternalIP,Hostname
        volumeMounts:
        - name: tmp-dir
          mountPath: /tmp
      nodeSelector:
        kubernetes.io/os: linux
        kubernetes.io/arch: "amd64"
    
  • 安装

    #安装
    kubectl create -f components.yaml
    
    #1-2分钟后查看结果
    kubectl top nodes
    
  • 再回到dashboard界面可以看到CPU和内存使用情况了

0

评论区