k8s-dashboard-v2.0.4搭建

dashboard-v2.0.4

一、下载安装

今天搭了一套k8s1.19后，发现之前的dashboard已经不兼容了，看了官网发现兼容的dashboard已经是V2.04了，于是今天部署一下
官网dashboard说明：
https://github.com/kubernetes/dashboard/releases

镜像直接用docker pull下载：

#images:
docker pull kubernetesui/dashboard:v2.0.4
docker pullkubernetesui/metrics-scraper:v1.0.4

#yaml文件：
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.4/aio/deploy/recommended.yaml

#更改一下名字：
mv recommended.yaml kubernetes-dashboard.yaml

二、配置从外部访问dashboard

1.png

[root@adm1 k8s1.14]# kubectl create -f kubernetes-dashboard.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created

# 查看service，可以看到暴露到外部的端口
[root@adm1 k8s1.14]# kubectl get svc -n kubernetes-dashboard
NAME                        TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.96.160.46   <none>        8000/TCP        28m
kubernetes-dashboard        NodePort    10.96.152.98   <none>        443:32567/TCP   28m

三、登录

登录使用https://IP:32567

3.png

token

创建用户
创建服务账号
利用vi admin-user.yaml命令创建admin-user.yaml文件，输入以下内容,来创建admin-user的服务账号，放在kube-system名称空间下：

apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kube-system

输入命令kubectl create -f admin-user.yaml来执行。

绑定角色
利用vi admin-user-role-binding.yaml命令创建admin-user-role-binding.yaml文件，输入以下内容,来进行绑定

apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system

输入命令kubectl create -f admin-user-role-binding.yaml来执行。

获取token
输入以下命令来创建用户token，利用token来登录dashboard：

kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

2.png

最后编辑于：2020.09.30 13:27:56