Kubernetes 1.21.2部署dashboard 2.3.1

Kubernetes 1.21.2部署dashboard 2.3.1

Kubernetes 版本: 1.21.2
Dashboard 版本 : v2.3.1
检查dashboard版本与kubernetes版本兼容性:
https://github.com/kubernetes/dashboard/releases

部署Dashboard

需要提取的镜像:
Images
Kubernetes Dashboard
kubernetesui/dashboard:v2.3.1

Metrics Scraper
kubernetesui/metrics-scraper:v1.0.6

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.3.1/aio/deploy/recommended.yaml

查看dashboard运行状态
[root@k8smaster ~]# kubectl get pod -n kubernetes-dashboard
NAME                                         READY   STATUS    RESTARTS   AGE
dashboard-metrics-scraper-856586f554-cltht   1/1     Running   0          12m
kubernetes-dashboard-67484c44f6-8fb64        1/1     Running   0          12m


[root@k8smaster ~]# kubectl get svc -n kubernetes-dashboard
NAME                        TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.105.98.224   <none>        8000/TCP        12m
kubernetes-dashboard        ClusterIP    10.101.235.74   <none>        443/TCP   12m


修改Dashboard
通过NodePort方式暴露端口,这里指定30001,可自定义:

kubectl patch svc kubernetes-dashboard   -n kubernetes-dashboard  -p '{"spec":{"type":"NodePort","ports":[{"port":443,"targetPort":8443,"nodePort":30001}]}}'

[root@k8smaster Dashboard]# kubectl get svc -n kubernetes-dashboard
NAME                        TYPE        CLUSTER-IP      EXTERNAL-IP  PORT(S)        AGE
dashboard-metrics-scraper  ClusterIP  10.105.98.224  <none>        8000/TCP        21m
kubernetes-dashboard        NodePort    10.101.235.74  <none>        443:30001/TCP  21m


登录Dashboard
浏览器访问dashboard:
https://<NODE_IP>:30001


选择token方式

创建dashboard-adminuser.yaml:

cat > dashboard-adminuser.yaml << EOF
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard
EOF


创建登录用户
kubectl apply -f dashboard-adminuser.yaml

说明:上面创建了一个叫admin-user的服务账号,并放在kubernetes-dashboard 命名空间下,并将cluster-admin角色绑定到admin-user账户,这样admin-user账户就有了管理员的权限。默认情况下,kubeadm创建集群时已经创建了cluster-admin角色,我们直接绑定即可。

查看admin-user账户的token
[root@k8smaster Dashboard]# kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')
Name:         admin-user-token-94cwc
Namespace:    kubernetes-dashboard
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: admin-user
              kubernetes.io/service-account.uid: 40066934-3d51-4dc7-a683-69dcef1a30ed
Type:  kubernetes.io/service-account-token
Data
====
ca.crt:     1066 bytes
namespace:  20 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IkVCXzVHWmY2bVd2TW9JVkdYaDhBVGtEaWZXSzZRSllJSHJWZGZ4UmJJVzQifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLTk0Y3djIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiI0MDA2NjkzNC0zZDUxLTRkYzctYTY4My02OWRjZWYxYTMwZWQiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.EsMU-6EVXLieky6MRrTe4gTyHpFxEXinc5fHH6R6U6GQod48NH7rMQghvwGcecP73JGQIm2ASybU_MoVizRFTd6ijCwIwsNEMuRkmBV_q7IokIkpPJKlqSFI_xz3HZBDnDki6x5Rhz13EWDUWtGv8AuORzjQ3NGLDYFPZ3UE_8DivGcyLB9dvmP_UgUYGKRL-nke-v_bMLTS3L2Fv60uAXme4WHV96UZxVeBGiEV27-gNLXXoeqh_R7Rv9HmPaCC7kFoJ8WaAt-fdDUQvuykAAeUjIekuOk62L68_59gePmIu6KYdB7quidONquQTT6_VANEw

把获取到的Token复制到登录界面的Token输入框中,成功登陆dashboard:
 
 
分割线
打赏
YWSOS.COM 平台代运维解决方案
 评论
 发表评论
姓   名:

Powered by AKCMS