首页 > Linux系统管理 > 安装dashboardv1.10.1
2019
03-28

安装dashboardv1.10.1

首先要准备好镜像

#!/bin/sh
 
#拉取镜像
docker pull registry.cn-qingdao.aliyuncs.com/wangxiaoke/kubernetes-dashboard-amd64:v1.10.0
 
#重新打标签
docker tag registry.cn-qingdao.aliyuncs.com/wangxiaoke/kubernetes-dashboard-amd64:v1.10.0 k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.0
 
#删除无用镜像
docker image rm registry.cn-qingdao.aliyuncs.com/wangxiaoke/kubernetes-dashboard-amd64:v1.10.0

开始安装
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended/kubernetes-dashboard.yaml

注意kubernetes-dashboard.yaml 里面镜像版本要和你下载的一致
查看dashboard的POD是否正常启动,如果正常说明安装成功

# kubectl get pod --all-namespaces -o wide
NAMESPACE             NAME                                    READY   STATUS             RESTARTS   AGE    IP              NODE     NOMINATED NODE   READINESS GATES
default               app-tcloud-account                      1/1     Running            0          57m    
kube-system           coredns-fb8b8dccf-6m7x9                 1/1     Running            4          18h    10.244.0.10     c01      <none>           <none>
kube-system           coredns-fb8b8dccf-f7rqp                 1/1     Running            4          18h    10.244.0.9      c01      <none>           <none>
kube-system           etcd-c01                                1/1     Running            3          18h    192.168.2.7     c01      <none>           <none>
kube-system           kube-apiserver-c01                      1/1     Running            3          18h    192.168.2.7     c01      <none>           <none>
kube-system           kube-controller-manager-c01             1/1     Running            6          18h    192.168.2.7     c01      <none>           <none>
kube-system           kube-flannel-ds-amd64-klwms             1/1     Running            0          16h    192.168.2.135   2        <none>           <none>
kube-system           kube-flannel-ds-amd64-p5xvk             1/1     Running            0          18h    192.168.2.144   node-2   <none>           <none>
kube-system           kube-flannel-ds-amd64-pdsp8             1/1     Running            2          16h    192.168.2.124   node-1   <none>           <none>
kube-system           kube-flannel-ds-amd64-snpl5             1/1     Running            4          18h    192.168.2.7     c01      <none>           <none>
kube-system           kube-proxy-2fx4z                        1/1     Running            0          119m   192.168.2.7     c01      <none>           <none>
kube-system           kube-proxy-2jnpl                        1/1     Running            0          119m   192.168.2.124   node-1   <none>           <none>
kube-system           kube-proxy-49lgs                        1/1     Running            0          119m   192.168.2.144   node-2   <none>           <none>
kube-system           kube-proxy-v5tqt                        1/1     Running            0          119m   192.168.2.135   2        <none>           <none>
kube-system           kube-scheduler-c01                      1/1     Running            5          18h    192.168.2.7     c01      <none>           <none>
kube-system           kubernetes-dashboard-5f57845f9d-rw5dz   1/1     Running            0          4s     10.244.3.42     node-1   <none>           <none>

配置外网访问(不配置的话默认只能集群内访问) 修改service配置,将type: ClusterIP改成NodePort

# kubectl edit service  kubernetes-dashboard --namespace=kube-system
 
spec:
  clusterIP: 10.106.93.87
  externalTrafficPolicy: Cluster
  ports:
  - nodePort: 31995
    port: 443
    protocol: TCP
    targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard
  sessionAffinity: None
  type: NodePort
status:
  loadBalancer: {}

查看外网端口这里是31995

# kubectl get service --namespace=kube-system
NAME                   TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)                  AGE
kube-dns               ClusterIP   10.96.0.10     <none>        53/UDP,53/TCP,9153/TCP   18h
kubernetes-dashboard   NodePort    10.106.93.87   <none>        443:31995/TCP            3m22s

访问dashboard
创建dashboard用户
1.创建admin-token.yaml文件,文件内容如下:

kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: admin
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
  name: admin
  namespace: kube-system
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
    addonmanager.kubernetes.io/mode: Reconcile

创建用户

[root@node1 ~]# kubectl create -f admin-token.yaml 
获取登陆token
# kubectl describe secret/$(kubectl get secret -nkube-system |grep admin|awk '{print $1}') -nkube-system
Name:         admin-token-28s5x
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: admin
              kubernetes.io/service-account.uid: 5bab2e7d-5100-11e9-b46f-fa163eb08f98
 
Type:  kubernetes.io/service-account-token
 
Data
====
ca.crt:     1025 bytes
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi10b2tlbi0yOHM1eCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJhZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjViYWIyZTdkLTUxMDAtMTFlOS1iNDZmLWZhMTYzZWIwOGY5OCIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTphZG1pbiJ9.He8AAfh70ed4Vxlyj8ZyQH-HN-R2wDa_y_0KjZAB9ZlupAHknJNbxJ5EuvisssRNJR974ZoOI6tW9RrP-BQuL82RY39Wb7kiw-ncZK1yTIF5aWOWfL5ra89dEq8tjUzrEU3_v_kyPtk2sC0TMlpWYO5POgdLbstyRlBltPYTDbQdEsmAzblV-cVIztLWrkxb5fwdLEcrTs0BzYOaOhBh6OkWkvc8yZIDEdiaCrpY_wZFhD7Qae-Smxruv7o92Zhtrt3-10uBtM0wqm2oT3jMtlitmY1Fw1zWIicGwgSWrWQ7EVGyGjLcFmCPubYzOPH4cRF4gTG

通过浏览器登陆dashboard(我用的火狐浏览器)
注意,因为证书的问题,浏览器可能会阻止连接,必须把访问地址加入到访问例外里面
https://121.46.193.222:31995
认证方式选择口令,输入刚才获取到的token,即可登陆成功。

最后编辑:
作者:saunix
大型互联网公司linux系统运维攻城狮,专门担当消防员