kubernetes 安装 kubernetes-dashboard 7.x

介绍

Kubernetes仪表板是Kubernetes集群的通用、基于Web的UI。它允许用户管理集群中运行的应用程序并对其进行故障排除,以及管理集群本身。

从7.x版开始,不再支持基于Manifest的安装。现在只支持基于Helm的安装。由于多容器设置和对Kong网关API代理的严重依赖 要轻松支持基于清单安装是不可行的。

安装

1
2
3
4
5
6
7
8
9
10
# 添加源信息
helm repo add kubernetes-dashboard https://kubernetes.github.io/dashboard/

# 默认参数安装
helm upgrade --install kubernetes-dashboard kubernetes-dashboard/kubernetes-dashboard --create-namespace --namespace kube-system

# 我的集群使用默认参数安装 kubernetes-dashboard-kong 出现异常 8444 端口占用
# 使用下面的命令进行安装,在安装时关闭kong.tls功能
helm upgrade --install kubernetes-dashboard kubernetes-dashboard/kubernetes-dashboard --namespace kube-system --set kong.admin.tls.enabled=false

查看是否完成启动

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
[root@k8s-master01 ~]# 
[root@k8s-master01 ~]# kubectl get pod -A
NAMESPACE       NAME                                                  READY   STATUS      RESTARTS      AGE
default         hello-server-569d7866bd-5lspc                         1/1     Running     1 (29m ago)   23d
default         hello-server-569d7866bd-ll26x                         1/1     Running     1 (29m ago)   23d
default         nginx-demo-554db85f85-tlcgw                           1/1     Running     1 (29m ago)   23d
default         nginx-demo-554db85f85-zz2db                           1/1     Running     1 (29m ago)   23d
ingress-nginx   ingress-nginx-admission-create-hjb5q                  0/1     Completed   0             23d
ingress-nginx   ingress-nginx-admission-patch-ddx2q                   0/1     Completed   0             23d
ingress-nginx   ingress-nginx-controller-85c7865b7d-jzq7k             1/1     Running     1 (29m ago)   23d
kube-system     calico-kube-controllers-57758d645c-5hnlg              1/1     Running     1 (29m ago)   23d
kube-system     calico-node-4ljzp                                     1/1     Running     3 (29m ago)   23d
kube-system     calico-node-84nb7                                     1/1     Running     3 (29m ago)   23d
kube-system     calico-node-hxjgg                                     1/1     Running     3 (29m ago)   23d
kube-system     calico-node-mx9xj                                     1/1     Running     3 (29m ago)   23d
kube-system     calico-node-xxgtn                                     1/1     Running     3 (29m ago)   23d
kube-system     calico-typha-7f974b9776-wp8q9                         1/1     Running     1 (29m ago)   23d
kube-system     coredns-84748f969f-75czs                              1/1     Running     1 (29m ago)   23d
kube-system     default-http-backend-7b44966d95-tslfl                 1/1     Running     1 (29m ago)   23d
kube-system     kubernetes-dashboard-api-fd4b86496-4ckwm              1/1     Running     0             7m56s
kube-system     kubernetes-dashboard-api-fd4b86496-lklpz              1/1     Running     0             60s
kube-system     kubernetes-dashboard-api-fd4b86496-p9mj2              1/1     Running     0             8m28s
kube-system     kubernetes-dashboard-auth-6dc79b858d-c4ks5            1/1     Running     0             8m28s
kube-system     kubernetes-dashboard-kong-6d54b7dd5f-lhf88            1/1     Running     0             8m28s
kube-system     kubernetes-dashboard-metrics-scraper-956d55d9-x6fl9   1/1     Running     0             22m
kube-system     kubernetes-dashboard-web-6bb84db944-vjrdl             1/1     Running     0             22m
kube-system     metrics-server-57d65996cf-5x9df                       1/1     Running     2 (20m ago)   23d
[root@k8s-master01 ~]#

修改NodePort端口

1
2
3
[root@k8s-master01 ~]# kubectl edit svc  -n kube-system kubernetes-dashboard-kong-proxy 
service/kubernetes-dashboard-kong-proxy edited
[root@k8s-master01 ~]#

查看svc端口

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
[root@k8s-master01 ~]# kubectl get svc -A
NAMESPACE       NAME                                   TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                         AGE
default         hello-server                           ClusterIP   10.98.9.152      <none>        8000/TCP                        23d
default         kubernetes                             ClusterIP   10.96.0.1        <none>        443/TCP                         23d
default         nginx-demo                             ClusterIP   10.105.145.188   <none>        8000/TCP                        23d
ingress-nginx   ingress-nginx-controller               NodePort    10.103.206.178   <none>        80:30247/TCP,443:30992/TCP      23d
ingress-nginx   ingress-nginx-controller-admission     ClusterIP   10.96.95.250     <none>        443/TCP                         23d
kube-system     calico-typha                           ClusterIP   10.110.60.211    <none>        5473/TCP                        23d
kube-system     coredns                                ClusterIP   10.96.0.10       <none>        53/UDP,53/TCP                   23d
kube-system     default-http-backend                   ClusterIP   10.106.57.176    <none>        80/TCP                          23d
kube-system     kubernetes-dashboard-api               ClusterIP   10.110.23.150    <none>        8000/TCP                        22m
kube-system     kubernetes-dashboard-auth              ClusterIP   10.102.247.207   <none>        8000/TCP                        22m
kube-system     kubernetes-dashboard-kong-manager      NodePort    10.110.160.154   <none>        8002:31983/TCP,8445:32634/TCP   22m
kube-system     kubernetes-dashboard-kong-proxy        NodePort    10.111.53.143    <none>        443:30556/TCP                   22m
kube-system     kubernetes-dashboard-metrics-scraper   ClusterIP   10.106.47.83     <none>        8000/TCP                        22m
kube-system     kubernetes-dashboard-web               ClusterIP   10.110.135.67    <none>        8000:32503/TCP                  22m
kube-system     metrics-server                         ClusterIP   10.106.68.27     <none>        443/TCP                         23d
[root@k8s-master01 ~]#

创建临时token

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
cat > dashboard-user.yaml << EOF
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system
EOF

kubectl  apply -f dashboard-user.yaml

# 创建token
kubectl -n kube-system create token admin-user

eyJhbGciOiJSUzI1NiIsImtpZCI6Im5vZExpNi1tTERLb09ONVM2cEE0SWNCUnA4eTZieE81RnVGb1IwSk5QVFEifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNzA4MjQ4NjM4LCJpYXQiOjE3MDgyNDUwMzgsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbi11c2VyIiwidWlkIjoiMTQ1YTdmZTktMTQ0YS00NDZmLWI1M2QtNDk4OGM3YjIyZjgyIn19LCJuYmYiOjE3MDgyNDUwMzgsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTphZG1pbi11c2VyIn0.H2Oxxrb5BVLH1iDOA-Uo1I7aiAUZX1wK-xBiV9NJXQ32EDyQvss95yQbCNHtPMhQZ8jFE3NRhyjkgZMZmX7kR9J-89QXLqKhE8Qnihd1mq5HOEVQ8tjZ6ix8ymxs5QkfSvd_OUzILKBtfYAMb4Fer67Dyf14oBHWVKU9LQkCdtFaLxerK--N7gLWeGXzavqzOlEPZR5UZWUPwP5dJmAQtvSToPVMaKiA49LjaGJid0F5Pxnutr80oZRsLfKr0MpoEG6jrow1QeJ2PgVksDTcqMTpye-M6jmIbuxabsRSskTT_zEDT0J86BiLYIHnh79D-P7IUUq6GOp8DgG-wXhICQ

创建长期token

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
cat > dashboard-user-token.yaml << EOF
apiVersion: v1
kind: Secret
metadata:
  name: admin-user
  namespace: kube-system
  annotations:
    kubernetes.io/service-account.name: "admin-user"   
type: kubernetes.io/service-account-token  
EOF

kubectl  apply -f dashboard-user-token.yaml

# 查看密码
kubectl get secret admin-user -n kube-system -o jsonpath={".data.token"} | base64 -d

访问

http://192.168.1.31:30556/

关于

https://www.oiox.cn/

https://www.oiox.cn/index.php/start-page.html

CSDN、GitHub、51CTO、知乎、开源中国、思否、博客园、掘金、简书、华为云、阿里云、腾讯云、哔哩哔哩、今日头条、新浪微博、个人博客

全网可搜《小陈运维》

文章主要发布于微信公众号