Kubernetes Dashboard的安装与配置

一 背景

通过kubeadm快速完成了kubernetes的安装,即可迅速地体验到kubernetes的强大功能。美中不足的是,只能通过命令来查看或操作,没有一个直观且简洁的Web UI来感受一下这种成功的喜悦。此外,国内的网络环境,也在某种程度上增加了一些门槛。面对如此种种,依然有办法体验kunernetes dashboard。

二 操作步骤

因为不清楚Pod会被调度到哪一个Node上,所以在每一个节点上执行以下脚本:

#!/bin/bash
docker pull registry.cn-qingdao.aliyuncs.com/wangxiaoke/kubernetes-dashboard-amd64:v1.10.0
# docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kubernetes-dashboard-amd64:v1.10.0
docker tag registry.cn-qingdao.aliyuncs.com/wangxiaoke/kubernetes-dashboard-amd64:v1.10.0 k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.0
docker image rm registry.cn-qingdao.aliyuncs.com/wangxiaoke/kubernetes-dashboard-amd64:v1.10.0

在Master节点上执行:

 kubectl apply -f https://gitee.com/bruno_gao/kubernetes/raw/master/dashboard/kubernetes-dashboard.yaml

查看pod是否创建成功:

[root@k8s-m ~]#  kubectl get pods --namespace=kube-system
NAME                                    READY   STATUS    RESTARTS   AGE
coredns-576cbf47c7-xg4xm                1/1     Running   1          72m
coredns-576cbf47c7-xq9mc                1/1     Running   1          80m
etcd-k8s-m                              1/1     Running   2          79m
kube-apiserver-k8s-m                    1/1     Running   2          79m
kube-controller-manager-k8s-m           1/1     Running   21         80m
kube-flannel-ds-amd64-9fzm7             1/1     Running   1          72m
kube-flannel-ds-amd64-nddqf             1/1     Running   2          72m
kube-proxy-6js29                        1/1     Running   2          80m
kube-proxy-lp2v2                        1/1     Running   2          72m
kube-scheduler-k8s-m                    1/1     Running   19         80m
kubernetes-dashboard-77fd78f978-ngkvb   1/1     Running   1          25m

查看暴露端口:

[root@k8s-m ~]#  kubectl get service --namespace=kube-system
NAME                   TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)         AGE
kube-dns               ClusterIP   10.96.0.10       <none>        53/UDP,53/TCP   87m
kubernetes-dashboard   NodePort    10.111.77.179    <none>        443:31620/TCP            6m23s

创建kubernetes-dashboard用户:

kubectl apply -f https://gitee.com/bruno_gao/kubernetes/raw/master/dashboard/dashboard-adminuser.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system

获取登录token:

kubectl describe secret $(kubectl get secret -n kube-system |grep admin|awk '{print $1}') -n kube-system|grep '^token'|awk '{print $2}' 
eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi10b2tlbi02dGt4bSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJhZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjQ4MjcxNTE5LTFkODgtMTFlOS1iMGZkLTAwMTU1ZDc0ZWUyNyIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTphZG1pbiJ9.TpBGEd-7VXrYjN_5fi0sOXMqLIrhDkgqIVVTagO4wvKOQloCJkpfvnVgBJ0Oi52-UQNBKBVH8v1wRBltPHKrjMqVU9re6-y3nd4UbwWtIZzmfMJ_oRwo2ne_UdU_Ya2I5EOH3qh1cUIhdG3NpZYXwFICsNZURJWZM_U7OqJrZPuMXw4sfD6iGRWeMtOiAI8YN1LAfpj1RHaeOa66DK_LEsSLBsb2W6m7wrugk7SBCJSkMyec7ZVGLHo5Ha-X5wNO5qAAKzud0lz2KVcvwJW8lkcc9_lPxPIoDIpdCFEoG5xZHr0B2PkatCS8f31VQzP6LAmvkmHxbENb6V3Ov90RGw

将以上内容复制备用。

三 查看结果

3.1 打开浏览器输入访问地址:https://NodeIP:PORT。此处输入Node-2的访问地址:https://172.31.3.12:31269,其他节点亦如此,请针对自己环境做相应改动。如下图:

img

3.2 认证方式选择口令,输入刚才获取到的token,即可登陆成功。

img

3.3 登录成功后,如下图:

image-20200225233114309

这些信息有用吗?
Do you have any suggestions for improvement?

Thanks for your feedback!