建立 K8S Dashboard v2.5.1

Devops > K8S K8S
發布時間 :
字數:681 觀看數 : 評論:
  1. 安裝 K8S Dashboard
  2. 建立帳號
  3. 查看 k8s-dashboard
  4. 移除 k8s-Dashboard

安裝 K8S Dashboard

可先查看 目前 K8S 版本,再決定 安裝 甚麼版本的 k8s Dashboard
k8s Dashboard Release

本篇文章的 K8S 版本 為 v1.23.6,故安裝 v2.5.1 做測試

下載 官方 v2.5.1 yaml檔

wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.1/aio/deploy/recommended.yaml

修改 yaml檔 原本 Service 預設是Cluster IP,因要讓外部訪問改成 NodePort

vi recommended.yaml

...略
kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  type: NodePort # 新增 NodePort
  ports:
    - port: 443
      targetPort: 8443
      nodePort: 30012 # 新增 NodePort
  selector:
    k8s-app: kubernetes-dashboard
...略

執行

kubectl apply -f recommended.yaml

# 輸出
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created

查看服務

kubectl get all -n kubernetes-dashboard

# 輸出
NAME                                             READY   STATUS    RESTARTS   AGE
pod/dashboard-metrics-scraper-799d786dbf-hcd9f   1/1     Running   0          22s
pod/kubernetes-dashboard-fb8648fd9-v42j5         1/1     Running   0          22s

NAME                                TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)         AGE
service/dashboard-metrics-scraper   ClusterIP   10.97.184.132    <none>        8000/TCP        22s
service/kubernetes-dashboard        NodePort    10.102.139.251   <none>        443:30012/TCP   23s

NAME                                        READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/dashboard-metrics-scraper   1/1     1            1           22s
deployment.apps/kubernetes-dashboard        1/1     1            1           22s

NAME                                                   DESIRED   CURRENT   READY   AGE
replicaset.apps/dashboard-metrics-scraper-799d786dbf   1         1         1       22s
replicaset.apps/kubernetes-dashboard-fb8648fd9         1         1         1       22s

建立帳號

cat <<EOF | kubectl create -f -
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin
  namespace: kubernetes-dashboard

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin
  namespace: kubernetes-dashboard
EOF

# 輸出
serviceaccount/admin created
clusterrolebinding.rbac.authorization.k8s.io/admin created

查看 Secret

kubectl get secret -n kubernetes-dashboard

# 輸出
admin-token-g9mmj                  kubernetes.io/service-account-token   3      41s
default-token-6vfd5                kubernetes.io/service-account-token   3      14m
kubernetes-dashboard-certs         Opaque                                0      14m
kubernetes-dashboard-csrf          Opaque                                1      14m
kubernetes-dashboard-key-holder    Opaque                                2      14m
kubernetes-dashboard-token-8h4vm   kubernetes.io/service-account-token   3      14m

取得Token

kubectl describe secret admin-token-g9mmj -n kubernetes-dashboard

# 輸出
Name:         admin-token-g9mmj
Namespace:    kubernetes-dashboard
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: admin
              kubernetes.io/service-account.uid: 727ec787-1289-45c0-894f-948a9e034e9f

Type:  kubernetes.io/service-account-token

Data
====
namespace:  20 bytes
token:      [TOKEN_CONTENT]
ca.crt:     1099 bytes

查看 k8s-dashboard

主機IP為 34.80.184.65

訪問 https://34.80.184.65:30012/

輸入token後 即可登入

移除 k8s-Dashboard

kubectl delete -f recommended.yaml

# 輸出
namespace "kubernetes-dashboard" deleted
serviceaccount "kubernetes-dashboard" deleted
service "kubernetes-dashboard" deleted
secret "kubernetes-dashboard-certs" deleted
secret "kubernetes-dashboard-csrf" deleted
secret "kubernetes-dashboard-key-holder" deleted
configmap "kubernetes-dashboard-settings" deleted
role.rbac.authorization.k8s.io "kubernetes-dashboard" deleted
clusterrole.rbac.authorization.k8s.io "kubernetes-dashboard" deleted
rolebinding.rbac.authorization.k8s.io "kubernetes-dashboard" deleted
clusterrolebinding.rbac.authorization.k8s.io "kubernetes-dashboard" deleted
deployment.apps "kubernetes-dashboard" deleted
service "dashboard-metrics-scraper" deleted
deployment.apps "dashboard-metrics-scraper" deleted
轉載請註明來源,若有任何錯誤或表達不清楚的地方,歡迎在下方評論區留言,也可以來信至 leozheng0621@gmail.com
如果文章對您有幫助,歡迎斗內(donate),請我喝杯咖啡

斗內💰

©2022-2022 LeoZheng

Built with Hexo and 3-hexo theme

×

歡迎斗內

github