Dashboard:
1.部署: 下载yaml文件 可以直接运行也可以下载下来
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
wget https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
2. 将Service改为NodePort
kubectl patch svc kubernetes-dashboard -p '{"spec":{"type":"NodePort"}}' -n kube-system
给将dashboard的pods打补丁,让dashboard的服务是用NodePort来暴露,就可以使用 http://<宿主机IP>:<port-3XXXX>来访问dashboard的页面了
3. 认证
建立一个账号:
apiVersion: v1 kind: ServiceAccount metadata: name: admin #建立账号admin namespace: kube-system
kubectl get sa -n kube-system
kubectl get sa -n admin kube-system
给账号绑定一个集群权限:
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: admin roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: admin namespace: kube-system
kubectl get clusterrolebinding
查看admin用户的token,用来登录dashboard
DAMIN_NAME=$(kubectl -n kube-system get secret | grep admin | awk '{print $1}')
kubectl -n kube-system describe secret $DAMIN_NAME
复制token
http://<宿主机IP>:<port-3XXXX>登录页面 输入token
完成账号配置