zoukankan      html  css  js  c++  java
  • helm 安装kubernetes-dashboard

    k8s的包管理管路

    https://helm.sh/zh/docs/community/developers/
    https://github.com/helm/helm

    安装kubernetes dashboard

    本地需要先搭建k8s集群

    kubernetes系列(十七) - 通过helm安装dashboard详细教程 提供了helm install 的具体命令

    csdn

    安装helm

    直接源码安装

    $ git clone https://github.com/helm/helm.git
    $ cd helm
    $ make
    
    $ cp /bin/helm /usr/local/bin/
    
    $ helm version
    

    安装dashboard

    helm repo add kubernetes-dashboard https://kubernetes.github.io/dashboard/
    https_proxy=http://192.168.1.14:9910 helm pull kubernetes-dashboard/kubernetes-dashboard
    

    helm pull 和helm install 我的机器上执行都有问题,这里直接通过代理把安装包下载到本地

    tar -zxvf helm-v3.4.1-linux-amd64.tar.gz
    cd kubernetes-dashboard
    

    helm install 安装

    helm install -f values.yaml --namespace kube-system kubernetes-dashboard .
    

    此次安装会创建一个role和serviceaccounts, 名称都为kubernetes-dashboard

    [root@control-plane kubernetes-dashboard]# k get sa -n kube-system kubernetes-dashboard
    NAME                   SECRETS   AGE
    kubernetes-dashboard   1         52m
    
    [root@control-plane kubernetes-dashboard]# k get role -n kube-system kubernetes-dashboard
    NAME                   CREATED AT
    kubernetes-dashboard   2021-05-05T13:10:59Z
    

    dashboard默认的serviceaccouts是没有权限查询集群的信息的,需要创建一个clusterrolebinding 到cluster-admin

    创建dashboard-admin.yaml

    apiVersion: rbac.authorization.k8s.io/v1
    kind: ClusterRoleBinding
    metadata:
      name: kubernetes-dashboard
      namespace: kube-system
    subjects:
      - kind: ServiceAccount
        name: kubernetes-dashboard
        namespace: kube-system
    roleRef:
      apiGroup: rbac.authorization.k8s.io
      kind: ClusterRole
      name: cluster-admin
    
    

    创建绑定关系kubectl apply -f dashboard-admin.yaml

    另外一个问题是dashboard默认是以集群ip对外服务的,我用的是虚拟机,需要将dashboard生成的service改成NodePort类型

    kubectl edit svc kubernetes-dashboard -n kube-system
    

    将spec.type 改成NodePort即可

    [root@control-plane kubernetes-dashboard]# k get svc -n kube-system
    NAME                   TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                  AGE
    kube-dns               ClusterIP   10.96.0.10      <none>        53/UDP,53/TCP,9153/TCP   99m
    kubernetes-dashboard   NodePort    10.98.200.159   <none>        443:31644/TCP            67m
    

    打开浏览器输入http://nodeip:31644 ,需要验证登录,选择token

    [root@control-plane kubernetes-dashboard]# kubectl get secret -n kube-system | grep kubernetes-dashboard-token
    kubernetes-dashboard-token-9ms4n                 kubernetes.io/service-account-token   3      69m
    
    [root@control-plane kubernetes-dashboard]# k describe secret -n kube-system kubernetes-dashboard-token-9ms4n
    Name:         kubernetes-dashboard-token-9ms4n
    Namespace:    kube-system
    Labels:       <none>
    Annotations:  kubernetes.io/service-account.name: kubernetes-dashboard
                  kubernetes.io/service-account.uid: b485b065-49f0-451c-aabf-7e9959371b97
    
    Type:  kubernetes.io/service-account-token
    
    Data
    ====
    ca.crt:     1066 bytes
    namespace:  11 bytes
    token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IlpOaFZucUVwX01iQ0J4ajlWWV91aXdOcHF4UzdJay1fYWdSbTRndWJSOFkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi05bXM0biIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImI0ODViMDY1LTQ5ZjAtNDUxYy1hYWJmLTdlOTk1OTM3MWI5NyIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.tmQSiIKWd2-Fu2Nx0850halBG5RI9dhdn5miyS2dcKk_egfmEL11SvG8Li1YsScRx37WAcL5uvaoN_yNr-DcGyg2V5PYjz_1IB4AlW45qo-Klh6x7XLwXRkvJ2UkWy6zOYDP0v7BCiCSOjjK8uF9C0MPpPtNMwKXOEzxamAZP0urpDcspWdbKg3TNpNPSRM6p6Q0gLcV0PIlDPCDVWuewVV8LcO8bGzHS56tZ384NTyvD6xYJuoTEPr6QdBjllmWQ-pymIkXQ9fAZbEfMsggjESftc-kQVQZv4-qK1jfizpQmH_meCShI-m0idE4t5EaGrwa3EOmjh8NgQVR9QsuKg
    

    粘贴token字段对应值到浏览器即可登录

    QQ浏览器截图20210505222140.png

  • 相关阅读:
    cocos2d-x把json数据解析到数组或字典中(libjson库)
    (bug更正)利用KVC和associative特性在NSObject中存储键值
    第二次博客作业
    我的感想
    期末总结
    陈老师作业
    第三次作业---四则运算的进一步完善
    好难
    对git的认识
    计应143 卞玉新
  • 原文地址:https://www.cnblogs.com/linyihai/p/14733091.html
Copyright © 2011-2022 走看看