zoukankan      html  css  js  c++  java

  • k8s dashboard 部署并使用 kubeconfig 登陆

    部署
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta4/aio/deploy/recommended.yaml
# 获取 token 登陆 
kubectl -n kubernetes-dashboard  get  secret  default-token-7kjvr 
此时获取的结果可以用于 token 登陆,为方便用 Kubeconfig登陆 dashboard
# 创建需要的证书
mkdir -p /usr/local/src/kubernetes/certs
cd /usr/local/src/kubernetes
openssl genrsa -des3 -passout pass:x -out certs/dashboard.pass.key 2048
openssl rsa -passin pass:x -in certs/dashboard.pass.key -out certs/dashboard.key
openssl req -new -key certs/dashboard.key -out certs/dashboard.csr -subj '/CN=kube-dashboard'
openssl x509 -req -sha256 -days 365 -in certs/dashboard.csr -signkey certs/dashboard.key -out certs/dashboard.crt
rm certs/dashboard.pass.key
kubectl create secret generic kubernetes-dashboard-certs --from-file=certs -n kube-system

# 获取token 
DASH_TOCKEN=$(kubectl -n kubernetes-dashboard  get  secret  default-token-7kjvr  -o jsonpath={.data.token} |base64 -d)
# 设置 kubeconfig 文件中的一个集群条目
kubectl config set-cluster kubernetes --server=172.24.119.227:8443 --kubeconfig=/usr/local/src/dashbord-admin.conf
# 设置 kubeconfig 文件中的一个用户条目
kubectl config set-credentials dashboard-admin --token=$DASH_TOCKEN --kubeconfig=/usr/local/src/dashbord-admin.conf 
# 设置 kubeconfig 文件中的一个上下文条目
kubectl config set-context dashboard-admin@kubernetes --cluster=kubernetes --user=dashboard-admin --kubeconfig=/usr/local/src/dashbord-admin.conf 
#设置 kubeconfig 文件中的当前上下文
kubectl config use-context dashboard-admin@kubernetes --kubeconfig=/usr/local/src/dashbord-admin.conf 
sz /usr/local/src/dashbord-admin.conf 


# ingress 配置
$ cat dash-ingress.yaml 
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
    nginx.ingress.kubernetes.io/backend-protocol: HTTPS
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  rules:
  - host: rjddsdashr.tagtic.cn
    http:
      paths:
      - path: /
        backend:
          servicePort: 443
          serviceName: kubernetes-dashboard
  tls:
  - hosts:
    - rjddsdashr.tagtic.cn
    secretName: kubernetes-dashboard-certs

      
  • 相关阅读:
    查看端口有没有被占用
    微信公众号2()
    How to insert a segment of noise to music file
    puppet practice
    Docker Commands
    LempelZiv algorithm realization
    The algorithm of entropy realization
    Java network programmingguessing game
    Deploy Openstack with RDO and Change VNC console to Spice
    puppet overview
  • 原文地址:https://www.cnblogs.com/lixinliang/p/12217169.html
Copyright © 2011-2022 走看看