zoukankan      html  css  js  c++  java

  • k8s dashboard 部署并使用 kubeconfig 登陆

    部署
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta4/aio/deploy/recommended.yaml
# 获取 token 登陆 
kubectl -n kubernetes-dashboard  get  secret  default-token-7kjvr 
此时获取的结果可以用于 token 登陆,为方便用 Kubeconfig登陆 dashboard
# 创建需要的证书
mkdir -p /usr/local/src/kubernetes/certs
cd /usr/local/src/kubernetes
openssl genrsa -des3 -passout pass:x -out certs/dashboard.pass.key 2048
openssl rsa -passin pass:x -in certs/dashboard.pass.key -out certs/dashboard.key
openssl req -new -key certs/dashboard.key -out certs/dashboard.csr -subj '/CN=kube-dashboard'
openssl x509 -req -sha256 -days 365 -in certs/dashboard.csr -signkey certs/dashboard.key -out certs/dashboard.crt
rm certs/dashboard.pass.key
kubectl create secret generic kubernetes-dashboard-certs --from-file=certs -n kube-system

# 获取token 
DASH_TOCKEN=$(kubectl -n kubernetes-dashboard  get  secret  default-token-7kjvr  -o jsonpath={.data.token} |base64 -d)
# 设置 kubeconfig 文件中的一个集群条目
kubectl config set-cluster kubernetes --server=172.24.119.227:8443 --kubeconfig=/usr/local/src/dashbord-admin.conf
# 设置 kubeconfig 文件中的一个用户条目
kubectl config set-credentials dashboard-admin --token=$DASH_TOCKEN --kubeconfig=/usr/local/src/dashbord-admin.conf 
# 设置 kubeconfig 文件中的一个上下文条目
kubectl config set-context dashboard-admin@kubernetes --cluster=kubernetes --user=dashboard-admin --kubeconfig=/usr/local/src/dashbord-admin.conf 
#设置 kubeconfig 文件中的当前上下文
kubectl config use-context dashboard-admin@kubernetes --kubeconfig=/usr/local/src/dashbord-admin.conf 
sz /usr/local/src/dashbord-admin.conf 


# ingress 配置
$ cat dash-ingress.yaml 
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
    nginx.ingress.kubernetes.io/backend-protocol: HTTPS
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  rules:
  - host: rjddsdashr.tagtic.cn
    http:
      paths:
      - path: /
        backend:
          servicePort: 443
          serviceName: kubernetes-dashboard
  tls:
  - hosts:
    - rjddsdashr.tagtic.cn
    secretName: kubernetes-dashboard-certs

      
  • 相关阅读:
    CodeForces 408E Curious Array(组合数学+差分)
    CodeForces 519E A and B and Lecture Rooms(倍增)
    洛谷 4051 [JSOI2007]字符加密(后缀数组)
    哇,两门学考都是A(〃'▽'〃)
    BZOJ 1977 严格次小生成树
    XJOI 3606 最大子矩形面积/LightOJ 1083 Histogram(单调栈/笛卡尔树)
    XJOI 3629 非严格次小生成树(pqq的礼物)
    XJOI 3363 树4/ Codeforces 739B Alyona and a tree(树上差分+路径倍增)
    [转载]别让用户发呆—设计中的防呆策略
    Linux下的链接文件
  • 原文地址:https://www.cnblogs.com/lixinliang/p/12217169.html
Copyright © 2011-2022 走看看