k8s部署网页管理面板

Postkarte不想说话
407 阅读1分钟

部署面板

# 下载dashboard面板
wget https://github.com/kubernetes/dashboard/archive/refs/tags/v2.7.0.tar.gz

#解压
[root@master dashboard]# tar -xf v2.7.0.tar.gz 

# 修改dashboard的service为NodePort类型,内容如下
[root@master dashboard-2.7.0]# vim aio/deploy/recommended.yaml

image.png

# 应用dashboard的yaml文件
kubectl apply -f aio/deploy/recommended.yaml 

# 查看service的端口,如下所示暴露的端口为30005
[root@master dashboard-2.7.0]# kubectl get service -n kubernetes-dashboard
NAME                        TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.98.221.209   <none>        8000/TCP        4m39s
kubernetes-dashboard        NodePort    10.103.56.208   <none>        443:30005/TCP   4m46s

访问面板

访问https://172.16.0.3:30005,如下图所示。提示需要token

image.png

生成token

创建service account

# admin-user.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard

# 应用service account
[root@master dashboard-2.7.0]# kubectl apply -f admin-user.yaml 
serviceaccount/admin-user created

创建cluster role binding

# clusterRoleBinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

# 应用clusterRoleBinding
[root@master dashboard-2.7.0]# kubectl apply -f clusterRoleBinding.yaml 
clusterrolebinding.rbac.authorization.k8s.io/admin-user created

生成token,然后就可以用生成的token登录页面了

kubectl -n kubernetes-dashboard create token admin-user

image.png

参考文档

avatar
文章
阅读
粉丝