k8s安装之dashboard

xiunai 2019-10-27

dashboard
wget https://storage.googleapis.com/kubernetes-release/release/v1.11.0/kubernetes-server-linux-amd64.tar.gz
tar -xzvf kubernetes-server-linux-amd64.tar.gz
cd kubernetes
tar -zxf kubernetes-src.tar.gz
cd cluster/addons/dashboard
cp *.yaml ~/dashboard/
#####修改配置文件

cat dashboard-service.yaml
apiVersion: v1
kind: Service
metadata:
  name: kubernetes-dashboard
  namespace: kube-system
  labels:
    k8s-app: kubernetes-dashboard
    kubernetes.io/cluster-service: "true"
    addonmanager.kubernetes.io/mode: Reconcile
spec:
  selector:
    k8s-app: kubernetes-dashboard
  type: NodePort ###此处为添加
  ports:
  - port: 443
    targetPort: 8443
#####修改kube-apiserver.service

--anonymous-auth=false \ # 不接受匿名访问,若为true,则表示接受,此处设置为false,便于dashboard访问
--basic-auth-file=/etc/kubernetes/basic_auth_file 新建/etc/kubernetes/basic_auth_file文件,并在其中添加:

admin,admin,1002
#####启动

kubectl apply -f .
#####权限

kubectl create clusterrolebinding login-dashboard-admin --clusterrole=cluster-admin --user=admin

#####获取token

kubectl -n kube-system create sa dashboard
kubectl create clusterrolebinding dashboard --clusterrole cluster-admin --serviceaccount=kube-system:dashboard
SECRET=$(kubectl -n kube-system get sa dashboard -o yaml | awk ‘/dashboard-token/ {print $3}‘)
kubectl -n kube-system describe secrets ${SECRET} | awk ‘/token:/{print $2}‘
测试
https://172.16.20.206:6443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/

相关推荐