版权声明:欢迎转载,请注明出处,谢谢。 https://blog.csdn.net/boling\_cavalry/article/details/83715479
本文是《CentOS7环境部署kubenetes1.12版本五部曲》系列的第四篇,前面的实站已经搭建了kubernetes1.12集群,操作都是在控制台用kubectl命令来完成的,今天咱们一起将WEB管理页面部署上去;
本次实战需要访问外国网站,才能kubernetes相关的操作用于学习和实践;
kubectl create -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml
kubectl get services --all-namespaces
控制台输出服务相关信息:
[root@localhost ~]# kubectl get services --all-namespaces
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 6h25m
default tomcat001 NodePort 10.109.30.238 <none> 8080:30006/TCP 80m
kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 6h25m
kube-system kubernetes-dashboard ClusterIP 10.102.251.175 <none> 443/TCP 15m
可见dashboard服务的namespace是kube-system,但是该服务的类型是ClusterIP,不便于我们通过浏览器访问,因此需要改成NodePort型的;
cat <<EOF > ~/dashboard-svc.yaml
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
type: NodePort
ports:
- port: 443
targetPort: 8443
selector:
k8s-app: kubernetes-dashboard
EOF
kubectl delete service kubernetes-dashboard --namespace=kube-system
kubectl create -f ~/dashboard-svc.yaml
[root@localhost ~]# kubectl get services --all-namespaces
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 6h33m
default tomcat001 NodePort 10.109.30.238 <none> 8080:30006/TCP 88m
kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 6h33m
kube-system kubernetes-dashboard NodePort 10.108.210.180 <none> 443:32073/TCP 13s
cat <<EOF > ~/dashboard-svc-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-admin
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard-admin
labels:
k8s-app: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard-admin
namespace: kube-system
EOF
kubectl create -f ~/dashboard-svc-account.yaml
kubectl -n kube-system get secret | grep kubernetes-dashboard-admin
执行的结果如下图所示,红框中的kubernetes-dashboard-admin-token-wc5tf就是dashboard的secret:
kubectl describe -n kube-system secret/kubernetes-dashboard-admin-token-wc5tf \
|grep token:
如下图所示,token:右侧的"eyJhbGciOiJSU…"这一长串字符串就是token,这是个永久生效的token,请保存下来:
kubectl get pods -n kube-system \
| grep kubernetes-dashboard-
在控制台输出如下:
[root@localhost ~]# kubectl get pods -n kube-system \
> | grep kubernetes-dashboard-
kubernetes-dashboard-77fd78f978-84krd 1/1 Running 0 54m
可见pod的名字是kubernetes-dashboard-77fd78f978-84krd,接下来可以根据名字查看pod的详情;
kubectl describe -n kube-system pod/kubernetes-dashboard-77fd78f978-84krd
输出信息很丰富,如下图红框所示,该pod位于node1节点:
由于官方文档中提到Heapster即将废弃,因此本次实战并未安装Heapster,文档地址:https://github.com/kubernetes/heapster/blob/master/docs/deprecation.md
至此,dashboard安装已经完成,接下来的章节会在kubernetes集群之外的一台普通CentOS7服务器上安装kubectl,用来操作当前kubernetes集群;