> 文档中心 > 『Kubernetes』在k8s中部署Dashboard可视化面板

『Kubernetes』在k8s中部署Dashboard可视化面板

『Kubernetes』在k8s中部署Dashboard可视化面板
📣读完这篇文章里你能收获到

  • 保姆级的K8S安装Dashboard
  • 可视化管理Kubernetes

『Kubernetes』在k8s中部署Dashboard可视化面板

文章目录

  • 一、前提
  • 二、安装Dashboard
    • 1. 直接运行
    • 2. 无法访问raw.githubusercontent.com域名
  • 三、更新SVC访问模式
    • 1. 查看POD状态,确保Pod状态都为Running
    • 2. 查看SVC
    • 3. 修改SVC访问模式
  • 四、浏览器访问
  • 五、生成Token

『Kubernetes』在k8s中部署Dashboard可视化面板

一、前提

  1. 本实例 Kubernetes 版本为 v1.22.5,对应Dashboard版本v2.5.0
  2. 对应K8S版本与Dashboard版本的兼容 点击此查看-kubernetes/dashboard · GitHub

『Kubernetes』在k8s中部署Dashboard可视化面板

二、安装Dashboard

1. 直接运行

  • kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.0/aio/deploy/recommended.yaml

2. 无法访问raw.githubusercontent.com域名

  • 可以直接copy以下文件
# Copyright 2017 The Kubernetes Authors.## Licensed under the Apache License, Version 2.0 (the "License");# you may not use this file except in compliance with the License.# You may obtain a copy of the License at##     http://www.apache.org/licenses/LICENSE-2.0## Unless required by applicable law or agreed to in writing, software# distributed under the License is distributed on an "AS IS" BASIS,# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.# See the License for the specific language governing permissions and# limitations under the License.apiVersion: v1kind: Namespacemetadata:  name: kubernetes-dashboard---apiVersion: v1kind: ServiceAccountmetadata:  labels:    k8s-app: kubernetes-dashboard  name: kubernetes-dashboard  namespace: kubernetes-dashboard---kind: ServiceapiVersion: v1metadata:  labels:    k8s-app: kubernetes-dashboard  name: kubernetes-dashboard  namespace: kubernetes-dashboardspec:  ports:    - port: 443      targetPort: 8443  selector:    k8s-app: kubernetes-dashboard---apiVersion: v1kind: Secretmetadata:  labels:    k8s-app: kubernetes-dashboard  name: kubernetes-dashboard-certs  namespace: kubernetes-dashboardtype: Opaque---apiVersion: v1kind: Secretmetadata:  labels:    k8s-app: kubernetes-dashboard  name: kubernetes-dashboard-csrf  namespace: kubernetes-dashboardtype: Opaquedata:  csrf: ""---apiVersion: v1kind: Secretmetadata:  labels:    k8s-app: kubernetes-dashboard  name: kubernetes-dashboard-key-holder  namespace: kubernetes-dashboardtype: Opaque---kind: ConfigMapapiVersion: v1metadata:  labels:    k8s-app: kubernetes-dashboard  name: kubernetes-dashboard-settings  namespace: kubernetes-dashboard---kind: RoleapiVersion: rbac.authorization.k8s.io/v1metadata:  labels:    k8s-app: kubernetes-dashboard  name: kubernetes-dashboard  namespace: kubernetes-dashboardrules:  # Allow Dashboard to get, update and delete Dashboard exclusive secrets.  - apiGroups: [""]    resources: ["secrets"]    resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"]    verbs: ["get", "update", "delete"]    # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.  - apiGroups: [""]    resources: ["configmaps"]    resourceNames: ["kubernetes-dashboard-settings"]    verbs: ["get", "update"]    # Allow Dashboard to get metrics.  - apiGroups: [""]    resources: ["services"]    resourceNames: ["heapster", "dashboard-metrics-scraper"]    verbs: ["proxy"]  - apiGroups: [""]    resources: ["services/proxy"]    resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"]    verbs: ["get"]---kind: ClusterRoleapiVersion: rbac.authorization.k8s.io/v1metadata:  labels:    k8s-app: kubernetes-dashboard  name: kubernetes-dashboardrules:  # Allow Metrics Scraper to get metrics from the Metrics server  - apiGroups: ["metrics.k8s.io"]    resources: ["pods", "nodes"]    verbs: ["get", "list", "watch"]---apiVersion: rbac.authorization.k8s.io/v1kind: RoleBindingmetadata:  labels:    k8s-app: kubernetes-dashboard  name: kubernetes-dashboard  namespace: kubernetes-dashboardroleRef:  apiGroup: rbac.authorization.k8s.io  kind: Role  name: kubernetes-dashboardsubjects:  - kind: ServiceAccount    name: kubernetes-dashboard    namespace: kubernetes-dashboard---apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRoleBindingmetadata:  name: kubernetes-dashboardroleRef:  apiGroup: rbac.authorization.k8s.io  kind: ClusterRole  name: kubernetes-dashboardsubjects:  - kind: ServiceAccount    name: kubernetes-dashboard    namespace: kubernetes-dashboard---kind: DeploymentapiVersion: apps/v1metadata:  labels:    k8s-app: kubernetes-dashboard  name: kubernetes-dashboard  namespace: kubernetes-dashboardspec:  replicas: 1  revisionHistoryLimit: 10  selector:    matchLabels:      k8s-app: kubernetes-dashboard  template:    metadata:      labels: k8s-app: kubernetes-dashboard    spec:      securityContext: seccompProfile:   type: RuntimeDefault      containers: - name: kubernetes-dashboard   image: kubernetesui/dashboard:v2.5.0   imagePullPolicy: Always   ports:     - containerPort: 8443protocol: TCP   args:     - --auto-generate-certificates     - --namespace=kubernetes-dashboard     # Uncomment the following line to manually specify Kubernetes API server Host     # If not specified, Dashboard will attempt to auto discover the API server and connect     # to it. Uncomment only if the default does not work.     # - --apiserver-host=http://my-address:port   volumeMounts:     - name: kubernetes-dashboard-certsmountPath: /certs# Create on-disk volume to store exec logs     - mountPath: /tmpname: tmp-volume   livenessProbe:     httpGet:scheme: HTTPSpath: /port: 8443     initialDelaySeconds: 30     timeoutSeconds: 30   securityContext:     allowPrivilegeEscalation: false     readOnlyRootFilesystem: true     runAsUser: 1001     runAsGroup: 2001      volumes: - name: kubernetes-dashboard-certs   secret:     secretName: kubernetes-dashboard-certs - name: tmp-volume   emptyDir: {}      serviceAccountName: kubernetes-dashboard      nodeSelector: "kubernetes.io/os": linux      # Comment the following tolerations if Dashboard must not be deployed on master      tolerations: - key: node-role.kubernetes.io/master   effect: NoSchedule---kind: ServiceapiVersion: v1metadata:  labels:    k8s-app: dashboard-metrics-scraper  name: dashboard-metrics-scraper  namespace: kubernetes-dashboardspec:  ports:    - port: 8000      targetPort: 8000  selector:    k8s-app: dashboard-metrics-scraper---kind: DeploymentapiVersion: apps/v1metadata:  labels:    k8s-app: dashboard-metrics-scraper  name: dashboard-metrics-scraper  namespace: kubernetes-dashboardspec:  replicas: 1  revisionHistoryLimit: 10  selector:    matchLabels:      k8s-app: dashboard-metrics-scraper  template:    metadata:      labels: k8s-app: dashboard-metrics-scraper    spec:      securityContext: seccompProfile:   type: RuntimeDefault      containers: - name: dashboard-metrics-scraper   image: kubernetesui/metrics-scraper:v1.0.7   ports:     - containerPort: 8000protocol: TCP   livenessProbe:     httpGet:scheme: HTTPpath: /port: 8000     initialDelaySeconds: 30     timeoutSeconds: 30   volumeMounts:   - mountPath: /tmp     name: tmp-volume   securityContext:     allowPrivilegeEscalation: false     readOnlyRootFilesystem: true     runAsUser: 1001     runAsGroup: 2001      serviceAccountName: kubernetes-dashboard      nodeSelector: "kubernetes.io/os": linux      # Comment the following tolerations if Dashboard must not be deployed on master      tolerations: - key: node-role.kubernetes.io/master   effect: NoSchedule      volumes: - name: tmp-volume   emptyDir: {}

『Kubernetes』在k8s中部署Dashboard可视化面板

三、更新SVC访问模式

1. 查看POD状态,确保Pod状态都为Running

kubectl get pods -n kubernetes-dashboard

『Kubernetes』在k8s中部署Dashboard可视化面板

2. 查看SVC

kubectl get svc -n kubernetes-dashboard

『Kubernetes』在k8s中部署Dashboard可视化面板

3. 修改SVC访问模式

kubectl edit svc kubernetes-dashboard -n kubernetes-dashboard
  • 将ClusterIP改为NodePort

『Kubernetes』在k8s中部署Dashboard可视化面板

『Kubernetes』在k8s中部署Dashboard可视化面板

四、浏览器访问

kubectl get svc -n kubernetes-dashboard

『Kubernetes』在k8s中部署Dashboard可视化面板

  • 我这里是https://localhost:30429

『Kubernetes』在k8s中部署Dashboard可视化面板
『Kubernetes』在k8s中部署Dashboard可视化面板

五、生成Token

kubectl get secret -n kubernetes-dashboard

『Kubernetes』在k8s中部署Dashboard可视化面板

kubectl describe secret kubernetes-dashboard-token-tfpdf -n kubernetes-dashboard

『Kubernetes』在k8s中部署Dashboard可视化面板

  • 复制Token到浏览器输入即可打开

『Kubernetes』在k8s中部署Dashboard可视化面板

养殖设备