铁匠
fengjx
2022-09-09
目录

安装 kubernetes-dashboard

# 安装

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.6.1/aio/deploy/recommended.yaml
1

# 访问控制

  • type 修改为 NodePort

    kubectl -n kubernetes-dashboard edit svc kubernetes-dashboard
# 然后修改 `type: ClusterIP` 为 `type: NodePort`
    1
    2

  • 查看暴露端口

    kubectl -n kubernetes-dashboard get svc kubernetes-dashboard
NAME                   TYPE       CLUSTER-IP     EXTERNAL-IP   PORT(S)         AGE
kubernetes-dashboard   NodePort   10.111.81.45   <none>        443:30629/TCP   5h56m
# 暴露的端口(nodePort)为 30629
    1
    2
    3
    4

    通过 https://<node-ip>:<nodePort> 访问 dashboard

# 用户管理

  • 创建用户

    mkdir -p $HOME/.kube/dashbaord
cat <<EOF | tee $HOME/.kube/dashbaord/admin.yaml
# kubectl apply -f $HOME/.kube/dashbaord/admin.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin
  namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin
  namespace: kubernetes-dashboard

EOF
# 创建用户
kubectl apply -f $HOME/.kube/dashbaord/admin.yaml
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25

  • 创建 token

    # 这里其实是返回一个 jwt,如果忘记了可以再次生成
kubectl -n kubernetes-dashboard create token admin
eyJhbGciOiJSUzI1NiIsImtpZCI6ImhxR1VOeGs2X05CRzhOVkpJbEZZOGtMdWdjRDhCZHktMFhFaXFYRnlrZHMifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNjYyNzM4MTkyLCJpYXQiOjE2NjI3MzQ1OTIsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbiIsInVpZCI6ImE0NDU0ZjE5LTEzZjEtNDNlNi05ZDdkLWQ3ZmM2OTMzYTJjNCJ9fSwibmJmIjoxNjYyNzM0NTkyLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4ifQ.Y2yY-T1wCAGq5dGibQeKr0di2DYFFjnJxurIBhqkqw9x_Bi_tRCoyP9pFNya9NLxcK9mdTPtOKlVdCkK4krdC8dTQ6mNoJ0HVhUj8vLE8CSJTwYztM53UsFNAZFI5gfKssRRm7wbGaMWNpesJHvMA2dNsPZuKUXLFdETl6WhH7pRtoRicU0khFyrFpOQl3bhY6FMk9rAsbZS_tAWLiVbBBNEI6wP787YBwWgIgGYVouV69vvIckXAXZWopCnpyBeLd0hk-Kjb_hss58HPM_sgifDXxWIpRJf9l0q0jUxrO_pbBKF2MLEd3OYChyzhOawp__L_pbEV501hfr5NS9GnQ
    1
    2
    3

    浏览器打开(注意是 https) https://<node-ip>:<nodePort>,浏览器安全策略会阻止访问,选择继续访问

    选择 token 登录,从控制台复制生成的 token

    登录成功后的界面

# 参考

#云原生#k8s
ubuntu 安装 Kubernetes

最近更新
01
策略模式
01-09
02
模板方法
01-06
03
观察者模式
01-06
更多文章>
Theme by Vdoing | Copyright © 2016-2023 铁匠 | 粤ICP备15021633号