k8s || dashboard

已于 2024-11-22 16:29:27 修改
阅读量648 收藏
点赞数 1
CC 4.0 BY-SA版权
分类专栏: k8s 文章标签: kubernetes 容器 云原生
于 2023-04-10 20:41:49 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_60271706/article/details/130069170
文章详细介绍了如何在Kubernetes环境中部署和配置Dashboard,包括下载yaml文件、创建必要的服务账户、修改服务类型为NodePort以允许外部访问,并设置了管理员权限。最后,文章提到了如何获取和使用token来登录Dashboard。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

Dashboard是什么

Dashboard 是基于网页的 Kubernetes 用户界面。 你可以使用 Dashboard 将容器应用部署到 Kubernetes 集群中,也可以对容器应用排错,还能管理集群资源。 你可以使用 Dashboard 获取运行在集群中的应用的概览信息,也可以创建或者修改 Kubernetes 资源 (如 Deployment、Job、DaemonSet 等等)。

例如,你可以对 Deployment 实现弹性伸缩、发起滚动升级、重启 Pod 或者使用向导创建新的应用。Dashboard 同时展示了 Kubernetes 集群中的资源状态信息和所有报错信息。

部署 Dashboard

1.下载recommended.yaml文件

[root@k8smaster dashboard]# wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.0/aio/deploy/recommended.yaml
--2023-04-10 18:40:14--  https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.0/aio/deploy/recommended.yaml
正在解析主机 raw.githubusercontent.com (raw.githubusercontent.com)... 185.199.110.133, 185.199.108.133, 185.199.111.133, ...
正在连接 raw.githubusercontent.com (raw.githubusercontent.com)|185.199.110.133|:443... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:7621 (7.4K) [text/plain]
正在保存至: “recommended.yaml”

100%[====================================================>] 7,621       9.25KB/s 用时 0.8s   

2023-04-10 18:40:16 (9.25 KB/s) - 已保存 “recommended.yaml” [7621/7621])

[root@k8smaster dashboard]# ls
recommended.yaml

2.创建

[root@k8smaster dashboard]# kubectl apply -f recommended.yaml 
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created

3.查看

[root@k8smaster dashboard]# kubectl get ns
NAME                   STATUS   AGE
default                Active   18d
kube-node-lease        Active   18d
kube-public            Active   18d
kube-system            Active   18d
kubernetes-dashboard   Active   117s
# kubernetes-dashboard 是dashboard自己的命名空间

[root@k8smaster dashboard]# kubectl get pod -n kubernetes-dashboard
NAME                                         READY   STATUS    RESTARTS   AGE
dashboard-metrics-scraper-5b8896d7fc-bs4pt   1/1     Running   0          2m59s
kubernetes-dashboard-cb988587b-67jxm         1/1     Running   0          2m59s

4.查看dashboard对应的服务

因为发布服务的类型是ClusterIP ,外面的机器不能访问,不便于我们通过浏览器访问,因此需要改成NodePort。

[root@k8smaster dashboard]# kubectl get svc -n kubernetes-dashboard
NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE
dashboard-metrics-scraper   ClusterIP   10.96.129.7      <none>        8000/TCP   3m25s
kubernetes-dashboard        ClusterIP   10.102.176.114   <none>        443/TCP    3m26s

5.删除已经创建的dashboard 服务

[root@k8smaster dashboard]# kubectl delete svc kubernetes-dashboard -n kubernetes-dashboard
service "kubernetes-dashboard" deleted

[root@k8smaster dashboard]# kubectl get svc -n kubernetes-dashboard
NAME                        TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)    AGE
dashboard-metrics-scraper   ClusterIP   10.96.129.7   <none>        8000/TCP   4m38s

6.创建nodeport的service

[root@k8smaster dashboard]# vim dashboard-svc.yaml
[root@k8smaster dashboard]# cat dashboard-svc.yaml 
kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  type: NodePort
  ports:
    - port: 443
      targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard

[root@k8smaster dashboard]# kubectl apply -f dashboard-svc.yaml 
service/kubernetes-dashboard created

[root@k8smaster dashboard]# kubectl get svc -n kubernetes-dashboard
NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.102.190.252   <none>        8000/TCP        11m
kubernetes-dashboard        NodePort    10.103.158.222   <none>        443:32369/TCP   9m54s

7.访问dashboard服务

要有访问权限,创建kubernetes-dashboard管理员角色。

[root@k8smaster dashboard]# vim dashboard-svc-account.yaml
[root@k8smaster dashboard]# cat dashboard-svc-account.yaml 
apiVersion: v1
kind: ServiceAccount
metadata:
  name: dashboard-admin
  namespace: kube-system
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: dashboard-admin
subjects:
  - kind: ServiceAccount
    name: dashboard-admin
    namespace: kube-system
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io

[root@k8smaster dashboard]# kubectl apply -f dashboard-svc-account.yaml 
serviceaccount/dashboard-admin created
clusterrolebinding.rbac.authorization.k8s.io/dashboard-admin created

8.获取dashboard的secret对象的名字

[root@k8smaster dashboard]# kubectl get secret -n kube-system|grep admin|awk '{print $1}'
dashboard-admin-token-45bz6

[root@k8smaster dashboard]# kubectl describe secret dashboard-admin-token-45bz6 -n kube-system
Name:         dashboard-admin-token-45bz6
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: dashboard-admin
              kubernetes.io/service-account.uid: dff25ada-2f6b-4e5b-9244-fbff1148eeae

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1066 bytes
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6Img3cmkxLWxvWTVPUDIxNVhVYkFqdTBSRzY2RjJtS0pWbnRVN1BuUDdheUEifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tNDViejYiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiZGZmMjVhZGEtMmY2Yi00ZTViLTkyNDQtZmJmZjExNDhlZWFlIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.HolgAuximoLBNfm6gDlWzNxOAV4AetYqMsC374GXGWYEw4W7_p29tiZOrw6wr9T5jwAI3DCx7IjFD9lehScEQuKJ35iNY-NaAYvrj2ABMsXSZ9SN0RWcDALv1XfUqWsAhqE2e6uX11r8Z_LnW1p26goQ-vOJvNUJ84hVOzEOPJQ_VqgIPZsYSlR9jHrAv0t1Wqct3WQhsnVWiP_-mFO8ZHvGVUu6bYASkYbO1doz8UCES7Dq8IQOv1ZgBn_34XvpvnxlpoTGVs8-C3_Q7wU1j24df3OY6bA_d31QRZB25PS11sbUsYEP2QZCo7KfaBtaK3V5F2eqtRQlvCG0XWWocg

9.获得secret里的token的内容

token理解为认证的密码

[root@k8smaster dashboard]# kubectl describe secret dashboard-admin-token-45bz6 -n kube-system|awk '/^token/ {print $2}'
eyJhbGciOiJSUzI1NiIsImtpZCI6Img3cmkxLWxvWTVPUDIxNVhVYkFqdTBSRzY2RjJtS0pWbnRVN1BuUDdheUEifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tNDViejYiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiZGZmMjVhZGEtMmY2Yi00ZTViLTkyNDQtZmJmZjExNDhlZWFlIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.HolgAuximoLBNfm6gDlWzNxOAV4AetYqMsC374GXGWYEw4W7_p29tiZOrw6wr9T5jwAI3DCx7IjFD9lehScEQuKJ35iNY-NaAYvrj2ABMsXSZ9SN0RWcDALv1XfUqWsAhqE2e6uX11r8Z_LnW1p26goQ-vOJvNUJ84hVOzEOPJQ_VqgIPZsYSlR9jHrAv0t1Wqct3WQhsnVWiP_-mFO8ZHvGVUu6bYASkYbO1doz8UCES7Dq8IQOv1ZgBn_34XvpvnxlpoTGVs8-C3_Q7wU1j24df3OY6bA_d31QRZB25PS11sbUsYEP2QZCo7KfaBtaK3V5F2eqtRQlvCG0XWWocg

10.浏览器里访问

[root@k8smaster dashboard]# kubectl get svc -n kubernetes-dashboard
NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.102.190.252   <none>        8000/TCP        11m
kubernetes-dashboard        NodePort    10.103.158.222   <none>        443:32369/TCP   9m54s

访问宿主机的ip+端口

https://192.168.102.138:32369/#/login

11.登录

输入上面获得的token

K8Skubernetes-dashboard.yaml
binqian的专栏
10-27 1062
Images 对象的镜像。
k8s dashboard-v2.5.1
06-29
k8s_dashboard_v2.5.1 亲测有用。
k8s Dashboard 仪表盘
zhanlijuan
10-25 3793
一、 查看 Dashboard 部署信息 1 查看pod kubectl get po -n kube-system # -n 指命名空间 2 查看service kubectl get svc -n kube-system https协议访问,映射的端口号30042访问 https://192.168.64.191:30042/ 3 获取令牌token # 获取 Bearer Token,复制输出中 ‘token:’ 开头那一行 k -n kube-system describe secret
Kubernetes】部署 Kubernetes 仪表板(Dashboard
最新发布
mm1234556的博客
04-28 372
这是一篇关于如何部署和访问 Kubernetes 仪表板(Dashboard)的文章!
部署 K8s 图形化管理工具 Dashboard
misakivv的博客
08-17 3483
Kubernetes Dashboard是一个Web UI,用于管理Kubernetes集群中的应用程序和资源。它提供了一个可视化的界面,可以方便地查看和管理Kubernetes集群中的各种资源,如Pod、Deployment、Service、ConfigMap等。Dashboard还提供了一些高级功能,如日志查看、资源监控、命名空间管理等。
k8s安裝dashboard
小学徒
03-30 451
官方參考https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/ wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml 修改Service spec...
k8s安装之dashboard.yaml
weixin_30708329的博客
05-22 1108
这个我使用了nodeport方式导出来。 为了安装,最好在前面加个nginx作密码验证。。。 这个端口,可以通过防火墙禁掉。 # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use th...
k8s dashboard v2.7.0离线镜像包
10-12
k8s dashboard v2.7.0离线镜像包
k8s搭建dashboard所需文件recommended.yaml、rbac.yaml
01-23
在构建和部署Kubernetes (k8s) 系统时,搭建集群的管理界面是一个常见的需求,以便于更直观地管理Kubernetes资源和监控集群状态。Kubernetes Dashboard正是一款流行的开源Web界面,用于对Kubernetes集群进行日常管理...
k8s部署Dashboard
01-07
k8s部署Dashboard 下载Dashboard所需的yaml文件 wget https://www.cloudelf.cn/kubernetes/kubernetes-dashboard.yaml 修改yaml文件: 1.将service type字段设置为nodeport 2.所有的ns修改为kube-system 注意:所有...
k8s dashboard认证及分级授权
artaganan8的博客
06-18 3981
Dashboard官方地址:https://github.com/kubernetes/dashboard dashbord是作为一个pod来运行,需要serviceaccount账号来登录。 先给dashboad创建一个专用的认证信息。 先建立私钥: 1 2 3 4 5 [root@master~...
kubernetes-dashboardrecommended.yaml
01-12
kubernetes-dashboard的资源描述文件
kubernetes-dashboard.yaml
08-11
# Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ------------------- Dashboard Secret ------------------- # apiVersion: v1 kind: Secret metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard-certs namespace: kube-system type: Opaque --- # ------------------- Dashboard Service Account ------------------- # apiVersion: v1 kind: ServiceAccount metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kube-system --- # ------------------- Dashboard Role & Role Binding ------------------- # kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: kubernetes-dashboard-minimal namespace: kube-system rules: # Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret. - apiGroups: [""] resources: ["secrets"] verbs: ["create"] # Allow Dashboard to create 'kubernetes-dashboard-settings' config map. - apiGroups: [""] resources: ["configmaps"] verbs: ["create"] # Allow Dashboard to get, update and delete Dashboard exclusive secrets. - apiGroups: [""] resources: ["secrets"] resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs"] verbs: ["get", "update", "delete"] # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map. - apiGroups: [""] resources: ["configmaps"] resourceNames: ["kubernetes-dashboard-settings"] verbs: ["get", "update"] # Allow Dashboard to get metrics from heapster. - apiGroups: [""] resources: ["services"] resourceNames: ["heapster"] verbs: ["proxy"] - apiGroups: [""] resources: ["services/proxy"] resourceNames: ["heapster", "http:heapster:", "https:heapster:"] verbs: ["get"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: kubernetes-dashboard-minimal namespace: kube-system roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: kubernetes-dashboard-minimal subjects: - kind: ServiceAccount name: kubernetes-dashboard namespace: kube-system --- # ------------------- Dashboard Deployment ------------------- # kind: Deployment apiVersion: apps/v1 metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kube-system spec: replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: k8s-app: kubernetes-dashboard template: metadata: labels: k8s-app: kubernetes-dashboard spec: containers: - name: kubernetes-dashboard image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1 imagePullPolicy: IfNotPresent ports: - containerPort: 8443 protocol: TCP args: - --auto-generate-certificates # Uncomment the following line to manually specify Kubernetes API server Host # If not specified, Dashboard will attempt to auto discover the API server and connect # to it. Uncomment only if the default does not work. #- --apiserver-host=http://192.168.140.129:8080 volumeMounts: - name: kubernetes-dashboard-certs mountPath: /certs # Create on-disk volume to store exec logs - mountPath: /tmp name: tmp-volume livenessProbe: httpGet: scheme: HTTPS path: / port: 8443 initialDelaySeconds: 30 timeoutSeconds: 30 volumes: - name: kubernetes-dashboard-certs secret: secretName: kubernetes-dashboard-certs - name: tmp-volume emptyDir: {} serviceAccountName: kubernetes-dashboard # Comment the following tolerations if Dashboard must not be deployed on master tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule --- # ------------------- Dashboard Service ------------------- # kind: Service apiVersion: v1 metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kube-system spec: type: NodePort ports: - port: 443 targetPort: 8443 selector: k8s-app: kubernetes-dashboard
dashboard.yaml
04-23
k8s dashborad的yaml安装文件,有需要的可以下载哦,v2.0.0版本。给那些不能科学上网的小伙伴使用,不知道如何使用的也可以关注我的博客k8s相关的部分,里面有完整的k8s使用教程,希望对你有所帮助。
k8s kubernetes dashboard dns 配置文件 yaml
06-26
k8s kubernetes dashboard dns 配置文件 yaml
k8s中安装traefix并配置dashboard访问权限
阿文的博客
07-17 1220
k8s中安装traefix
k8s 部署kubernetes-dashboard 管理界面的权限设置
255.255.255.0
06-04 2760
#部署kubernetes-dashboard后web界面提示 #清理旧提权 kubectl delete clusterrolebinding serviceaccount-cluster-admin #创建集群用户 kubectl create clusterrolebinding serviceaccount-cluster-admin --clusterrole=cluster-admin --user=system:serviceaccount:kubernetes-dash...
K8s服务管理service、Dashboard、角色与授权
m0_73770890的博客
01-14 487
K8S服务管理、Ingress安装与配置、Dashboard安装、创建用户与角色授权
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

韩未零

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值