Kubernetes
k8s之Dashboard插件部署及使用
本文主要是介绍k8s之Dashboard插件部署及使用,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!
k8s之Dashboard插件部署及使用
目录- k8s之Dashboard插件部署及使用
- 1. Dashboard介绍
- 2. 服务器环境
- 3. 在K8S工具目录中创建dashboard工作目录
- 4. 核心文件说明
- 4.1 查看dashboard-rbac.yaml
- 4.2 查看dashboard-secret.yaml
- 4.3 查看dashboard-configmap.yaml
- 4.4 查看dashboard-controller.yaml
- 4.5 查看dashboard-service.yaml
- 4.6 查看k8s-admin.yaml
- 4.7 查看dashboard-cert.sh
- 5. 通过kubectl creste命令创建resources
- 5.1 dashboard-rbac.yaml
- 5.2 dashboard-secret.yaml
- 5.3 dashboard-configmap.yaml
- 5.4 dashboard-controller.yaml
- 5.5 dashboard-service.yaml
- 6. 为node节点准备加载dashboard镜像(node节点,以node01为例,该步骤可省略)
- 7. 访问测试(多浏览器)
- 7.1 Edge浏览器
- 7.1.1 修改dashbaord-controller.yaml
- 7.1.2 执行脚本dashboard-cret.sh
- 7.1.3 在dashboard工作目录下将生成两个证书、
- 7.1.4 重新部署dashboard-controller.yaml
- 7.1.5 查看分配节点和端口号
- 7.1.6 访问查看
- 7.2 火狐浏览器
- 7.3 360浏览器
- 7.4 令牌获取
- 7.4.1 使用k8s-admin.yaml文件进行创建令牌
- 7.4.2 获取token简要信息,名称为dashboard-admin-token-xxxxx
- 7.4.3 查看令牌序列号,截取“token:”后面的内容
- 7.4.5 使用令牌登录dashboard
- 7.1 Edge浏览器
- 8. dashboard操作
- 8.1 命名空间
- 8.2 节点
- 8.3 角色
- 8.4 工作负载
- 8.5 命令行
- 8.6 日志
- 8.7 创建容器
1. Dashboard介绍
Dashboard(仪表盘)是基于Web的Kubernetes用户界面。
可以使用仪表盘将容器化应用程序部署到Kubernetes集群,对容器化应用程序进行故障排除,并管理集群本身机器伴随资源。
可以使用仪表盘来概述集群上运行的应用程序,以及创建或修改单个Kubernetes资源(例如部署,作业,守护进程等)。
例如:可以使用部署向导扩展部署,启动滚动更新,重新启动Pod或部署新应用程序。仪表盘还提供有关集群中Kubernetes资源状态以及可能发生的任何错误的信息。
2. 服务器环境
本次部署环境为k8s多Master节点
3. 在K8S工具目录中创建dashboard工作目录
[root@master01 ~]# mkdir /opt/k8s/dashboard [root@master01 ~]# cd !$ cd /opt/k8s/dashboard [root@master01 dashboard]# rz -E #上传Dashboard.zip压缩包 rz waiting to receive. [root@master01 dashboard]# unzip Dashboard.zip #解压 Archive: Dashboard.zip inflating: dashboard-configmap.yaml inflating: dashboard-controller.yaml inflating: dashboard-rbac.yaml inflating: dashboard-secret.yaml inflating: dashboard-service.yaml inflating: k8s-admin.yaml inflating: dashboard-cert.sh [root@master01 dashboard]# ls dashboard-cert.sh dashboard-controller.yaml dashboard-secret.yaml Dashboard.zip dashboard-configmap.yaml dashboard-rbac.yaml dashboard-service.yaml k8s-admin.yaml
4. 核心文件说明
| 核心文件 | 说明 |
|---|---|
| dashboard-rbac.yaml | 用于访问控制设置,配置各种角色的访问控制权限及角色绑定(绑定角色和服务账户),内容中包含对应各种角色所配置的规则(rules) |
| dashboard-secret.yaml | 提供令牌,访问API服务器所用(个人理解为一种安全认证机制) |
| dashboard-configmap.yaml | 配置模板文件,负责设置Dashboard的文件,ConfigMap提供了将配置数据注入容器的方式,保证容器中的应用程序配置从Image内容中解耦 |
| dashboard-controller.yaml | 负责控制器即服务账户的创建,来管理pod副本 |
| dashboard-service.yaml | 负责将容器中的服务提供出去,供外部访问 |
Dashboard一共有7个文件,其中包含5个构建该界面的核心文件,一个k8s-admin.yaml文件是自己写的,用来生成待会在浏览器中登录时所用的令牌;一个dashboard-cert.sh,用来快速生成解决谷歌浏览器加密通信所需的证书文件。
核心文件官方下载资源地址:https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/dashboard
4.1 查看dashboard-rbac.yaml
[root@master01 dashboard]# cat dashboard-rbac.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
k8s-app: kubernetes-dashboard
addonmanager.kubernetes.io/mode: Reconcile
name: kubernetes-dashboard-minimal
namespace: kube-system
rules:
# Allow Dashboard to get, update and delete Dashboard exclusive secrets.
- apiGroups: [""]
resources: ["secrets"]
resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs"]
verbs: ["get", "update", "delete"]
# Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
- apiGroups: [""]
resources: ["configmaps"]
resourceNames: ["kubernetes-dashboard-settings"]
verbs: ["get", "update"]
# Allow Dashboard to get metrics from heapster.
- apiGroups: [""]
resources: ["services"]
resourceNames: ["heapster"]
verbs: ["proxy"]
- apiGroups: [""]
resources: ["services/proxy"]
resourceNames: ["heapster", "http:heapster:", "https:heapster:"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: kubernetes-dashboard-minimal
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
addonmanager.kubernetes.io/mode: Reconcile
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kubernetes-dashboard-minimal
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kube-system
#主要参数说明:
#kind: ServiceAccount 创建service用户,k8s中有两种用户,一种是ServiceAccount(给集群中的pod来访问集群用的),还有一种是具体的user(给咱们用户使用)
#metadata 创建资源对象的一些元数据
#labels 标签信息
#name 资源对象名称
#namespace 命令空间
#kind: ClusterRoleBinding 创建用于集群绑定的角色,可以帮ServiceAccount绑定到具体的角色中、组中,使它有相应的访问权限
#kind: ClusterRole k8s中有两种角色,一种是ClusterRole(针对于整个集群的命名空间都起作用),还有一种是普通的角色(只对单个命名空间起作用)
4.2 查看dashboard-secret.yaml
[root@master01 dashboard]# cat dashboard-secret.yaml
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
# Allows editing resource and makes sure it is created first.
addonmanager.kubernetes.io/mode: EnsureExists
name: kubernetes-dashboard-certs
namespace: kube-system
type: Opaque
---
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
# Allows editing resource and makes sure it is created first.
addonmanager.kubernetes.io/mode: EnsureExists
name: kubernetes-dashboard-key-holder
namespace: kube-system
type: Opaque
4.3 查看dashboard-configmap.yaml
[root@master01 dashboard]# cat dashboard-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
labels:
k8s-app: kubernetes-dashboard
# Allows editing resource and makes sure it is created first.
addonmanager.kubernetes.io/mode: EnsureExists
name: kubernetes-dashboard-settings
namespace: kube-system
4.4 查看dashboard-controller.yaml
[root@master01 dashboard]# cat dashboard-controller.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
addonmanager.kubernetes.io/mode: Reconcile
name: kubernetes-dashboard
namespace: kube-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
spec:
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
spec:
priorityClassName: system-cluster-critical
containers:
- name: kubernetes-dashboard
image: siriuszg/kubernetes-dashboard-amd64:v1.8.3
resources:
limits:
cpu: 100m
memory: 300Mi
requests:
cpu: 50m
memory: 100Mi
ports:
- containerPort: 8443
protocol: TCP
args:
# PLATFORM-SPECIFIC ARGS HERE
- --auto-generate-certificates
volumeMounts:
- name: kubernetes-dashboard-certs
mountPath: /certs
- name: tmp-volume
mountPath: /tmp
livenessProbe:
httpGet:
scheme: HTTPS
path: /
port: 8443
initialDelaySeconds: 30
timeoutSeconds: 30
volumes:
- name: kubernetes-dashboard-certs
secret:
secretName: kubernetes-dashboard-certs
- name: tmp-volume
emptyDir: {}
serviceAccountName: kubernetes-dashboard
tolerations:
- key: "CriticalAddonsOnly"
operator: "Exists"
#主要参数说明:
#kind: Deployment 是整个集群中使用最频繁的对象,咱们应用服务一般都是使用Deployment来创建
#spec.selector.matchLabels 匹配某个标签
#spec.template.spec.serviceAccountName 指定创建的serviceAccount,使用该账户来访问集群
#spec.template.spec.containers.resources 对容器使用资源限制
#spec.template.spec.containers.ports.containerPort 指定暴露的端口
#spec.template.spec.containers.livenessProbe 健康检查
#spec.template.spec.containers.livenessProbe.initialDelaySeconds 检查间隔时间设置
#spec.template.spec.containers.livenessProbe.timeoutSeconds 检查超时设置
4.5 查看dashboard-service.yaml
[root@master01 dashboard]# cat dashboard-service.yaml
apiVersion: v1
kind: Service
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
spec:
type: NodePort
selector:
k8s-app: kubernetes-dashboard
ports:
- port: 443
targetPort: 8443
nodePort: 30001
#主要参数说明:
#type: NodePort 可以通过在节点上使用nodeIP+端口访问服务
#spec.ports.port 为service在clusterIP暴露的端口
#spec.ports.targetPort 对应容器映射在pod上的端口
#spec.ports.nodePort 为nodeIP暴露的端口
4.6 查看k8s-admin.yaml
[root@master01 dashboard]# cat k8s-admin.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: dashboard-admin
namespace: kube-system
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: dashboard-admin
subjects:
- kind: ServiceAccount
name: dashboard-admin
namespace: kube-system
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io
4.7 查看dashboard-cert.sh
[root@master01 dashboard]# cat dashboard-cert.sh
#!/bin/bash
#examle: ./dashboard-cert.sh /opt/k8s/k8s-cert/
cat > dashboard-csr.json <<EOF
{
"CN": "Dashboard",
"hosts": [],
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"L": "BeiJing",
"ST": "BeiJing"
}
]
}
EOF
#定义一个变量,使用位置变量赋值,作用是指定你证书(依赖证书)的位置
K8S_CA=$1
#根据指定位置的证书进行创建和自签操作
cfssl gencert -ca=$K8S_CA/ca.pem -ca-key=$K8S_CA/ca-key.pem -config=$K8S_CA/ca-config.json -profile=kubernetes dashboard-csr.json | cfssljson -bare dashboard
#生成的文件:
#dashboard.csr:证书请求文件
#dashboard-key.pem:证书私钥
#dashboard.pem:数字签名证书
#清空命名空间中的认证
kubectl delete secret kubernetes-dashboard-certs -n kube-system
#重新创建生成到指定的目录中(当前目录)
kubectl create secret generic kubernetes-dashboard-certs --from-file=./ -n kube-system
5. 通过kubectl creste命令创建resources
5.1 dashboard-rbac.yaml
规定kubernetes-dashboard-minimal该角色的权限:例如其中具备获取更新删除等不同的权限
[root@master01 dashboard]# kubectl create -f dashboard-rbac.yaml role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created #有几个kind就会有几个结果被创建,格式为kind+apiServer/name
查看类型为Role,RoleBinding的资源对象kubernetes-dashboard-minimal是否生成
[root@master01 dashboard]# kubectl get role,rolebinding -n kube-system #-n kube-system表示查看指定命名空间中的pod,缺省值为default NAME AGE role.rbac.authorization.k8s.io/extension-apiserver-authentication-reader 3d8h role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal 2m42s role.rbac.authorization.k8s.io/system::leader-locking-kube-controller-manager 3d8h role.rbac.authorization.k8s.io/system::leader-locking-kube-scheduler 3d8h role.rbac.authorization.k8s.io/system:controller:bootstrap-signer 3d8h role.rbac.authorization.k8s.io/system:controller:cloud-provider 3d8h role.rbac.authorization.k8s.io/system:controller:token-cleaner 3d8h NAME AGE rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal 2m42s rolebinding.rbac.authorization.k8s.io/system::leader-locking-kube-controller-manager 3d8h rolebinding.rbac.authorization.k8s.io/system::leader-locking-kube-scheduler 3d8h rolebinding.rbac.authorization.k8s.io/system:controller:bootstrap-signer 3d8h rolebinding.rbac.authorization.k8s.io/system:controller:cloud-provider 3d8h rolebinding.rbac.authorization.k8s.io/system:controller:token-cleaner 3d8h
5.2 dashboard-secret.yaml
证书和密钥创建
[root@master01 dashboard]# kubectl create -f dashboard-secret.yaml secret/kubernetes-dashboard-certs created secret/kubernetes-dashboard-key-holder created
查看类型为Secret的资源对象kubernetes-bashboard-crets,kubernetes-dashboard-key-holder是否生成
[root@master01 dashboard]# kubectl get secret -n kube-system NAME TYPE DATA AGE default-token-4nhtx kubernetes.io/service-account-token 3 3d8h kubernetes-dashboard-certs Opaque 0 107s kubernetes-dashboard-key-holder Opaque 0 107s
5.3 dashboard-configmap.yaml
配置文件,对于集群dashboard设置的创建
[root@master01 dashboard]# kubectl create -f dashboard-configmap.yaml configmap/kubernetes-dashboard-settings created
查看类型为ConfigMap的资源对象kubernetes-dashboard-settings是否生成
[root@master01 dashboard]# kubectl get configmap -n kube-system NAME DATA AGE extension-apiserver-authentication 1 3d8h kubernetes-dashboard-settings 0 73s
5.4 dashboard-controller.yaml
创建容器需要的控制器以及服务账户
[root@master01 dashboard]# kubectl create -f dashboard-controller.yaml serviceaccount/kubernetes-dashboard created deployment.apps/kubernetes-dashboard created
查看类型为ServiceAccount,Deployment的资源对象kubernetes-dashboard-setting是否生成
[root@master01 dashboard]# kubectl get serviceaccount,deployment -n kube-system NAME SECRETS AGE serviceaccount/default 1 3d8h serviceaccount/kubernetes-dashboard 1 2m39s NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE deployment.extensions/kubernetes-dashboard 1 1 1 1 2m39s
5.5 dashboard-service.yaml
将服务发布出去
[root@master01 dashboard]# kubectl create -f dashboard-service.yaml service/kubernetes-dashboard created
查看创建在指定的kube-system命名空间下的pod和service状态信息
[root@master01 dashboard]# kubectl get pods,svc -n kube-system -o wide #svc为service的缩写,可用 NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE pod/kubernetes-dashboard-65f974f565-nk4r8 1/1 Running 0 5m7s 172.17.97.3 192.168.122.12 <none> NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR service/kubernetes-dashboard NodePort 10.0.0.98 <none> 443:30001/TCP 3m37s k8s-app=kubernetes-dashboard
6. 为node节点准备加载dashboard镜像(node节点,以node01为例,该步骤可省略)
为提高速度,我这里已将siriuszg/kubernetes-dashboard-amd64:v1.8.3镜像压缩成tar包,在node节点释放该镜像。
该步骤也可省略,node节点会通过kubernetes公有仓库去自动拉取该镜像。
[root@node01 ~]# cd /opt [root@node01 opt]# rz -E #上传镜像包 rz waiting to receive. [root@node01 opt]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest 87a94228f133 2 weeks ago 133MB centos 7 eeb6ee3f44bd 6 weeks ago 204MB nginx 1.14 295c7be07902 2 years ago 109MB registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64 3.0 99e59f495ffa 5 years ago 747kB [root@node01 opt]# docker load -i dashboard.tar #载入该镜像 23ddb8cbb75a: Loading layer [==================================================>] 102.8MB/102.8MB Loaded image: siriuszg/kubernetes-dashboard-amd64:v1.8.3 [root@node01 opt]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE nginx latest 87a94228f133 2 weeks ago 133MB centos 7 eeb6ee3f44bd 6 weeks ago 204MB nginx 1.14 295c7be07902 2 years ago 109MB siriuszg/kubernetes-dashboard-amd64 v1.8.3 784cf2722f44 3 years ago 102MB registry.cn-hangzhou.aliyuncs.com/google-containers/pause-amd64 3.0 99e59f495ffa 5 years ago 747kB
7. 访问测试(多浏览器)
不同浏览器的安全访问策略和防护级别是不同的,由于我们没有给dashboard做证书,因此使用不同的浏览器可能会出现不同的效果,本次使用我们最常用的Edge/Chrome、火狐以及360浏览器进行测试。
由于dashboard-service.yaml定义的nodePort: 30001,因此我们的测试地址应该是pod所属node的30001端口。
7.1 Edge浏览器
无法访问,由于Edge使用的是Chrome内核,因此Google的Chrome也是相同效果,可通过以下步骤查看问题。
chrome浏览器在Security项下查看
发现问题是缺少证书,那么我们为其制作证书即可。
7.1.1 修改dashbaord-controller.yaml
[root@master01 dashboard]# cd /opt/k8s/dashboard/
[root@master01 dashboard]# vim dashboard-controller.yaml
......
args:
# PLATFORM-SPECIFIC ARGS HERE
##在文件的第47行下面添加以下两行,指定加密(tls)的私钥和证书文件
- --auto-generate-certificates
- --tls-key-file=dashboard-key.pem
- --tls-cert-file=dashboard.pem
7.1.2 执行脚本dashboard-cret.sh
[root@master01 dashboard]# cd /opt/k8s/dashboard/
[root@master01 dashboard]# chmod +x dashboard-cert.sh
[root@master01 dashboard]# ./dashboard-cert.sh /opt/k8s/k8s-cert/
2021/11/01 02:35:39 [INFO] generate received request
2021/11/01 02:35:39 [INFO] received CSR
2021/11/01 02:35:39 [INFO] generating key: rsa-2048
2021/11/01 02:35:39 [INFO] encoded CSR
2021/11/01 02:35:39 [INFO] signed certificate with serial number 233541316653231246492121295508109281063386014227
2021/11/01 02:35:39 [WARNING] This certificate lacks a "hosts" field. This makes it unsuitable for
websites. For more information see the Baseline Requirements for the Issuance and Management
of Publicly-Trusted Certificates, v.1.1.6, from the CA/Browser Forum (https://cabforum.org);
specifically, section 10.2.3 ("Information Requirements").
secret "kubernetes-dashboard-certs" deleted
secret/kubernetes-dashboard-certs created
7.1.3 在dashboard工作目录下将生成两个证书、
[root@master01 dashboard]# ls *.pem dashboard-key.pem dashboard.pem
7.1.4 重新部署dashboard-controller.yaml
注意:当apply不生效时,先使用delete清除资源,再apply创建资源
[root@master01 dashboard]# kubectl apply -f dashboard-controller.yaml Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply serviceaccount/kubernetes-dashboard configured Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply deployment.apps/kubernetes-dashboard configured
7.1.5 查看分配节点和端口号
由于可能会更换所分配的节点,所以要再次查看一下分配的节点服务器地址和端口号
[root@master01 dashboard]# kubectl get pods,svc -n kube-system -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE pod/kubernetes-dashboard-7dffbccd68-d8nzh 1/1 Running 0 2m39s 172.17.54.4 node01 <none> NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR service/kubernetes-dashboard NodePort 10.0.0.98 <none> 443:30001/TCP 149m k8s-app=kubernetes-dashboard
查看发现node节点更换为node1,也就是192.168.122.11。
端口号仍是30001。
7.1.6 访问查看
到此页面,说明可以访问,保持该页面,测试下一个浏览器。
7.2 火狐浏览器
进入该页面,说明可以访问,保持该页面,测试下一个浏览器。
7.3 360浏览器
360浏览器虽然显示证书风险,但未出现任何阻止浏览或风险提示窗口,直接可进入登录页面。
7.4 令牌获取
7.4.1 使用k8s-admin.yaml文件进行创建令牌
[root@master01 dashboard]# kubectl create -f k8s-admin.yaml serviceaccount/dashboard-admin created clusterrolebinding.rbac.authorization.k8s.io/dashboard-admin created
7.4.2 获取token简要信息,名称为dashboard-admin-token-xxxxx
[root@master01 dashboard]# kubectl get secrets -n kube-system NAME TYPE DATA AGE dashboard-admin-token-n5dcl kubernetes.io/service-account-token 3 86s default-token-4nhtx kubernetes.io/service-account-token 3 3d11h kubernetes-dashboard-certs Opaque 11 19m kubernetes-dashboard-key-holder Opaque 2 170m kubernetes-dashboard-token-kkpxs kubernetes.io/service-account-token 3 165m
7.4.3 查看令牌序列号,截取“token:”后面的内容
[root@master01 dashboard]# kubectl describe secrets dashboard-admin-token-n5dcl -n kube-system
Name: dashboard-admin-token-n5dcl
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: dashboard-admin
kubernetes.io/service-account.uid: e3600e3f-3a7b-11ec-adb1-000c2959bebe
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1359 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tbjVkY2wiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiZTM2MDBlM2YtM2E3Yi0xMWVjLWFkYjEtMDAwYzI5NTliZWJlIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.kCkjHd8bfgecC_sNrsauvkBy7O09dQY7KAbz-2pNnDwEdKNkAR4y7cwC8zCNLsul7uuHVZs5hCp6iGti1EeUUEMoy8cEBlC4WDOxSQdJQzi9RTCSkCHrReql2nGfGpFHx15JkcyB2CY8BBBRaUvIbe6phX5sOmUlJWf5K4FI0sQHYpefH0vYSr8CWWCeccajlDZPEqgLkUpAUMHT2fjhJNfWgbTZDBMEye6nnyQjS92s8qECF1jBgRbIfTZKWHqPRpKmbz9oFKnKlcH2BBgDonpE3cDSfmSTH6SgYDHKQuGAwV_vjIIP_GMxdXmM_ymGZAdcdw9kd0EBCSdOQH8yIw
7.4.5 使用令牌登录dashboard
将令牌序列号复制填入到浏览器页面中,点击登录
登录成功
8. dashboard操作
8.1 命名空间
8.2 节点
8.3 角色
8.4 工作负载
8.5 命令行
[root@node01 opt]# curl 172.17.54.3 this is nginx_dashboard_test web
8.6 日志
8.7 创建容器
设定完成后,点击部署
完成部署,通过master节点查看
[root@master01 dashboard]# kubectl get pod NAME READY STATUS RESTARTS AGE nginx-7d498867b6-5mv26 1/1 Running 0 5m15s nginx-7d498867b6-spkgq 1/1 Running 0 5m15s nginx-7d498867b6-w9dvq 1/1 Running 0 5m15s nginx-test-7dc4f9dcc9-bklg4 1/1 Running 0 6h18m [root@master01 dashboard]# kubectl get pod -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE nginx-7d498867b6-5mv26 1/1 Running 0 5m20s 172.17.54.5 node01 <none> nginx-7d498867b6-spkgq 1/1 Running 0 5m20s 172.17.97.4 192.168.122.12 <none> nginx-7d498867b6-w9dvq 1/1 Running 0 5m20s 172.17.97.3 192.168.122.12 <none> nginx-test-7dc4f9dcc9-bklg4 1/1 Running 0 6h18m 172.17.54.3 node01 <none>
这篇关于k8s之Dashboard插件部署及使用的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!
您可能喜欢
-
K8s 容器的定向调度与亲和性10-30
-
云原生周刊:K8s未来三大发展方向 丨2024.10.2810-28
-
亚马逊弹性Kubernetes服务(EKS)实战:轻松搭建Kubernetes平台10-25
-
KubeSphere 最佳实战:Kubernetes 部署集群模式 Nacos 实战指南10-22
-
K8sGPT+Ollama:一个免费的Kubernetes自动诊断工具10-10
-
Kubernetes:容器技术和所谓的“丢失”的SIGTERM信号(终止信号)10-10
-
在 Azure Kubernetes 上运行 Ollama10-08
-
10 个你不知道自己需要的 Kubernetes 工具09-26
-
MicroK8s 概览 — 使用一条命令部署自己的 Kubernetes 集群09-25
-
云原生周刊:Kubernetes v1.31 发布08-19
-
探索 Kubernetes 持久化存储之 Rook Ceph 初窥门径08-13
-
探索 Kubernetes 持久化存储之 Longhorn 初窥门径07-25
-
云原生周刊:Kubernetes v1.31 中的移除和主要变更|2024.7.2207-23
-
Kubernetes 持久化存储之 NFS 终极实战指南07-22
-
云原生周刊:Argo Rollouts 支持 Kubernetes Gateway API 1.0 | 2024.7.107-15
栏目导航
