本文收录在容器技术学习系列文章总目录

一、介绍

  Kubernetes Dashboard是Kubernetes集群的基于Web的通用UI。它允许用户管理在群集中运行的应用程序并对其进行故障排除,以及管理群集本身

二、搭建dashboard

1、编写yaml文件

借鉴GitHub,修改了image的下载地址和pod的一些配置

[root@master ~]# vim dashboard.yaml

# Filename: dashboard.yaml
# Revision: 1.0
# Date: 2018/10/18
# Author: along
# Description: Build kubernetes dashboard # ------------------- Dashboard Secret ------------------- # apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-certs
namespace: kube-system
type: Opaque ---
# ------------------- Dashboard Service Account ------------------- # apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system ---
# ------------------- Dashboard Role & Role Binding ------------------- # kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kubernetes-dashboard-minimal
namespace: kube-system
rules:
# Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret.
- apiGroups: [""]
resources: ["secrets"]
verbs: ["create"]
# Allow Dashboard to create 'kubernetes-dashboard-settings' config map.
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["create"]
# Allow Dashboard to get, update and delete Dashboard exclusive secrets.
- apiGroups: [""]
resources: ["secrets"]
resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs"]
verbs: ["get", "update", "delete"]
# Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
- apiGroups: [""]
resources: ["configmaps"]
resourceNames: ["kubernetes-dashboard-settings"]
verbs: ["get", "update"]
# Allow Dashboard to get metrics from heapster.
- apiGroups: [""]
resources: ["services"]
resourceNames: ["heapster"]
verbs: ["proxy"]
- apiGroups: [""]
resources: ["services/proxy"]
resourceNames: ["heapster", "http:heapster:", "https:heapster:"]
verbs: ["get"] ---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: kubernetes-dashboard-minimal
namespace: kube-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kubernetes-dashboard-minimal
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kube-system ---
# ------------------- Dashboard Deployment ------------------- # kind: Deployment
apiVersion: apps/v1beta2
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
spec:
containers:
- name: kubernetes-dashboard
image: mirrorgooglecontainers/kubernetes-dashboard-amd64:v1.10.0
ports:
- containerPort: 8443
protocol: TCP
args:
- --auto-generate-certificates
# Uncomment the following line to manually specify Kubernetes API server Host
# If not specified, Dashboard will attempt to auto discover the API server and connect
# to it. Uncomment only if the default does not work.
# - --apiserver-host=http://my-address:port
volumeMounts:
- name: kubernetes-dashboard-certs
mountPath: /certs
# Create on-disk volume to store exec logs
- mountPath: /tmp
name: tmp-volume
livenessProbe:
httpGet:
scheme: HTTPS
path: /
port: 8443
initialDelaySeconds: 30
timeoutSeconds: 30
volumes:
- name: kubernetes-dashboard-certs
secret:
secretName: kubernetes-dashboard-certs
- name: tmp-volume
emptyDir: {}
serviceAccountName: kubernetes-dashboard
# Comment the following tolerations if Dashboard must not be deployed on master
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule ---
# ------------------- Dashboard Service ------------------- # kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
type: NodePort
ports:
- port: 443
targetPort: 8443
nodePort: 30000
selector:
k8s-app: kubernetes-dashboard

2、apply yaml文件,搭建dashboard

[root@master ~]# kubectl apply -f dashboard.yaml

secret/kubernetes-dashboard-certs created

serviceaccount/kubernetes-dashboard created

role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created

rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created

deployment.apps/kubernetes-dashboard created

service/kubernetes-dashboard created

3、查看验证

(1)pod已经创建成功

[root@master ~]# kubectl get pods -n kube-system |grep dashboard

kubernetes-dashboard-68bf55748d-4zzph   1/1       Running   0          2m

(2)service也已经创建成功,并且有映射端口,此时已经可以登录了,但是无法登录,因为没有认证

[root@master ~]# kubectl get svc -n kube-system

NAME                   TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)         AGE

kubernetes-dashboard   NodePort    10.97.55.246   <none>        443:30000/TCP   2m

三、dashboard与kubernetes集群的认证,方案一:令牌认证

(1)有两种认证方法:

  口令

  kubeconfig

(2)并且在认证的时候,还可以管理限制dashboard用户的权限;为了让大家进一步理解:

  在方案一:口令认证时,dashboard用户的权限设为对所有名称空间都有admin的权限;

  在方案二:kubeconfig认证时,dashboard用户的权限设为只对default名称空间有admin权限;

1、授权,对所有名称空间都有admin的权限

(1)创建serviceaccount

[root@master ~]# kubectl create serviceaccount dashboard-serviceaccount -n kube-system

serviceaccount/dashboard-serviceaccount created

(2)创建clusterrolebinding

  使用clusterrolebinding绑定cluster-admin的clusterrole和dashboard-serviceaccount的serviceaccount,这样dashboard-serviceaccount的serviceaccount就在所有名称空间有了kubernetes的admin权限

[root@master ~]# kubectl create clusterrolebinding dashboard-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-serviceaccount

clusterrolebinding.rbac.authorization.k8s.io/dashboard-cluster-admin created

2、获取令牌

(1)在secret中查找dashboard-serviceaccount

[root@master ~]# kubectl get secret -n kube-system |grep dashboard-serviceaccount-token

dashboard-serviceaccount-token-nz7xd             kubernetes.io/service-account-token   3         4m

(2)查看dashboard-serviceaccount中的口令

[root@master ~]# kubectl describe secret dashboard-serviceaccount-token-nz7xd -n kube-system

Name:         dashboard-serviceaccount-token-nz7xd
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name=dashboard-serviceaccount
kubernetes.io/service-account.uid=2af6061f-d1f0-11e8-- Type: kubernetes.io/service-account-token Data
====
ca.crt: bytes
namespace: bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtc2VydmljZWFjY291bnQtdG9rZW4tbno3eGQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLXNlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiMmFmNjA2MWYtZDFmMC0xMWU4LTgwNTktMDA1MDU2Mjc3MjQzIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1zZXJ2aWNlYWNjb3VudCJ9.BAJVarqum57S_KepqOgcS1IimNEmDilhu4tIiWQKxaz0o5TKyXBZ5YqN3ZS5tJNQbLvDS6LuRRXdvH-MeKQnUpg08OhYDg1u9XE3Oygr7YF5Ad7yBw4czpPPN6iIJZ5qQJ8laOfPRb8qYVbR0R4MONin08lhzrkLBkRLwhAVJ_6zXXB9vaJLU9asTyA4YmDAZZi06zkYeeO8Rhqr2-Yeu4Ya7miLYVRv_ioqDlkqGEf6ILUriPjeJHohIEbgdslRXTnxgwkt2Uwsv3QRFKF2CisSBSW7P-9muuCrzSb2xQVop7WbAUyROdUuqQFmSON2UC0643e_iEW5DBaAAGQxbw

3、网页通过令牌登录

(1)使用https协议打开https://192.168.130.103:30000(任意节点的IP都可以)

输入dashboard-serviceaccount的口令

(2)打开成功,并且对所有名称空间都有admin权限

四、dashboard与kubernetes集群的认证,方案二:configing认证

1、授权,只对default名称空间有admin的权限

(1)创建serviceaccount

[root@master ~]# kubectl create serviceaccount def-ns-dashboard-sa -n default

serviceaccount/def-ns-dashboard-sa created

(2)创建rolebinding

使用rolebinding绑定cluster-admin的clusterrole和def-ns-dashboard的serviceaccount,这样def-ns-dashboard的serviceaccount就只有default这一个名称空间的admin权限

[root@master ~]# kubectl create rolebinding def-ns-dashboard-rb --clusterrole=cluster-admin --serviceaccount=default:def-ns-dashboard-sa

rolebinding.rbac.authorization.k8s.io/def-ns-dashboard-rb created

2、获取令牌

(1)在secret中查找def-ns-dashboard-sa

[root@master ~]# kubectl get secret

NAME                              TYPE                                  DATA      AGE

def-ns-dashboard-sa-token-b8plm   kubernetes.io/service-account-token   3         1m

(2)查看def-ns-dashboard-sa中的口令

[root@master ~]# kubectl describe secret def-ns-dashboard-sa-token-b8plm

Name:         def-ns-dashboard-sa-token-b8plm
Namespace: default
Labels: <none>
Annotations: kubernetes.io/service-account.name=def-ns-dashboard-sa
kubernetes.io/service-account.uid=8b040303-d287-11e8-be88- Type: kubernetes.io/service-account-token Data
====
ca.crt: bytes
namespace: bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImRlZi1ucy1kYXNoYm9hcmQtc2EtdG9rZW4tYjhwbG0iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVmLW5zLWRhc2hib2FyZC1zYSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjhiMDQwMzAzLWQyODctMTFlOC1iZTg4LTAwNTA1NjI3NzI0MyIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0OmRlZi1ucy1kYXNoYm9hcmQtc2EifQ.VqAgyqN8_F4mjawWtZ5TzvFioKA50u4MUL_4ypBxWrr-XU8TciM8EX1OcGm9vAjUW_m5QZangS7VW3rVYPcqKMqaYKE8vN-l9wTC5CzTnxPHMghTx8sTTkPWnqHt7C7v8cVRNfeRAWygWMp1B8Chx5pAK2l9t095uZy_w59qFQdoAKeAcxiH5K6kz9sx8VwEXVr9nRH8bFqvtr3yXCdYo2e2qSQXOpNddlyrEOYXrIUlamNyImgcbfkNLV0Qkt5sdfSLSJdaB2opLWD8pST88m73r6KG2c_aMmyZ7mTCUeNd1BwCOnLSto4V2xPXCtHA6ELvB5afh9irpCj4e5VgPw

3、定义一个kubeconfig认证文件

(1)在一个新的kubeconfig文件下,创建一个集群dashboard

[root@master ~]# kubectl config set-cluster dashboard --certificate-authority=/etc/kubernetes/pki/ca.crt --server="https://192.168.130.103:6443" --embed-certs=true --kubeconfig=/root/def-ns-dashboard.conf

Cluster "dashboard" set.

/root/def-ns-dashboard.conf 文件已经生成

[root@master ~]# ll /root/def-ns-dashboard.conf

-rw------- 1 root root 1568 Oct 18 13:36 /root/def-ns-dashboard.conf

(2)使用def-ns-dashboard-sa的serviceaccount,创建一个用户def-ns-dashboard-user

[root@master ~]# kubectl config set-credentials def-ns-dashboard-user --kubeconfig=/root/def-ns-dashboard.conf --token=eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImRlZi1ucy1kYXNoYm9hcmQtc2EtdG9rZW4tYjhwbG0iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVmLW5zLWRhc2hib2FyZC1zYSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjhiMDQwMzAzLWQyODctMTFlOC1iZTg4LTAwNTA1NjI3NzI0MyIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0OmRlZi1ucy1kYXNoYm9hcmQtc2EifQ.VqAgyqN8_F4mjawWtZ5TzvFioKA50u4MUL_4ypBxWrr-XU8TciM8EX1OcGm9vAjUW_m5QZangS7VW3rVYPcqKMqaYKE8vN-l9wTC5CzTnxPHMghTx8sTTkPWnqHt7C7v8cVRNfeRAWygWMp1B8Chx5pAK2l9t095uZy_w59qFQdoAKeAcxiH5K6kz9sx8VwEXVr9nRH8bFqvtr3yXCdYo2e2qSQXOpNddlyrEOYXrIUlamNyImgcbfkNLV0Qkt5sdfSLSJdaB2opLWD8pST88m73r6KG2c_aMmyZ7mTCUeNd1BwCOnLSto4V2xPXCtHA6ELvB5afh9irpCj4e5VgPw

User "def-ns-dashboard-user" set.

(3)在这个kubeconfig文件下,创建一个上下文关系def-ns-dashboard-user@dashboard

[root@master ~]# kubectl config set-context def-ns-dashboard-user@dashboard --cluster=dashboard --user=def-ns-dashboard-user --kubeconfig=/root/def-ns-dashboard.conf

Context "def-ns-dashboard-user@dashboard" created.

(4)在这个kubeconfig文件下,使用def-ns-dashboard-user@dashboard这个上下文关系

[root@master ~]# kubectl config use-context def-ns-dashboard-user@dashboard --kubeconfig=/root/def-ns-dashboard.conf

Switched to context "def-ns-dashboard-user@dashboard".

(5)通过view查看验证

[root@master ~]# kubectl config view --kubeconfig=/root/def-ns-dashboard.conf

apiVersion: v1

clusters:

- cluster:

    certificate-authority-data: REDACTED

    server: https://192.168.130.103:6443

  name: dashboard

contexts:

- context:

    cluster: dashboard

    user: def-ns-dashboard-user

  name: def-ns-dashboard-user@dashboard

current-context: def-ns-dashboard-user@dashboard

kind: Config

preferences: {}

users:

- name: def-ns-dashboard-user

  user:

    token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImRlZi1ucy1kYXNoYm9hcmQtc2EtdG9rZW4tYjhwbG0iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVmLW5zLWRhc2hib2FyZC1zYSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjhiMDQwMzAzLWQyODctMTFlOC1iZTg4LTAwNTA1NjI3NzI0MyIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0OmRlZi1ucy1kYXNoYm9hcmQtc2EifQ.VqAgyqN8_F4mjawWtZ5TzvFioKA50u4MUL_4ypBxWrr-XU8TciM8EX1OcGm9vAjUW_m5QZangS7VW3rVYPcqKMqaYKE8vN-l9wTC5CzTnxPHMghTx8sTTkPWnqHt7C7v8cVRNfeRAWygWMp1B8Chx5pAK2l9t095uZy_w59qFQdoAKeAcxiH5K6kz9sx8VwEXVr9nRH8bFqvtr3yXCdYo2e2qSQXOpNddlyrEOYXrIUlamNyImgcbfkNLV0Qkt5sdfSLSJdaB2opLWD8pST88m73r6KG2c_aMmyZ7mTCUeNd1BwCOnLSto4V2xPXCtHA6ELvB5afh9irpCj4e5VgPw

4、网页通过kubeconfig登录

(1)将/root/def-ns-dashboard.conf 文件上传到windows机器上,把/root/def-ns-dashboard.conf这个kubeconfig文件导入到登录时的页面,就可以成功登录

(2)登录成功,但是只有default这个名称空间的admin权限

至此,我们已经成功搭建了dashboard;并且完成了对K8S集群的认证;

我们可以通过dashboard创建和管理Pod、service、存储卷... ... 这里就不再演示了。

kubernetes学习14—Dashboard搭建和认证的更多相关文章

  1. Kubernetes 学习17 dashboard认证及分级授权

    一.概述 1.我们前面介绍了kubernetes的两个东西,认证和授权 2.在kubernetes中我们对API server的一次访问大概会包含哪些信息?简单来讲它是restfule风格接口,也就是 ...

  2. Kubernetes 学习14 kubernetes statefulset

    一.概述 1.在应用程序中我们有两类,一种是有状态一种是无状态.此前一直演示的是deployment管理的应用,比如nginx或者我们自己定义的myapp它们都属于无状态应用. 2.而对于有状态应用, ...

  3. kubernetes实践之二:Kubernetes可视WEB UI Dashboard搭建

    Kubernetes可视WEBUI Dashboard搭建 支持浏览器:火狐 一.Dashboard下载地址 git clone https://github.com/kubernetes/kuber ...

  4. 【Kubernetes学习笔记】-kubeadm 手动搭建kubernetes 集群

    目录 K8S 组件构成 环境准备 (以ubuntu系统为例) 1. kubernetes集群机器 2. 安装 docker. kubeadm.kubelet.kubectl 2.1 在每台机器上安装 ...

  5. Kubernetes学习笔记_尚硅谷

    https://www.bilibili.com/video/BV1w4411y7Go?p=1 一.K8s介绍 k8s是一个编排容器的工具,其实也是管理应用的全生命周期的一个工具,从创建应用,应用的部 ...

  6. Kubernetes学习之路目录

    Kubernetes基础篇 环境说明 版本说明 系统环境 Centos 7.2 Kubernetes版本 v1.11.2 Docker版本 v18.09 Kubernetes学习之路(一)之概念和架构 ...

  7. kubernetes学习资源

    参考文章: 1.kubernetes学习资源 1. <Kubernetes与云原生应用>系列之Kubernetes的系统架构与设计理念 2.[docker专业介绍的网站dockerinfo ...

  8. 二进制方式安装Kubernetes 1.14.2高可用详细步骤

    00.组件版本和配置策略 组件版本 Kubernetes 1.14.2 Docker 18.09.6-ce Etcd 3.3.13 Flanneld 0.11.0 插件: Coredns Dashbo ...

  9. Kubernetes 学习笔记(一):基础概念

    个人笔记,仅本人查阅使用,不保证正确. 零.微服务 微服务架构专注于应用解耦合,通过将应用彻底地组件化和服务化,每个微服务只包含一个非常小的功能,比如权限管理.日志收集等等.由这一组微服务组合起来,提 ...

随机推荐

  1. Java当中的线程

    1.进程和线程 进程和线程之间是什么关系 多进程:在操作系统中能(同时)运行多个任务(程序) 多线程:在同一应用程序中有多个顺序流(同时)执行 线程的执行过程 2.定义线程的方法 方法1: 定义一个线 ...

  2. Java_循环

    遍历数组: 一个栗子: public class Test01 { public static void main(String[] args) { int[] aa = {19,92,12,03,4 ...

  3. BOM与DOM操作

    BOM: OM-JavaScript是运行在浏览器中的,所以提供了一系列对象用于和浏览器窗口进行交互,这些对象主要包括window.document.location.navigator和screen ...

  4. python—迭代器、生成器

    1.迭代器(iteration) 迭代器协议:提供next()方法,该方法要么返回迭代的下一项,要么异常.(只能往后走) 可迭代对象:实现迭代器协议的对象. **字符串.列表.元祖.字典.集合.文件都 ...

  5. 深入理解JVM(四)——垃圾回收算法

    我们都知道java语言与C语言最大的区别就是内存自动回收,那么JVM是怎么控制内存回收的,这篇文章将介绍JVM垃圾回收的几种算法,从而了解内存回收的基本原理. stop the world 在介绍垃圾 ...

  6. 算法与数据结构(十一) 平衡二叉树(AVL树)(Swift版)

    今天的博客是在上一篇博客的基础上进行的延伸.上一篇博客我们主要聊了二叉排序树,详情请戳<二叉排序树的查找.插入与删除>.本篇博客我们就在二叉排序树的基础上来聊聊平衡二叉树,也叫AVL树,A ...

  7. HTTP/2 资料汇总

    随着今年 5 月 14 日 HTTP/2 协议正式版的发布,越来越多的网站开始部署 HTTP/2 了.我对 HTTP 协议一直都比较有兴趣,本文汇总一些关于 HTTP/2 的资料以及我写过的文章,会持 ...

  8. PHP_DOC php文档结构及注解浏览

    项目中的PHP文件比较多,为了方便查看,使用PHP写了个小工具,可查看PHP文件的所有类.函数 和特定注释. 显示PHP文件的 Class 和 Function 显示 /// 开头的注解 显示 /// ...

  9. C 基于数组存储的堆栈实现

    一.堆栈简介 对于需要管理的队列,主要操作是在序列的末尾插入和取出(删除)元素,有这样操作要求的序列我们称之为堆栈(Stack). 堆栈可以认为是具有一定约束的线性表,插入和删除都作用在一个称为栈顶( ...

  10. [Swift]LeetCode277. 寻找名人 $ Find the Celebrity

    Suppose you are at a party with n people (labeled from 0 to n - 1) and among them, there may exist o ...