6.kubernetes的GUI资源管理插件-dashboard
目录
1.准备dashboard镜像
2.创建资源配置清单
3.应用资源配置清单
4.查看创建的资源
5.解析域名
6.浏览器访问
7.令牌命令行获取方式
准备dashboard镜像
- [root@hdss7-200 k8s-yaml]# docker pull k8scn/kubernetes-dashboard-amd64:v1.8.3
- [root@hdss7-200 k8s-yaml]# docker images|grep dashboard
- [root@hdss7-200 k8s-yaml]# docker tag fcac9aa03fd6 harbor.fx.com/public/dashboard:v1.8.3
- [root@hdss7-200 k8s-yaml]# docker push harbor.fx.com/public/dashboard:v1.8.3
创建资源配置清单
- [root@hdss7-200 k8s-yaml]# mkdir -p /data/k8s-yaml/dashboard && cd /data/k8s-yaml/dashboard
rabc.yaml
- [root@hdss7-200 dashboard]# vim rbac.yaml
- apiVersion: v1
- kind: ServiceAccount
- metadata:
- labels:
- k8s-app: kubernetes-dashboard
- addonmanager.kubernetes.io/mode: Reconcile
- name: kubernetes-dashboard-admin
- namespace: kube-system
- ---
- apiVersion: rbac.authorization.k8s.io/v1
- kind: ClusterRoleBinding
- metadata:
- name: kubernetes-dashboard-admin
- namespace: kube-system
- labels:
- k8s-app: kubernetes-dashboard
- addonmanager.kubernetes.io/mode: Reconcile
- roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: cluster-admin
- subjects:
- - kind: ServiceAccount
- name: kubernetes-dashboard-admin
- namespace: kube-system
dp.yaml
- [root@hdss7-200 dashboard]# vi dp.yaml
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- name: kubernetes-dashboard
- namespace: kube-system
- labels:
- k8s-app: kubernetes-dashboard
- kubernetes.io/cluster-service: "true"
- addonmanager.kubernetes.io/mode: Reconcile
- spec:
- selector:
- matchLabels:
- k8s-app: kubernetes-dashboard
- template:
- metadata:
- labels:
- k8s-app: kubernetes-dashboard
- annotations:
- scheduler.alpha.kubernetes.io/critical-pod: ''
- spec:
- priorityClassName: system-cluster-critical
- containers:
- - name: kubernetes-dashboard
- image: harbor.fx.com/public/dashboard:v1.8.3
- resources:
- limits:
- cpu: 100m
- memory: 300Mi
- requests:
- cpu: 50m
- memory: 100Mi
- ports:
- - containerPort: 8443
- protocol: TCP
- args:
- # PLATFORM-SPECIFIC ARGS HERE
- - --auto-generate-certificates
- volumeMounts:
- - name: tmp-volume
- mountPath: /tmp
- livenessProbe:
- httpGet:
- scheme: HTTPS
- path: /
- port: 8443
- initialDelaySeconds: 30
- timeoutSeconds: 30
- volumes:
- - name: tmp-volume
- emptyDir: {}
- serviceAccountName: kubernetes-dashboard-admin
- tolerations:
- - key: "CriticalAddonsOnly"
- operator: "Exists"
svc.yaml
- [root@hdss7-200 dashboard]# vim svc.yaml
- apiVersion: v1
- kind: Service
- metadata:
- name: kubernetes-dashboard
- namespace: kube-system
- labels:
- k8s-app: kubernetes-dashboard
- kubernetes.io/cluster-service: "true"
- addonmanager.kubernetes.io/mode: Reconcile
- spec:
- selector:
- k8s-app: kubernetes-dashboard
- ports:
- - port: 443
- targetPort: 8443
ingress.yaml
- [root@hdss7-200 dashboard]# vim ingress.yaml
- apiVersion: extensions/v1beta1
- kind: Ingress
- metadata:
- name: kubernetes-dashboard
- namespace: kube-system
- annotations:
- kubernetes.io/ingress.class: traefik
- spec:
- rules:
- - host: dashboard.fx.com
- http:
- paths:
- - backend:
- serviceName: kubernetes-dashboard
- servicePort: 443
应用资源配置清单
- [root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.fx.com/dashboard/rbac.yaml
- [root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.fx.com/dashboard/dp.yaml
- [root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.fx.com/dashboard/svc.yaml
- [root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.fx.com/dashboard/ingress.yaml
查看创建的资源
- [root@hdss7-21 ~]# kubectl get pods -n kube-system
- [root@hdss7-21 ~]# kubectl get svc -n kube-system
- [root@hdss7-21 ~]# kubectl get ingress -n kube-system
解析域名
- [root@hdss7-11 ~]# vim /var/named/fx.com.zone
- $ORIGIN fx.com.
- $TTL 600 ; 10 minutes
- @ IN SOA dns.fx.com. dnsadmin.fx.com. (
- 2020061010 ; serial
- 10800 ; refresh (3 hours)
- 900 ; retry (15 minutes)
- 604800 ; expire (1 week)
- 86400 ; minimum (1 day)
- )
- NS dns.fx.com.
- $TTL 60 ; 1 minute
- dns A 10.4.7.11
- harbor A 10.4.7.200
- k8s-yaml A 10.4.7.200
- traefik A 10.4.7.10
- dashboard A 10.4.7.10
- [root@hdss7-11 ~]# systemctl restart named
浏览器访问
- http://dashboard.fx.com/
创建dashboard证书
- [root@hdss7- certs]# (umask ; openssl genrsa -out dashboard.fx.com.key )
- [root@hdss7- certs]# openssl req -new -key dashboard.fx.com.key -out dashboard.fx.com.csr -subj "/CN=dashboard.fx.com/C=CN/ST=BJ/L=Beijing/O=fangxing/OU=ops"
- [root@hdss7- certs]# openssl x509 -req -in dashboard.fx.com.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out dashboard.fx.com.crt -days
拷贝证书
在HDSS7-11.host.com上
- [root@hdss7- conf.d]# mkdir -p /etc/nginx/certs && cd /etc/nginx/certs
- [root@hdss7- certs]# scp hdss7-:/opt/certs/dashboard.fx.com.crt .
- [root@hdss7- certs]# scp hdss7-:/opt/certs/dashboard.fx.com.key .
注:HDSS7-12.host.com也需要copy证书
配置nginx证书
在HDSS7-11.host.com上
- [root@hdss7- conf.d]# vim dashboard.fx.com.conf
- server {
- listen ;
- server_name dashboard.fx.com;
- rewrite ^(.*)$ https://${server_name}$1 permanent;
- }
- server {
- listen ssl;
- server_name dashboard.fx.com;
- ssl_certificate "certs/dashboard.fx.com.crt";
- ssl_certificate_key "certs/dashboard.fx.com.key";
- ssl_session_cache shared:SSL:1m;
- ssl_session_timeout 10m;
- ssl_ciphers HIGH:!aNULL:!MD5;
- ssl_prefer_server_ciphers on;
- location / {
- proxy_pass http://default_backend_traefik;
- proxy_set_header Host $http_host;
- proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
- }
- }
注:HDSS7-12.host.com也需要配置nginx
令牌命令行获取方式
- [root@hdss7-21 ~]# kubectl get secret -n kube-system
- [root@hdss7-21 ~]# kubectl describe secret kubernetes-dashboard-admin-token-c8gsp -n kube-system
- Name: kubernetes-dashboard-admin-token-c8gsp
- Namespace: kube-system
- Labels: <none>
- Annotations: kubernetes.io/service-account.name: kubernetes-dashboard-admin
- kubernetes.io/service-account.uid: 22e7c7e4-8c03-4dad-a942-2a00a6689d14
- Type: kubernetes.io/service-account-token
- Data
- ====
- token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC1hZG1pbi10b2tlbi1jOGdzcCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC1hZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjIyZTdjN2U0LThjMDMtNGRhZC1hOTQyLTJhMDBhNjY4OWQxNCIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTprdWJlcm5ldGVzLWRhc2hib2FyZC1hZG1pbiJ9.eM2aJ7L9amwdo6XHYT2S5w6FMTdsu8u6hmB5bAcLrDJPwdiNMevriF9LensNtdobZlUd10qTmJ_uVDl7W_pW7sycN1MYpSyre7FPMiwaH8bSpcwCibgMSoCA5ce9eShePJ14iErBD12h1ru0BI1O-Vk-WC9yfBdrbBG4e9R3YclaKCo38Y7wS2WgMi0intELPyG-Sb8s3BTpPdnFBN5I_FAFtmAmonpuAz17FpxrMxF7ZlJXxhPwY1GoAHkKDkvw3J3z6peEGAazqZup-N4b6cjAyIucLd4xNbUXviAP6lGDGFAaHF7E-oN2Ec8WWNm3M26m2I3zxb_fyl8v9lNacQ
- ca.crt: 1342 bytes
- namespace: 11 bytes
注:令牌对应的是token
验证令牌登录
部署heapster
- [root@hdss7- dashboard]# mkdir heapster
- [root@hdss7- heapster]# docker pull quay.io/bitnami/heapster:1.5.
- [root@hdss7- heapster]# docker tag c359b95ad38b harbor.fx.com/public/heapster:v1.5.4
- [root@hdss7- heapster]# docker push harbor.fx.com/public/heapster:v1.5.4
应用heapster配置清单
- [root@hdss7- ~]# kubectl apply -f http://k8s-yaml.fx.com/dashboard/heapster/rbac.yaml
- [root@hdss7- ~]# kubectl apply -f http://k8s-yaml.fx.com/dashboard/heapster/deployment.yaml
- [root@hdss7- ~]# kubectl apply -f http://k8s-yaml.fx.com/dashboard/heapster/svc.yaml
重新登录dashboard查看
6.kubernetes的GUI资源管理插件-dashboard的更多相关文章
- 第十三章 k8s的GUI资源管理插件--dashboard
1.部署Kubernetes-dashboard 1.1 准备dashboard镜像 在10.4.7.200上操作 [root@hdss7-200 ~]# docker pull k8scn/kube ...
- kubernetes 1.14安装部署dashboard
简单介绍: Dashboard是一个基于web的Kubernetes用户界面.您可以使用Dashboard将容器化应用程序部署到Kubernetes集群,对容器化应用程序进行故障诊断,并管理集群资源. ...
- Kubernetes 部署Web UI (Dashboard)
Kubernetes 部署Web UI (Dashboard) 项目下载地址:https://github.com/kubernetes/kubernetes/tree/master/cluster/ ...
- Kubernetes V1.16.2部署Dashboard V2.0(beta5)
Kubernetes V1.16.2部署Dashboard V2.0(beta5) 在Master上部署Dashboard 集群安装部署请看安装Kubernetes V1.16.2 kubectl g ...
- 第21 章 : Kubernetes 存储架构及插件使用
Kubernetes 存储架构及插件使用 本文将主要分享以下三方面的内容: Kubernetes 存储体系架构: Flexvolume 介绍及使用: CSI 介绍及使用. Kubernetes 存储体 ...
- 第18 章 : Kubernetes 调度和资源管理
Kubernetes 调度和资源管理 这节课主要讲三部分的内容: Kubernetes 的调度过程: Kubernetes 的基础调度能力(资源调度.关系调度): Kubernetes 高级调度能力( ...
- 019.Kubernetes二进制部署插件dashboard
一 修改配置文件 1.1 下载解压 [root@k8smaster01 ~]# cd /opt/k8s/work/kubernetes/ [root@k8smaster01 kubernetes]# ...
- Kubernetes系列之Coredns and Dashboard介绍篇
本次系列使用的所需部署包版本都使用的目前最新的或最新稳定版,安装包地址请到公众号内回复[K8s实战]获取 介绍 项目地址:https://github.com/coredns/coredns Core ...
- kubernetes实战(二十八):Kubernetes一键式资源管理平台Ratel安装及使用
1. Ratel是什么? Ratel是一个Kubernetes资源平台,基于管理Kubernetes的资源开发,可以管理Kubernetes的Deployment.DaemonSet.Stateful ...
随机推荐
- 【Elasticsearch学习】DSL搜索大全(持续更新中)
1.复合查询 复合查询能够组合其他复合查询或者查询子句,同时也可以组合各个查询的查询结果及得分,也可以从Query查询转换为Filter过滤器查询. 首先介绍一下Query Context和 Filt ...
- 永久激活idea
申明:本教程 IntelliJ IDEA 破解补丁.激活码均收集于网络,请勿商用,仅供个人学习使用,如有侵权,请联系作者删除. idea版本为老版本2018版本,下载地址如下,激活方法和插件在压缩包中 ...
- linux:基本指令
指令标准格式 指令主体 [选项][操作对象] 基础指令 ls 1.ls 列出当前工作目录下的所有文件/文件夹的名称 2.ls 路径 列出指定路径下的所有文件/文件夹的名称 路径: 1.相对路径 会用 ...
- 移动端适配-rem(新)
概念 对于移动端开发来说,无可避免的就是直面各种设备不同分辨率和不同DPR(设备像素比)的问题,在此忽略其他兼容性问题的探讨. 移动端像素 设备像素(dp),也叫物理像素.指设备能控制显示的最小物理单 ...
- Java试题错题集01
1.javac与java命令 两个命令 javac 和 java. javac 后面跟着的是java文件的文件名,例如 HelloWorld.java. 该命令用于将 java 源文件编译为 clas ...
- C#/WPF/WinForm/.NET程序代码实现软件程序开机自动启动的两种常用方法的示例与源码下载带详细注释-源码代码-注册表方式-启动目录快捷方式
C#/WPF/WinForm/.NET程序代码实现软件程序开机自动启动的两种常用方法的示例与源码下载带详细注释-源码代码-注册表方式-启动目录快捷方式 C#实现自动启动的方法-两种方法 源码下载地址: ...
- Java实现 蓝桥杯VIP 算法训练 集合运算
问题描述 给出两个整数集合A.B,求出他们的交集.并集以及B在A中的余集. 输入格式 第一行为一个整数n,表示集合A中的元素个数. 第二行有n个互不相同的用空格隔开的整数,表示集合A中的元素. 第三行 ...
- Java实现Catenyms(并查集+dfs+欧拉回路)
Description A catenym is a pair of words separated by a period such that the last letter of the firs ...
- cocos2dx获得字体的宽高
Android: 1.在CCImage中添加下面的方法: //头文件声明略. cocos2d::CCSize CCImage::getStringSize(const char *text, cons ...
- 3.keras-简单实现Mnist数据集分类
keras-简单实现Mnist数据集分类 1.载入数据以及预处理 import numpy as np from keras.datasets import mnist from keras.util ...