5.kubernetes的GUI资源管理插件-仪表盘
程序员文章站
2022-09-03 20:30:16
[TOC] 1.准备dashboard镜像 2.创建资源配置清单 在hdss7 200.host.com上 rbac.yaml dp.yaml svc.yaml ingress.yaml 3.应用资源配置清单 4.查看创建的资源 5.解析域名 6.浏览器访问 7.令牌命令行获取方式 ......
目录
1.准备dashboard镜像
[root@hdss7-200 harbor]# docker pull k8scn/kubernetes-dashboard-amd64:v1.8.3 [root@hdss7-200 harbor]# docker images|grep dashboard [root@hdss7-200 harbor]# docker tag fcac9aa03fd6 harbor.od.com/public/dashboard:v1.8.3 [root@hdss7-200 harbor]# docker push harbor.od.com/public/dashboard:v1.8.3
2.创建资源配置清单
在hdss7-200.host.com上
[root@hdss7-200 harbor]# mkdir -p /data/k8s-yaml/dashboard && cd /data/k8s-yaml/dashboard
rbac.yaml
apiversion: v1
kind: serviceaccount
metadata:
labels:
k8s-app: kubernetes-dashboard
addonmanager.kubernetes.io/mode: reconcile
name: kubernetes-dashboard-admin
namespace: kube-system
---
apiversion: rbac.authorization.k8s.io/v1
kind: clusterrolebinding
metadata:
name: kubernetes-dashboard-admin
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
addonmanager.kubernetes.io/mode: reconcile
roleref:
apigroup: rbac.authorization.k8s.io
kind: clusterrole
name: cluster-admin
subjects:
- kind: serviceaccount
name: kubernetes-dashboard-admin
namespace: kube-system
dp.yaml
apiversion: apps/v1
kind: deployment
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: reconcile
spec:
selector:
matchlabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
spec:
priorityclassname: system-cluster-critical
containers:
- name: kubernetes-dashboard
image: harbor.od.com/public/dashboard:v1.8.3
resources:
limits:
cpu: 100m
memory: 300mi
requests:
cpu: 50m
memory: 100mi
ports:
- containerport: 8443
protocol: tcp
args:
# platform-specific args here
- --auto-generate-certificates
volumemounts:
- name: tmp-volume
mountpath: /tmp
livenessprobe:
httpget:
scheme: https
path: /
port: 8443
initialdelayseconds: 30
timeoutseconds: 30
volumes:
- name: tmp-volume
emptydir: {}
serviceaccountname: kubernetes-dashboard-admin
tolerations:
- key: "criticaladdonsonly"
operator: "exists"
svc.yaml
apiversion: v1
kind: service
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: reconcile
spec:
selector:
k8s-app: kubernetes-dashboard
ports:
- port: 443
targetport: 8443
ingress.yaml
apiversion: extensions/v1beta1
kind: ingress
metadata:
name: kubernetes-dashboard
namespace: kube-system
annotations:
kubernetes.io/ingress.class: traefik
spec:
rules:
- host: dashboard.od.com
http:
paths:
- backend:
servicename: kubernetes-dashboard
serviceport: 443
3.应用资源配置清单
[root@hdss7-21 containers]# kubectl apply -f http://k8s-yaml.od.com/dashboard/rbac.yaml [root@hdss7-21 containers]# kubectl apply -f http://k8s-yaml.od.com/dashboard/dp.yaml [root@hdss7-21 containers]# kubectl apply -f http://k8s-yaml.od.com/dashboard/svc.yaml [root@hdss7-21 containers]# kubectl apply -f http://k8s-yaml.od.com/dashboard/ingress.yaml
4.查看创建的资源
[root@hdss7-21 containers]# kubectl get pods -n kube-system [root@hdss7-21 containers]# kubectl get svc -n kube-system [root@hdss7-21 containers]# kubectl get ingress -n kube-system
5.解析域名
[root@hdss7-11 conf.d]# vi /var/named/od.com.zone
$origin od.com.
$ttl 600 ; 10 minutes
@ in soa dns.od.com. dnsadmin.od.com. (
2020042602 ; serial //前滚一个序列号
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
ns dns.od.com.
$ttl 60 ; 1 minute
dns a 10.4.7.11
harbor a 10.4.7.200
k8s-yaml a 10.4.7.200
traefik a 10.4.7.10
dashboard a 10.4.7.10
[root@hdss7-11 conf.d]# systemctl restart named
6.浏览器访问
http://dashboard.od.com/
7.令牌命令行获取方式
kubectl get secret -n kube-system kubectl describe secret kubernetes-dashboard-admin-token-xxxxx -n kube-system
上一篇: ORA-28547:数据库连接问题