[云原生专题-28]:K8S - Kubernetes(K8S)Master集群构建与安装过程详细解读 - Dashboard的安装与访问

Posted 文火冰糖的硅基工坊

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了[云原生专题-28]:K8S - Kubernetes(K8S)Master集群构建与安装过程详细解读 - Dashboard的安装与访问相关的知识,希望对你有一定的参考价值。

作者主页(文火冰糖的硅基工坊):文火冰糖(王文兵)的博客_文火冰糖的硅基工坊_CSDN博客

本文网址: https://blog.csdn.net/HiWangWenBing/article/details/122788745


目录

第1章 Dashboard概述

第2章 安装前置条件

第3章 Dashboard的安装

第4章 Dashboard的访问

4.1 NodePort访问

第5章 Dashboard的使用


第1章 Dashboard概述

K8S Dashboard是官方的一个基于WEB的用户界面,专门用来管理K8S集群,并可展示集群的状态。

K8S集群安装好后默认没有包含Dashboard,我们需要额外创建它。

Dashboard与kubeadm与kubectl一并完成对K8S集群的操作、维护、管理(OAM)

第2章 安装前置条件

K8S Dashboard只适合安装在manager节点。

[云原生专题-24]:K8S - Kubernetes(K8S)Master集群构建与安装过程详细解读 - 初始控制节点的安装_文火冰糖(王文兵)的博客-CSDN博客作者主页(文火冰糖的硅基工坊):文火冰糖(王文兵)的博客_文火冰糖的硅基工坊_CSDN博客本文网址:https://blog.csdn.net/HiWangWenBing/article/details/122759250目录第一步:集群规划1.1 K8S的官方架构1.2 K8S的实验架构1.3 主要步骤1.4K8S集群搭建方式选择1.5 官方参考第二步:搭建云服务器2.1 安装服务器2.2 安装后检查第三步:搭建Docker环境(云平台手工操作)3.1.https://blog.csdn.net/HiWangWenBing/article/details/122759250

第3章 Dashboard的安装

(1)官方一步安装命令

GitHub - kubernetes/dashboard: General-purpose web UI for Kubernetes clusters

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.0/aio/deploy/recommended.yaml

问题:无法远程访问远程的配置文件。

因此需要手工下载配置文件到云服务器上。

(2) 用IE打开配置文件

https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.0/aio/deploy/recommended.yaml

(3)在本地创建配置文件

$ cd ~
$ touch recommended.yaml
vi recommended.yaml

cat recommended.yaml

(4)手工下载dashboard镜像

$ docker pull kubernetes-dashboard-amd64

(5)Dashboard的安装

[root@k8s-master1 ~]# kubectl apply -f ./recommended.yaml

namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created

(6)dashboard是以pod服务的形式存在的,参看pod的运行情况

[root@k8s-master1 ~]# kubectl get pods -A
NAMESPACE              NAME                                         READY   STATUS              RESTARTS   AGE
kube-system            coredns-6d8c4cb4d-6cts2                      0/1     ContainerCreating   0          107m
kube-system            coredns-6d8c4cb4d-w6x5k                      0/1     ContainerCreating   0          107m
kube-system            etcd-k8s-master1                             1/1     Running             0          108m
kube-system            kube-apiserver-k8s-master1                   1/1     Running             29         108m
kube-system            kube-controller-manager-k8s-master1          1/1     Running             0          108m
kube-system            kube-proxy-5wrkx                             1/1     Running             0          107m
kube-system            kube-scheduler-k8s-master1                   1/1     Running             0          108m
kubernetes-dashboard   dashboard-metrics-scraper-799d786dbf-88c2w   0/1     ContainerCreating   0          10m
kubernetes-dashboard   kubernetes-dashboard-546cbc58cd-292dr        0/1     ContainerCreating   0          10m

服务所在的容器正在创建过程中...........等待,直处于running状态.

[root@k8s-master1 ~]# kubectl get pods -A
NAMESPACE              NAME                                         READY   STATUS    RESTARTS        AGE
kube-system            calico-kube-controllers-566dc76669-stvkr     1/1     Running   0               104s
kube-system            calico-node-fz7s6                            1/1     Running   0               104s
kube-system            coredns-6d8c4cb4d-6cts2                      1/1     Running   0               118m
kube-system            coredns-6d8c4cb4d-w6x5k                      1/1     Running   0               118m
kube-system            etcd-k8s-master1                             1/1     Running   1 (9m19s ago)   118m
kube-system            kube-apiserver-k8s-master1                   1/1     Running   30 (9m9s ago)   118m
kube-system            kube-controller-manager-k8s-master1          1/1     Running   1 (9m19s ago)   118m
kube-system            kube-proxy-5wrkx                             1/1     Running   1 (9m19s ago)   118m
kube-system            kube-scheduler-k8s-master1                   1/1     Running   1 (9m19s ago)   118m
kubernetes-dashboard   dashboard-metrics-scraper-799d786dbf-88c2w   1/1     Running   0               20m
kubernetes-dashboard   kubernetes-dashboard-546cbc58cd-292dr        1/1     Running   0               20m

kubernetes-dashboard安装成功!!!!

第4章 Dashboard的访问

根据官方文档,目前访问Dashboard有四种方式:

  • NodePort:通过任意以节点的IP地址和端口号访问。
  • API Server:
  • kubectl proxy
  • Ingress

4.1 NodePort访问

(1)设置NodePort访问方式

kubectl edit svc kubernetes-dashboard -n kubernetes-dashboard

ClusterIP -> NodePort

ClusterIP与NodePort的区别是:

ClusterIP是对外提供一个统一的IP地址,使用统一的集群IP地址访问。

NodePort把每个Node的IP地址都暴露出去,使用Node自身的公网地址访问。

(2)获得NodePort的端口号

[root@k8s-master1 ~]# kubectl get svc -A
NAMESPACE              NAME                        TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)                  AGE
default                kubernetes                  ClusterIP   10.1.0.1       <none>        443/TCP                  3h14m
kube-system            kube-dns                    ClusterIP   10.1.0.10      <none>        53/UDP,53/TCP,9153/TCP   3h14m
kubernetes-dashboard   dashboard-metrics-scraper   ClusterIP   10.1.253.40    <none>        8000/TCP                 96m
kubernetes-dashboard   kubernetes-dashboard        NodePort    10.1.176.109   <none>        443:30586/TCP            96m

 NodePort    10.1.176.109   <none>        443:30586/TCP            96m

10.1.176.109: 集群内部服务的IP地址

443:集群内部服务的端口号

30586: 对外暴露的端口号

IP: 每个节点的IP地址。

(3)在云服务器上的安全组中开放30586端口号。

(4)为远程Web访问创建账号

cat > /root/dashboard-usr.yaml <<EOF
apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: kubernetes-dashboard
    addonmanager.kubernetes.io/mode: Reconcile
  name: kubernetes-dashboard-admin
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: kubernetes-dashboard-admin
  namespace: kube-system
  labels:
    k8s-app: kubernetes-dashboard
    addonmanager.kubernetes.io/mode: Reconcile
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: kubernetes-dashboard-admin
  namespace: kube-system
EOF
[root@k8s-master1 ~]# kubectl apply -f dashboard-usr.yaml
serviceaccount/kubernetes-dashboard-admin created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-admin created

(5)获得远程访问的令牌Token

kubectl get secret  -n kube-system |grep dashboard
kubernetes-dashboard-admin-token-8lmm7           kubernetes.io/service-account-token   3      5m19s
[root@k8s-master1 ~]# kubectl -n kube-system describe secrets kubernetes-dashboard-admin-token-8lmm7
Name:         kubernetes-dashboard-admin-token-8lmm7
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: kubernetes-dashboard-admin
              kubernetes.io/service-account.uid: 8ad90e41-949d-4085-9c8c-31ae6e3c8756

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1099 bytes
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IjdhcHBrRU1TUTJlb0NvM0YtYThIQWRZT01mVTR4X3RfZHhzQnQxODQ0UmsifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC1hZG1pbi10b2tlbi04bG1tNyIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC1hZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjhhZDkwZTQxLTk0OWQtNDA4NS05YzhjLTMxYWU2ZTNjODc1NiIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTprdWJlcm5ldGVzLWRhc2hib2FyZC1hZG1pbiJ9.IyigMqSGjlmAaJyBxnylTWtsxXRPzJ2URrKSsJ9_RroY_0VY6fcMmxL253Tv9uAq_0E4-lZFKgdnMPktfiMaSBQ_g9JfIrjBQUKzCq-Yo5vaycVfFn9K0xPvl4iWjy4O3KNSMGibLXFLHHSoHiHNEht2YlqXw0UNNXrrVaunUWTGxlEWkNFiUB06I-EoGB5MIAzbraYq7Akr_MfRJU4RSP7tieGL-lgk17HfciuSV7bvDjL9ZfnWj5oSTjv35wis5nCxAGPrP1sUbRhvwhDyOFqmHr1sxLFnnsYb4YM0P9dYbUrrU5qywp8iGAuv87e-I7Zwap4iXY9b-nUvt2S8qA

(6)通过集群中的任意端口的公网IP+端口号+令牌访问Dashboard

https://47.99.96.250:30586/

忽略警告,继续访问:

 为了安全起见,dashboard采用HTTPS访问,需要提供一个TokenID访问。

选中全部命名空间:

第5章 Dashboard的使用

至此,我们已经创建了K8的集群,并且创建了图形化的管理界面集群进行管理。

后续就可以进行实际微服务的创建和业务的运营和管理了。


作者主页(文火冰糖的硅基工坊):文火冰糖(王文兵)的博客_文火冰糖的硅基工坊_CSDN博客

本文网址:https://blog.csdn.net/HiWangWenBing/article/details/122788745

以上是关于[云原生专题-28]:K8S - Kubernetes(K8S)Master集群构建与安装过程详细解读 - Dashboard的安装与访问的主要内容,如果未能解决你的问题,请参考以下文章

[云原生专题-29]:K8S - 核心概念 - 名字空间/命名空间概念详解与主要操作案例

[云原生专题-23]:K8S - Kubernetes(K8S)整体概述与组件架构通俗讲解

[云原生专题-46]:Kubesphere云治理-安装-在K8S的基础之上快速安装

[云原生专题-22]:K8S - 集群编排工具K8S与SWARM比较与技术选择

[云原生专题-43]:K8S - 核心概念 - placeholder - 加密数据

[云原生专题-42]:K8S - 核心概念 - placeholder-有状态服务