重庆分公司,新征程启航

为企业提供网站建设、域名注册、服务器等服务

kubernetes二进制部署(四)webUI界面部署

这是kubernetes二进制部署的第四篇
如果没有看过前面第一篇的朋友可以看看下面的:
Kubernetes二进制部署(一)单节点部署
kubernetes二进制部署(二)多节点部署
kubernetes二进制部署(三)负载均衡部署

成都创新互联公司网站建设公司,提供成都网站制作、成都做网站,网页设计,建网站,PHP网站建设等专业做网站服务;可快速的进行网站开发网页制作和功能扩展;专业做搜索引擎喜爱的网站,是专业的做网站团队,希望更多企业前来合作!

在master01上操作

1、创建dashborad工作目录

[root@localhost k8s]# mkdir dashboard

2、拷贝官方文件

[root@localhost k8s]# cd dashboard/
[root@localhost dashboard]# ls            
dashboard-configmap.yaml   dashboard-rbac.yaml    dashboard-service.yaml
dashboard-controller.yaml  dashboard-secret.yaml  k8s-admin.yaml
##相关文件用途:
dashboard-configmap.yaml:配置应用
dashboard-rbac.yaml:授权访问api,web界面
dashboard-service.yaml:访问应用
dashboard-controller.yaml:控制器
dashboard-secret.yaml:安全、加密
k8s-admin.yaml:生成令牌

3、组件创建

[root@localhost dashboard]# kubectl create -f dashboard-rbac.yaml
role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created
[root@localhost dashboard]# kubectl create -f dashboard-secret.yaml
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-key-holder created
[root@localhost dashboard]# kubectl create -f dashboard-configmap.yaml
configmap/kubernetes-dashboard-settings created
[root@localhost dashboard]# kubectl create -f dashboard-controller.yaml
serviceaccount/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
[root@localhost dashboard]# kubectl create -f dashboard-service.yaml
service/kubernetes-dashboard created

4、完成后查看创建在指定的kube-system命名空间下

[root@localhost dashboard]# kubectl get pods -n kube-system
NAME                                    READY   STATUS    RESTARTS   AGE
kubernetes-dashboard-65f974f565-8b88b   1/1     Running   0          2m56s

5、查看如何访问

[root@localhost dashboard]# kubectl get pods,svc -n kube-system
NAME                                        READY   STATUS    RESTARTS   AGE
pod/kubernetes-dashboard-65f974f565-8b88b   1/1     Running   0          4m4s

NAME                           TYPE       CLUSTER-IP   EXTERNAL-IP   PORT(S)         AGE
service/kubernetes-dashboard   NodePort   10.0.0.26            443:30001/TCP   3m50s

6、访问nodeIP就可以访问

浏览器访问https://192.168.35.101:30001/

kubernetes二进制部署(四)web UI界面部署

7、google浏览器无法访问的问题,解决办法如下

(1)证书自签

[root@localhost dashboard]# vim dashboard-cert.sh

cat > dashboard-csr.json <

(2)生成证书

[root@localhost dashboard]# bash dashboard-cert.sh /root/k8s/k8s-cert/
2020/02/08 19:55:08 [INFO] generate received request
2020/02/08 19:55:08 [INFO] received CSR
2020/02/08 19:55:08 [INFO] generating key: rsa-2048
2020/02/08 19:55:09 [INFO] encoded CSR
2020/02/08 19:55:09 [INFO] signed certificate with serial number 702272605681507929850954926507995861695177925647
2020/02/08 19:55:09 [WARNING] This certificate lacks a "hosts" field. This makes it unsuitable for
websites. For more information see the Baseline Requirements for the Issuance and Management
of Publicly-Trusted Certificates, v.1.1.6, from the CA/Browser Forum (https://cabforum.org);
specifically, section 10.2.3 ("Information Requirements").
secret "kubernetes-dashboard-certs" deleted
secret/kubernetes-dashboard-certs created

[root@localhost dashboard]# ls
dashboard-cert.sh          dashboard-csr.json   dashboard-secret.yaml
dashboard-configmap.yaml   dashboard-key.pem    dashboard-service.yaml
dashboard-controller.yaml  dashboard.pem        k8s-admin.yaml
dashboard.csr              dashboard-rbac.yaml

(3)dashboard-controller.yaml 增加证书两行,然后apply

[root@localhost dashboard]# vim dashboard-controller.yaml

        args:
          # PLATFORM-SPECIFIC ARGS HERE
          - --auto-generate-certificates
          - --tls-key-file=dashboard-key.pem
          - --tls-cert-file=dashboard.pem

(4)重新部署

[root@localhost dashboard]# kubectl apply -f dashboard-controller.yaml
Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply
serviceaccount/kubernetes-dashboard configured
Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply
deployment.apps/kubernetes-dashboard configured

(5)再次进行访问:https://192.168.35.101:30001/

kubernetes二进制部署(四)web UI界面部署

kubernetes二进制部署(四)web UI界面部署

8、生成令牌

[root@localhost dashboard]# kubectl create -f k8s-admin.yaml
serviceaccount/dashboard-admin created
clusterrolebinding.rbac.authorization.k8s.io/dashboard-admin created

9、保存

[root@localhost dashboard]# kubectl get secret -n kube-system
NAME                               TYPE                                  DATA   AGE
dashboard-admin-token-ls8r7        kubernetes.io/service-account-token   3      73s
default-token-685rn                kubernetes.io/service-account-token   3      6h36m
kubernetes-dashboard-certs         Opaque                                11     16m
kubernetes-dashboard-key-holder    Opaque                                2      41m
kubernetes-dashboard-token-drpwb   kubernetes.io/service-account-token   3      40m

10、查看令牌


[root@localhost dashboard]# kubectl describe secret dashboard-admin-token-ls8r7 -n kube-system
Name:         dashboard-admin-token-ls8r7
Namespace:    kube-system
Labels:       
Annotations:  kubernetes.io/service-account.name: dashboard-admin
              kubernetes.io/service-account.uid: f283296f-4a6b-11ea-b063-000c29148af8

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1359 bytes
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tbHM4cjciLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiZjI4MzI5NmYtNGE2Yi0xMWVhLWIwNjMtMDAwYzI5MTQ4YWY4Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.dBbCRc4aRFrqAGxW55Zdu0JZz47Yh3DvtLUXZcK0-eV_3sdKz8fCS2K4x6Ey-USKRlIFc2VTH1AEIeWDzFvON5NrVLiyxEF5uQu9Ezo7f74lTwFnOYnASspF-8pi7_HzVQu9CtWcp1WEJAqQg_Ng2E7Ibo-gZmoy2DFgQ-60qcLfFm2ylxoM9yNrMEmSVcMDi8aC9JLsZxQlSRKb7gZn7Sns31Yot8NLxS8oXOmx8m7NysYWoOjZE3q645v96y4tqr3cuG9cCe1_tB5io3c1jiYxKfMLJetxcvNcyH4pbx6YwLu0PKI3o9tescu1uhRtxUN33dY5o4ple-ENPsan_w

11、复制令牌进行登录

kubernetes二进制部署(四)web UI界面部署

主界面:

kubernetes二进制部署(四)web UI界面部署

进入容器:点击容器组——》点击运行命令——》进入容器

kubernetes二进制部署(四)web UI界面部署
kubernetes二进制部署(四)web UI界面部署

在node节点访问IP:

kubernetes二进制部署(四)web UI界面部署

[root@localhost cfg]# curl 172.17.45.2



Welcome to nginx!



Welcome to nginx!

If you see this page, the nginx web server is successfully installed and working. Further configuration is required.

For online documentation and support please refer to nginx.org.
Commercial support is available at nginx.com.

Thank you for using nginx.

web界面查看日志:

kubernetes二进制部署(四)web UI界面部署
kubernetes二进制部署(四)web UI界面部署


标题名称:kubernetes二进制部署(四)webUI界面部署
当前URL:http://cqcxhl.com/article/gjsjjd.html
在线咨询
服务热线
服务热线:028-86922220
TOP