部署

直接使用github官方仓库安装

`kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml
`

配置

修改为通过 NodePort 访问

kubectl -n kubernetes-dashboard edit service kubernetes-dashboard
在 ports下面添加nodePort: 32576，将 clusterIp改为NodePort
如下

spec:
  clusterIP: 192.168.244.139
  externalTrafficPolicy: Cluster
  ports:
  - nodePort: 32576
    port: 443
    protocol: TCP
    targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard
  sessionAffinity: None
  type: NodePort

此时可以通过节点 IP 和端口https://ip:32576/ 访问到 Dashboard(Chrome 可能会提示证书错误)
解决方法：创建chrome桌面快捷方式，然后到桌面：右键chrome–>属性–>在目标后面添加如下：--disable-infobars --ignore-certificate-errors

示例："C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --disable-infobars --ignore-certificate-errors

创建 ServiceAccount

vim admin-role.yaml
输入以下内容

kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: admin
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
  name: admin
  namespace: kubernetes-dashboard
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin
  namespace: kubernetes-dashboard
  labels:
    kubernetes.io/cluster-service: "true"
    addonmanager.kubernetes.io/mode: Reconcile

保存后再执行
kubectl apply -f admin-role.yaml

获取 Token

kubectl -n kubernetes-dashboard get secret|grep admin-token
根据输出类似于
admin-token-jx84x
再执行
kubectl -n kubernetes-dashboard describe secret admin-token-jx84x

会输出token信息，在浏览器Dashboard使用token登录即可