部署
直接使用github官方仓库安装
`kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml
`
配置
修改为通过 NodePort 访问
kubectl -n kubernetes-dashboard edit service kubernetes-dashboard
在 ports
下面添加nodePort: 32576
,将 clusterIp
改为NodePort
如下
spec:
clusterIP: 192.168.244.139
externalTrafficPolicy: Cluster
ports:
- nodePort: 32576
port: 443
protocol: TCP
targetPort: 8443
selector:
k8s-app: kubernetes-dashboard
sessionAffinity: None
type: NodePort
此时可以通过节点 IP 和端口https://ip:32576/ 访问到 Dashboard(Chrome 可能会提示证书错误)
解决方法:创建chrome桌面快捷方式,然后到桌面:右键chrome–>属性–>在目标后面添加如下:--disable-infobars --ignore-certificate-errors
示例:"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --disable-infobars --ignore-certificate-errors
创建 ServiceAccount
vim admin-role.yaml
输入以下内容
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: admin
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
name: admin
namespace: kubernetes-dashboard
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin
namespace: kubernetes-dashboard
labels:
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
保存后再执行kubectl apply -f admin-role.yaml
获取 Token
kubectl -n kubernetes-dashboard get secret|grep admin-token
根据输出类似于admin-token-jx84x
再执行kubectl -n kubernetes-dashboard describe secret admin-token-jx84x