K8S学习实验 kubernetes-1-组件简介
K8S学习实验 kubernetes-2-安装部署
1.4.10 部署 web 服务 dashboard
https://github.com/kubernetes/dashboard #web服务 dashboard
兼容1.17
https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-rc6/aio/deploy/recommended.yaml #安装配置文件 但是下载url不可用 需要改为国内地址 而且需要修改一定的内容
拉入配置文件admin-user.yml 和 admin-user.yml
采用最简单的方式 让其直接能够给vmware访问
#vim dashboard-2.0.0-rc6.yml
spec:
type: NodePort
ports:
- port: 443
targetPort: 8443
nodePort: 30002
selector:
k8s-app: kubernetes-dashboard
image: harbor.linux39.com/baseimages/dashboard:v2.0.0-rc6 #镜像地址修改
1.4.10.1 部署 dashboard 2.0.0 rc6
# kubectl apply f dashboard 2.0.0 rc6.yml f admin user.yml
1.4.10.2 获取登录 token
# kubectl get secret A | grep admin user
kubernetes dashboard admin user token lkwbr
kubernetes.io/service account toke n 3 3m15s
# kubectl describe secret admin-user-token-lkwbr n kubernetes dashboard
1.4.10.3:基于kubeconfig文件登入验证
root@master-1:~# cp /root/.kube/config /opt/kubeconfig
root@master-1:~# vim /opt/kubeconfig #再最后添加获取到的token 注意格式
然后上传到宿主机即可
实验:
把镜像pull下来之后打到harbor中:
root@master-1:/usr/local/src# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
kubernetesui/dashboard v2.0.0-rc6 cdc71b5a8a0e 2 weeks ago 221MB
quay.io/coreos/flannel v0.12.0-amd64 4e9f801d2217 2 weeks ago 52.8MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy v1.17.2 cba2a99699bd 2 months ago 116MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver v1.17.2 41ef50a5f06a 2 months ago 171MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager v1.17.2 da5fd66c4068 2 months ago 161MB
registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler v1.17.2 f52d4c527ef2 2 months ago 94.4MB
registry.cn-hangzhou.aliyuncs.com/google_containers/coredns 1.6.5 70f311871ae1 4 months ago 41.6MB
registry.cn-hangzhou.aliyuncs.com/google_containers/etcd 3.4.3-0 303ce5db0e90 5 months ago 288MB
registry.cn-hangzhou.aliyuncs.com/google_containers/pause 3.1 da86e6ba6ca1 2 years ago 742kB
在master和node节点中增加hosts域名解析给harbor地址
# vim /etc/hosts
172.20.10.33 harbor.linux39.com
在每一个需要上传下载镜像的master或者node都要配置下面的参数 node节点通常比较多的要上传下载镜像
# vim /lib/systemd/system/docker.service #在后面新增参数--insecure-registry harbor.linux39.com
14 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock --insecure-registry harbor.linux39.com
# systemctl daemon-reload
# systemctl restart docker
root@master-1:~# docker login harbor.linux39.com
Login Succeeded
root@master-1:~# docker tag cdc71b5a8a0e harbor.linux39.com/baseimages/dashboard:v2.0.0-rc6
root@master-1:~#
root@master-1:~# docker push harbor.linux39.com/baseimages/dashboard:v2.0.0-rc6
The push refers to repository [harbor.linux39.com/baseimages/dashboard]
f6419c845e04: Pushed
v2.0.0-rc6: digest: sha256:7d7273c38f37c62375bb8262609b746f646da822dc84ea11710eed7082482b12 size: 529
访问harbor网页:
新建了一个文件项目baseimages 然后push之后复制相应的URL
URL:
docker pull harbor.linux39.com/baseimages/dashboard:v2.0.0-rc6
root@master-1:/usr/local/src# vim dashboard-2.0.0-rc6.yml
192 image: harbor.linux39.com/baseimages/dashboard:v2.0.0-rc6 #修改为harbor镜像地址
276 image: harbor.linux39.com/baseimages/metrics-scraper:v1.0.3
dashboard服务需要上面的镜像提前下好,然后上传到harbor镜像上去
这2个文件在:
https://github.com/kubernetes/dashboard/releases
打开url
https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-rc6/aio/deploy/recommended.yaml
2个image后面的镜像下载 地址
kubernetesui/dashboard:v2.0.0-rc6
kubernetesui/metrics-scraper:v1.0.3
root@master-1:~# docker pull harbor.linux39.com/baseimages/dashboard:v2.0.0-rc6
root@master-1:~# docker pull kubernetesui/metrics-scraper:v1.0.3
root@master-1:~# docker tag docker.io/kubernetesui/metrics-scraper:v1.0.3 harbor.linux39.com/baseimages/metrics-scraper:v1.0.3
root@master-1:~# docker push harbor.linux39.com/baseimages/metrics-scraper
harbor.linux39.com/baseimages/metrics-scraper harbor.linux39.com/baseimages/metrics-scraper:v1.0.3
root@master-1:~# docker push harbor.linux39.com/baseimages/metrics-scraper:v1.0.3
The push refers to repository [harbor.linux39.com/baseimages/metrics-scraper]
4e247d9378a1: Pushed
0aec45b843c5: Pushed
3ebaca24781b: Pushed
v1.0.3: digest: sha256:e24a74b3b1cdc84d6285d507a12eb06907fd8c457b3e8ae9baa9418eca43efc4 size: 946
执行创建
root@master-1:/usr/local/src# ll
total 20
drwxr-xr-x 2 root root 4096 Mar 29 18:28 ./
drwxr-xr-x 10 root root 4096 Dec 28 05:33 ../
-rw-r--r-- 1 root root 374 Mar 28 10:54 admin-user.yml
-rw-r--r-- 1 root root 7641 Mar 29 18:28 dashboard-2.0.0-rc6.yml
root@master-1:/usr/local/src# kubectl apply -f dashboard-2.0.0-rc6.yml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
root@master-1:/usr/local/src# kubectl apply -f admin-user.yml
serviceaccount/admin-user created
clusterrolebinding.rbac.authorization.k8s.io/admin-user created
root@master-1:/usr/local/src#
查看服务是否起来 (最后2行)
root@master-1:/usr/local/src# kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
default net-test1-5fcc69db59-jz944 1/1 Running 1 116m
default net-test1-5fcc69db59-wzlmg 1/1 Running 1 116m
default net-test1-5fcc69db59-xthfd 1/1 Running 1 116m
kube-system coredns-7f9c544f75-bml7d 1/1 Running 1 4h15m
kube-system coredns-7f9c544f75-jwhtr 1/1 Running 2 4h15m
kube-system etcd-master-1 1/1 Running 2 4h15m
kube-system etcd-master-2 1/1 Running 1 3h33m
kube-system etcd-master-3 1/1 Running 1 3h17m
kube-system kube-apiserver-master-1 1/1 Running 4 4h15m
kube-system kube-apiserver-master-2 1/1 Running 2 3h33m
kube-system kube-apiserver-master-3 1/1 Running 2 3h17m
kube-system kube-controller-manager-master-1 1/1 Running 3 4h15m
kube-system kube-controller-manager-master-2 1/1 Running 3 3h33m
kube-system kube-controller-manager-master-3 1/1 Running 0 3h17m
kube-system kube-flannel-ds-amd64-4dc22 1/1 Running 1 95m
kube-system kube-flannel-ds-amd64-6nvgm 1/1 Running 1 95m
kube-system kube-flannel-ds-amd64-9pxvg 1/1 Running 1 95m
kube-system kube-flannel-ds-amd64-fxtv6 1/1 Running 0 95m
kube-system kube-flannel-ds-amd64-hmd27 1/1 Running 0 95m
kube-system kube-flannel-ds-amd64-njpcd 1/1 Running 2 95m
kube-system kube-proxy-5prrc 1/1 Running 0 3h18m
kube-system kube-proxy-cfbv5 1/1 Running 2 163m
kube-system kube-proxy-cjghs 1/1 Running 1 4h15m
kube-system kube-proxy-dmknx 1/1 Running 2 3h5m
kube-system kube-proxy-lhxz4 1/1 Running 1 3h3m
kube-system kube-proxy-wxgf5 1/1 Running 0 3h33m
kube-system kube-scheduler-master-1 1/1 Running 3 4h15m
kube-system kube-scheduler-master-2 1/1 Running 3 3h33m
kube-system kube-scheduler-master-3 1/1 Running 0 3h17m
kubernetes-dashboard dashboard-metrics-scraper-5bc5bdcbc5-hbhvm 1/1 Running 0 53s
kubernetes-dashboard kubernetes-dashboard-d498886d6-7qqnc 1/1 Running 0 53s
查看service的端口:可以看到最后一行显示30002端口
root@master-1:~# kubectl get service -A
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes ClusterIP 192.168.0.1 <none> 443/TCP 4h17m
kube-system kube-dns ClusterIP 192.168.0.10 <none> 53/UDP,53/TCP,9153/TCP 4h17m
kubernetes-dashboard dashboard-metrics-scraper ClusterIP 192.168.13.82 <none> 8000/TCP 2m29s
kubernetes-dashboard kubernetes-dashboard NodePort 192.168.12.204 <none> 443:30002/TCP 2m32s
访问dashboard页面:访问任何一个node节点端口都可:
由于没有做跳转 所以要用 http 访问
1.4.10.2 获取登录 token
root@master-1:~# kubectl get secret -A | grep admin-user
kubernetes-dashboard admin-user-token-4hl98 kubernetes.io/service-account-token 3 16m
root@master-1:~# kubectl get secret -A | grep admin-user
kubernetes-dashboard admin-user-token-4hl98 kubernetes.io/service-account-token 3 16m
root@master-1:~# kubectl describe secret admin-user-token-4hl98
Error from server (NotFound): secrets "admin-user-token-4hl98" not found #要指定在哪里寻找
root@master-1:~# kubectl describe secret admin-user-token-4hl98 -n kubernetes-dashboard
Name: admin-user-token-4hl98
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: kubernetes.io/service-account.name: admin-user
kubernetes.io/service-account.uid: cfbe8a23-183e-4718-ba77-2ccb7b734619
Type: kubernetes.io/service-account-token
Data
====
token: eyJhbGciOiJSUzI1NiIsImtpZCI6ImRrMDFORkYtZlBUdEpwSDZBbTNuc1BvdWxTWFdReU5ySmpTMTk5RVF5NWsifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLTRobDk4Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJjZmJlOGEyMy0xODNlLTQ3MTgtYmE3Ny0yY2NiN2I3MzQ2MTkiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.IEdJFARZoPA0nbS5J9Sw3nQ-CE2Hfe4QhgXyadcxv5ezKpM6cxmgKq5TjEYzIe1w4UNGXcmGlP_IlJvNlhJtTSzgVapFD0H_zZWOfl10lBWQA0ajZhrIAqAg3z6ME1BBwW6CZxyI23I0RJcQ5ciraVEUGV1CbXvzeaAtvgwZHpX3eiFwQ3vQj91NiX_ogLmuFo7ueHO3swP5Nz23sbGpOuKAed5fMe7jyBaW_Jms5_IcrBBbyUWvuObAXZytM355ttYIITMkTJrKplMqIYzXMbNTo8OgqY89qy1olpbfnElLD5P4yIuIFaQanzk43wmA9wNJeuxvda2J2BbG_DNbiQ
ca.crt: 1025 bytes
namespace: 20 bytes
1.4.10.3:验证 NodePort
root@master-1:~# kubectl get svc -A
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes ClusterIP 192.168.0.1 <none> 443/TCP 4h37m
kube-system kube-dns ClusterIP 192.168.0.10 <none> 53/UDP,53/TCP,9153/TCP 4h37m
kubernetes-dashboard dashboard-metrics-scraper ClusterIP 192.168.13.82 <none> 8000/TCP 22m
kubernetes-dashboard kubernetes-dashboard NodePort 192.168.12.204 <none> 443:30002/TCP 22m
复制上面的token 然后再web界面上用token认证的方式登入即可
文章转载自IT科技 不拘一格,如果涉嫌侵权,请发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。
