搭建K8s DashBoard 集群结构: | 类型 | 主机名 | ip | | -------- | -------- | -------- | | Master | k8s_master | 192.168.3.216 | | Node | k8s_client1 | 192.168.3.217 | | Node | k8s_client2 | 192.168.3.219 | 以下操作都在k8s_master上执行: 一、镜像下载 [root@k8s_master ~]# docker pull docker.io/siriuszg/kubernetes-dashboard-amd64:v1.5.1 Trying to pull repository docker.io/siriuszg/kubernetes-dashboard-amd64 ... sha256:d0aebe2567a6b11d090403746f63df9dccd32aec9192decfd3794b0cce528930: Pulling from docker.io/siriuszg/kubernetes-dashboard-amd64 9d25d3817204: Pull complete Digest: sha256:d0aebe2567a6b11d090403746f63df9dccd32aec9192decfd3794b0cce528930 Status: Downloaded newer image for docker.io/siriuszg/kubernetes-dashboard-amd64:v1.5.1 [root@k8s_master ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure Using default tag: latest Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ... Pulling repository registry.access.redhat.com/rhel7/pod-infrastructure c99574180d51: Pull complete 1ada7c88ed3d: Pull complete bcb4a96d0b39: Pull complete Status: Downloaded newer image for registry.access.redhat.com/rhel7/pod-infrastructure:latest 二、配置kubernetes的dashboard 1、需要以下两个kubernetes-dashboard和dashboard-service配置文件。 kubernetes-dashboard.yaml #需修改images和增加- --apiserver-host=http://192.168.3.216:8080 ``` kind: Deployment apiVersion: extensions/v1beta1 metadata: labels: app: kubernetes-dashboard name: kubernetes-dashboard namespace: kube-system spec: replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: app: kubernetes-dashboard template: metadata: labels: app: kubernetes-dashboard # Comment the following annotation if Dashboard must not be deployed on master annotations: scheduler.alpha.kubernetes.io/tolerations: | [ { "key": "dedicated", "operator": "Equal", "value": "master", "effect": "NoSchedule" } ] spec: containers: - name: kubernetes-dashboard image: docker.io/siriuszg/kubernetes-dashboard-amd64:v1.5.1 imagePullPolicy: IfNotPresent ports: - containerPort: 9090 protocol: TCP args: # Uncomment the following line to manually specify Kubernetes API server Host # If not specified, Dashboard will attempt to auto discover the API server and connect # to it. Uncomment only if the default does not work. - --apiserver-host=http://192.168.3.216:8080 livenessProbe: httpGet: path: / port: 9090 initialDelaySeconds: 30 timeoutSeconds: 30 ``` dashboard-service.yaml ``` #不需要做修改 kind: Service apiVersion: v1 metadata: labels: app: kubernetes-dashboard name: kubernetes-dashboard namespace: kube-system spec: type: NodePort ports: - port: 80 targetPort: 9090 selector: app: kubernetes-dashboard ``` 2、执行启动,dashboard搭建完成。 [root@k8s_master ~]# kubectl create -f kubernetes-dashboard.yaml deployment "kubernetes-dashboard" created [root@k8s_master ~]# kubectl create -f dashboard-service.yaml service "kubernetes-dashboard" created 3、验证: 执行以下命令 [root@k8s_master ~]# kubectl get deployment --all-namespaces NAMESPACE NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE kube-system kubernetes-dashboard 1 1 1 1 1m [root@k8s_master ~]# kubectl get svc --all-namespaces NAMESPACE NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE default kubernetes 10.254.0.1 443/TCP 5d kube-system kubernetes-dashboard 10.254.141.158 80:31633/TCP 1m [root@k8s_master ~]# kubectl get pod -o wide --all-namespaces NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE kube-system kubernetes-dashboard-1270457039-t1z15 1/1 Running 0 2m 10.8.43.2 192.168.3.219 4、界面查看,浏览器输入:http://192.168.3.216:8080/ui ![](https://s4.51cto.com/images/blog/201803/14/254aa632f255ea6a8c443ab174e67392.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=) 5、删除应用 [root@k8s_master ~]# kubectl delete deployment kubernetes-dashboard --namespace=kube-system deployment "kubernetes-dashboard" deleted [root@k8s_master ~]# kubectl delete svc kubernetes-dashboard --namespace=kube-system service "kubernetes-dashboard" deleted 报错解决: 1、无法拉取镜像registry.access.redhat.com/rhel7/pod-infrastructure:latest [root@k8s_master ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ... open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory 解决方法: [root@registry ~]# yum install \*rhsm\* -y 2、浏览器打开ui界面报错 ``` { "kind": "Status", "apiVersion": "v1", "metadata": {}, "status": "Failure", "message": "no endpoints available for service \"kubernetes-dashboard\"", "reason": "ServiceUnavailable", "code": 503 } ``` 解决方法: KUBE_ADMISSION_CONTROL配置中默认需要认证,编辑配置文件,在KUBE_ADMISSION_CONTROL中,去除SecurityContextDeny,ServiceAccount [root@k8s_master ~]# vim /etc/kubernetes/apiserver KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota" 重启服务,正常打开