kubernetes集群部署DashBoard

搭建K8s DashBoard

集群结构：

类型	主机名	ip
Master	k8s_master	192.168.3.216
Node	k8s_client1	192.168.3.217
Node	k8s_client2	192.168.3.219

以下操作都在k8s_master上执行： 一、镜像下载 [root@k8s_master ~]# docker pull docker.io/siriuszg/kubernetes-dashboard-amd64:v1.5.1 Trying to pull repository docker.io/siriuszg/kubernetes-dashboard-amd64 ... sha256:d0aebe2567a6b11d090403746f63df9dccd32aec9192decfd3794b0cce528930: Pulling from docker.io/siriuszg/kubernetes-dashboard-amd64 9d25d3817204: Pull complete Digest: sha256:d0aebe2567a6b11d090403746f63df9dccd32aec9192decfd3794b0cce528930 Status: Downloaded newer image for docker.io/siriuszg/kubernetes-dashboard-amd64:v1.5.1

[root@k8s_master ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure Using default tag: latest Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ... Pulling repository registry.access.redhat.com/rhel7/pod-infrastructure c99574180d51: Pull complete 1ada7c88ed3d: Pull complete bcb4a96d0b39: Pull complete Status: Downloaded newer image for registry.access.redhat.com/rhel7/pod-infrastructure:latest

二、配置kubernetes的dashboard 1、需要以下两个kubernetes-dashboard和dashboard-service配置文件。 kubernetes-dashboard.yaml #需修改images和增加- --apiserver-host=http://192.168.3.216:8080

kind: Deployment
apiVersion: extensions/v1beta1
metadata:
  labels:
    app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kube-system
spec:
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: kubernetes-dashboard
  template:
    metadata:
      labels:
        app: kubernetes-dashboard
      # Comment the following annotation if Dashboard must not be deployed on master
      annotations:
        scheduler.alpha.kubernetes.io/tolerations: |
          [
            {
              "key": "dedicated",
              "operator": "Equal",
              "value": "master",
              "effect": "NoSchedule"
            }
          ]
    spec:
      containers:
      - name: kubernetes-dashboard
        image: docker.io/siriuszg/kubernetes-dashboard-amd64:v1.5.1
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 9090
          protocol: TCP
        args:
          # Uncomment the following line to manually specify Kubernetes API server Host
          # If not specified, Dashboard will attempt to auto discover the API server and connect
          # to it. Uncomment only if the default does not work.
        - --apiserver-host=http://192.168.3.216:8080
        livenessProbe:
          httpGet:
            path: /
            port: 9090
          initialDelaySeconds: 30
          timeoutSeconds: 30

dashboard-service.yaml

#不需要做修改
kind: Service
apiVersion: v1
metadata:
  labels:
    app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kube-system
spec:
  type: NodePort
  ports:
  - port: 80
    targetPort: 9090
  selector:
    app: kubernetes-dashboard

2、执行启动，dashboard搭建完成。 [root@k8s_master ~]# kubectl create -f kubernetes-dashboard.yaml deployment "kubernetes-dashboard" created [root@k8s_master ~]# kubectl create -f dashboard-service.yaml service "kubernetes-dashboard" created

3、验证： 执行以下命令 [root@k8s_master ~]# kubectl get deployment --all-namespaces NAMESPACE NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE kube-system kubernetes-dashboard 1 1 1 1 1m [root@k8s_master ~]# kubectl get svc --all-namespaces NAMESPACE NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE default kubernetes 10.254.0.1 <none> 443/TCP 5d kube-system kubernetes-dashboard 10.254.141.158 <nodes> 80:31633/TCP 1m [root@k8s_master ~]# kubectl get pod -o wide --all-namespaces NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE kube-system kubernetes-dashboard-1270457039-t1z15 1/1 Running 0 2m 10.8.43.2 192.168.3.219

4、界面查看，浏览器输入：http://192.168.3.216:8080/ui

5、删除应用 [root@k8s_master ~]# kubectl delete deployment kubernetes-dashboard --namespace=kube-system deployment "kubernetes-dashboard" deleted [root@k8s_master ~]# kubectl delete svc kubernetes-dashboard --namespace=kube-system service "kubernetes-dashboard" deleted

报错解决: 1、无法拉取镜像registry.access.redhat.com/rhel7/pod-infrastructure:latest [root@k8s_master ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ... open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory 解决方法： [root@registry ~]# yum install *rhsm* -y

2、浏览器打开ui界面报错

{
  "kind": "Status",
  "apiVersion": "v1",
  "metadata": {},
  "status": "Failure",
  "message": "no endpoints available for service \"kubernetes-dashboard\"",
  "reason": "ServiceUnavailable",
  "code": 503
}

解决方法： KUBE_ADMISSION_CONTROL配置中默认需要认证，编辑配置文件，在KUBE_ADMISSION_CONTROL中，去除SecurityContextDeny,ServiceAccount [root@k8s_master ~]# vim /etc/kubernetes/apiserver KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota" 重启服务，正常打开