部署准备 docker pull kubernetesui/dashboard:v2.0.4 docker tag kubernetesui/dashboard:v2.0.4 harbor.cluster.local/library/dashboard:v2.0.4 docker push harbor.cluster.local/library/dashboard:v2.0.4 部署Dashboard 获取部署文件 wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.4/aio/deploy/recommended.yaml -Odashboard-2.0.6.yml 修改部署文件 修改Service,增加NodePort:
... kind: Service apiVersion: v1 metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kubernetes-dashboard spec: type: NodePort #指定Service类型 ports: - port: 443 targetPort: 8443 nodePort: 30001 #指定NodePort类型 selector: k8s-app: kubernetes-dashboard ...
执行部署
[root@K8S-PROD-M1 workspace]# kubectl apply -f dashboard-2.0.4.yaml ... 测试Dashboard 查看Dashboard Pod [root@K8S-PROD-M1 workspace]# kubectl get service -A|grep kubernetes-dashboard kubernetes-dashboard dashboard-metrics-scraper ClusterIP 10.109.115.76 <none> 8000/TCP 109s kubernetes-dashboard kubernetes-dashboard NodePort 10.97.150.59 <none> 443:30002/TCP 41s 获取登录token [root@K8S-PROD-M1 workspace]# kubectl -n kubernetes-dashboard get sa NAME SECRETS AGE default 1 24m kubernetes-dashboard 1 24m
[root@K8S-PROD-M1 workspace]# kubectl -n kubernetes-dashboard describe sa kubernetes-dashboard Name: kubernetes-dashboard Namespace: kubernetes-dashboard Labels: k8s-app=kubernetes-dashboard Annotations: Image pull secrets: <none> Mountable secrets: kubernetes-dashboard-token-xzgml Tokens: kubernetes-dashboard-token-xzgml Events: <none>
[root@K8S-PROD-M1 workspace]# kubectl -n kubernetes-dashboard describe secret kubernetes-dashboard-token-xzgml Name: kubernetes-dashboard-token-xzgml Namespace: kubernetes-dashboard Labels: <none> Annotations: kubernetes.io/service-account.name: kubernetes-dashboard kubernetes.io/service-account.uid: 809c67fa-9123-4319-9681-0d7b0264b5d5
Type: kubernetes.io/service-account-token
Data
ca.crt: 1025 bytes namespace: 20 bytes token: eyJhbGciOiJSUzI1NiIsImtpZCI6IkdIRU9PeWxxelk5ZEg2NUhUYkFmQjRZNHJHcVNMZkVUQXF2UjFoLUh5aVkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi14emdtbCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjgwOWM2N2ZhLTkxMjMtNDMxOS05NjgxLTBkN2IwMjY0YjVkNSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.nhm6P3SXzn2A9iBOq-oHhe02rfMNT4DM_CLlGJpFW28mZy9H36AuIh31pwQID3Y-VCLzhGUu3-xSXxfPgwioWgXZpxEM7gjGBW3N3cst4EUGSqWw3fKpHAQCIX8mLOvj4v5EoNj7ypQ-Zb_9ionEnd4pf2FoVYaE2T-j50oPTJXKNn3Sus6fVEAzj994ec9XpZdrgqGl34f1HUQtSH7vQBucOPngd1QGIDtXhyGawIvnMrzj7vV297uAmySDbGPxWiz-g2IfHKL_bLaEk0IEE6fqdL0hdj7HNKpkB0oyXV5k2-zWlRA4xPxqxQUAhr2Z9ct3lZJ3pXaNDJZvapJrSw 访问Web UI
- NAT配置
iptables -t nat -A PREROUTING -m tcp -p tcp -d 192.168.191.32 --dport 30001 -j DNAT --to-destination 192.168.122.11:30001
- 访问Web UI
https://192.168.122.11:30001,选择Token方式,输入上面获取到的Token,即可打开Web UI。
