部署准备
docker pull kubernetesui/dashboard:v2.0.4
docker tag kubernetesui/dashboard:v2.0.4 harbor.cluster.local/library/dashboard:v2.0.4
docker push harbor.cluster.local/library/dashboard:v2.0.4
部署Dashboard
获取部署文件
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.4/aio/deploy/recommended.yaml -Odashboard-2.0.6.yml
修改部署文件
修改Service,增加NodePort:
...
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
type: NodePort #指定Service类型
ports:
- port: 443
targetPort: 8443
nodePort: 30001 #指定NodePort类型
selector:
k8s-app: kubernetes-dashboard
...
执行部署
[root@K8S-PROD-M1 workspace]# kubectl apply -f dashboard-2.0.4.yaml
...
测试Dashboard
查看Dashboard Pod
[root@K8S-PROD-M1 workspace]# kubectl get service -A|grep kubernetes-dashboard
kubernetes-dashboard dashboard-metrics-scraper ClusterIP 10.109.115.76 <none> 8000/TCP 109s
kubernetes-dashboard kubernetes-dashboard NodePort 10.97.150.59 <none> 443:30002/TCP 41s
获取登录token
[root@K8S-PROD-M1 workspace]# kubectl -n kubernetes-dashboard get sa
NAME SECRETS AGE
default 1 24m
kubernetes-dashboard 1 24m
[root@K8S-PROD-M1 workspace]# kubectl -n kubernetes-dashboard describe sa kubernetes-dashboard
Name: kubernetes-dashboard
Namespace: kubernetes-dashboard
Labels: k8s-app=kubernetes-dashboard
Annotations: Image pull secrets: <none>
Mountable secrets: kubernetes-dashboard-token-xzgml
Tokens: kubernetes-dashboard-token-xzgml
Events: <none>
[root@K8S-PROD-M1 workspace]# kubectl -n kubernetes-dashboard describe secret kubernetes-dashboard-token-xzgml
Name: kubernetes-dashboard-token-xzgml
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: kubernetes.io/service-account.name: kubernetes-dashboard
kubernetes.io/service-account.uid: 809c67fa-9123-4319-9681-0d7b0264b5d5
Type: kubernetes.io/service-account-token
Dataca.crt: 1025 bytes
namespace: 20 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IkdIRU9PeWxxelk5ZEg2NUhUYkFmQjRZNHJHcVNMZkVUQXF2UjFoLUh5aVkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi14emdtbCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjgwOWM2N2ZhLTkxMjMtNDMxOS05NjgxLTBkN2IwMjY0YjVkNSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.nhm6P3SXzn2A9iBOq-oHhe02rfMNT4DM_CLlGJpFW28mZy9H36AuIh31pwQID3Y-VCLzhGUu3-xSXxfPgwioWgXZpxEM7gjGBW3N3cst4EUGSqWw3fKpHAQCIX8mLOvj4v5EoNj7ypQ-Zb_9ionEnd4pf2FoVYaE2T-j50oPTJXKNn3Sus6fVEAzj994ec9XpZdrgqGl34f1HUQtSH7vQBucOPngd1QGIDtXhyGawIvnMrzj7vV297uAmySDbGPxWiz-g2IfHKL_bLaEk0IEE6fqdL0hdj7HNKpkB0oyXV5k2-zWlRA4xPxqxQUAhr2Z9ct3lZJ3pXaNDJZvapJrSw
访问Web UI
- NAT配置
iptables -t nat -A PREROUTING -m tcp -p tcp -d 192.168.191.32 --dport 30001 -j DNAT --to-destination 192.168.122.11:30001
- 访问Web UI
https://192.168.122.11:30001,选择Token方式,输入上面获取到的Token,即可打开Web UI。