标签:nod 配置文件 count clust com create manage get asi
dashboardwget https://storage.googleapis.com/kubernetes-release/release/v1.11.0/kubernetes-server-linux-amd64.tar.gz
tar -xzvf kubernetes-server-linux-amd64.tar.gz
cd kubernetes
tar -zxf kubernetes-src.tar.gz
cd cluster/addons/dashboard
cp *.yaml ~/dashboard/
#####修改配置文件
cat dashboard-service.yaml
apiVersion: v1
kind: Service
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
addonmanager.kubernetes.io/mode: Reconcile
spec:
selector:
k8s-app: kubernetes-dashboard
type: NodePort ###此处为添加
ports:
- port: 443
targetPort: 8443
#####修改kube-apiserver.service
--anonymous-auth=false \ # 不接受匿名访问,若为true,则表示接受,此处设置为false,便于dashboard访问
--basic-auth-file=/etc/kubernetes/basic_auth_file 新建/etc/kubernetes/basic_auth_file文件,并在其中添加:
admin,admin,1002
#####启动
kubectl apply -f .
#####权限
kubectl create clusterrolebinding login-dashboard-admin --clusterrole=cluster-admin --user=admin
#####获取token
kubectl -n kube-system create sa dashboard
kubectl create clusterrolebinding dashboard --clusterrole cluster-admin --serviceaccount=kube-system:dashboard
SECRET=$(kubectl -n kube-system get sa dashboard -o yaml | awk ‘/dashboard-token/ {print $3}‘)
kubectl -n kube-system describe secrets ${SECRET} | awk ‘/token:/{print $2}‘
测试
https://172.16.20.206:6443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/标签:nod 配置文件 count clust com create manage get asi
原文地址:https://blog.51cto.com/phospherus/2445751
