最新版本k8s(1.25.3)安装dashboard

  • 方便查看管理集群状态,集群已启动服务
  • 可以按照用户进行权限控制

    下载yaml文件

    1
    wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml

修改配置文件,新增对外端口

修改下载的recommended.yaml文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
vim recommended.yaml
找到对应位置,增加有备注的两行

...
kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  type: NodePort   # 此行新增
  ports:
    - port: 443
      targetPort: 8443
      nodePort: 30001  # 此行新增,对外可访问端口
  selector:
    k8s-app: kubernetes-dashboard
...

kubectl apply -f recommended.yaml
执行成功,打开浏览器访问 ip:30001,能打开即成功

创建新用户

  • 创建 dashboard-adminuser.yaml
    可参考:https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    cat > dashboard-adminuser.yaml << EOF
    apiVersion: v1
    kind: ServiceAccount
    metadata:
      name: admin-user
      namespace: kubernetes-dashboard

    ---
    apiVersion: rbac.authorization.k8s.io/v1
    kind: ClusterRoleBinding
    metadata:
      name: admin-user
    roleRef:
      apiGroup: rbac.authorization.k8s.io
      kind: ClusterRole
      name: cluster-admin
    subjects:
    - kind: ServiceAccount
      name: admin-user
      namespace: kubernetes-dashboard  
    EOF

    执行命令

    1
    kubectl apply -f dashboard-adminuser.yaml

  • 获得用户token(反复获取)

    1
    kubectl -n kubernetes-dashboard create token admin-user

    将获得的token输入 dashboard 页面输入框内,点击按钮即可