一键部署脚本(或者可使用helm安装):

wget https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml

kubectl apply -f kubernetes-dashboard.yaml

若连接不到镜像仓库,可提前下载好镜像,再执行脚本。

生成私钥和证书签名请求

openssl genrsa -des3 -passout pass:x -out dashboard.pass.key 2048
...
openssl rsa -passin pass:x -in dashboard.pass.key -out dashboard.key
#编写RSA密钥
rm dashboard.pass.key
openssl req -new -key dashboard.key -out dashboard.csr

生成SSL证书

自签名SSL证书是从dashboard.key私钥和dashboard.csr文件生成的。

openssl x509 -req -sha256 -days 365-in dashboard.csr -signkey dashboard.key -out dashboard.crt

挂载证书到Dashboard

--- 删除已经部署的dashboard ---

kubectl delete -f kubernetes-dashboard.yml
secret "kubernetes-dashboard-certs" deleted
serviceaccount "kubernetes-dashboard" deleted
role "kubernetes-dashboard-minimal" deleted
rolebinding "kubernetes-dashboard-minimal" deleted
deployment "kubernetes-dashboard" deleted
service "kubernetes-dashboard" deleted

--- 创建 secret "kubernetes-dashboard-certs" ---

kubectl create secret generic kubernetes-dashboard-certs --from-file="tls/dashboard.crt,tls/dashboard.key" -n kube-system
secret "kubernetes-dashboard-certs" created

--- 查看secret内容 ---

 kubectl get secret kubernetes-dashboard-certs -n kube-system -o yaml
apiVersion: v1
data:dashboard.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUQwVENDQXJtZ0F3SUJBZ0lKQUo3QzdhRjVjdG1mTUEwR0NTcUdTSWIzRFFFQkN3VUFNRTh4Q3pBSkJnTlYKQkFZVEFrTk9NUXN3Q1FZRFZRUUlEQUpJUWpFTE1Ba0dBMVVFQnd3Q1YwZ3hDekFKQmdOVkJBb01Ba1JOTVF3dwpDZ1lEVlFRTERBTlpVRlF4Q3pBSkJnTlZCQU1NQWtOQk1CNFhEVEU0TURnd056QTVNVGN5TTFvWERUSTRNRGd3Ck5EQTVNVGN5TTFvd1hERUxNQWtHQTFVRUJoTUNRMDR4Q3pBSkJnTlZCQWdNQWtoQ01Rc3dDUVlEVlFRSERBSlgKU0RFTE1Ba0dBMVVFQ2d3Q1JFMHhEREFLQmdOVkJBc01BMWxRVkRFWU1CWUdBMVVFQXd3UE1Ua3lMakUyT0M0eApNVGt1TVRZd01JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBdTJNUWpFVFVtS2RrCmZ5SjNPVXdyZGhrTnZTRk1CVGNhSTF3T3piTXI3SFJwSWFVQjIxM3VWTXdvRXAvckNkLzg5d0duQUJxNjBQeUYKYmpDVWVwM3pQaVlWYkkyeUlROXJ2OXRjakRjc1dFT2NONzNFN3k1eGc4ZDh5M0I4dW1nUGZPaUlxenplZDRSUgpSejI3R01rdjltckJHUUU1c2NnTVQyMUJ2bjRkdDBJNjJIQWNVNGlHRkNIaDAraW4ra0FuVGF6Y25pSWpjaG02Cks3emJrNW1wK1pmZllXa3FKZkE1V3hRWWlUZ0xIZ05wLy9uRzhCVkRMOVZSTklKU2JXWmk3QWZUR2FsaWVYWUkKTEl1VExNbzdxcGw4YW5wb3dzbzhpU3JZYUk5bFRGUkN3ZXJjRlVjajV6ZmtWOGc4N29HWlhLeGRHZkZzVmJMeQp3OS9qeDNwYjh3SURBUUFCbzRHaU1JR2ZNQXNHQTFVZER3UUVBd0lIZ0RBZEJnTlZIU1VFRmpBVUJnZ3JCZ0VGCkJRY0RBZ1lJS3dZQkJRVUhBd0V3SFFZRFZSME9CQllFRkZOeGpWbUNqcG5ZK2Y3K3ZIZlJUSzU2L2FEak1COEcKQTFVZEl3UVlNQmFBRkpsVUVkcmZBcDEvdGcxRFE4TVVEbmtESnljTU1ERUdBMVVkRVFRcU1DaUhCTUNvZDZDSApCSDhBQUFHQ0R6RTVNaTR4TmpndU1URTVMakUyTUlJSmJHOWpZV3hvYjNOME1BMEdDU3FHU0liM0RRRUJDd1VBCkE0SUJBUUJ4T2U2UkhISG5ZL2IweFVKWjZDUDMramZxcjNXaFZYdlhoNkZEQzEvM2RlYmVkK1UvN0JudWpMdjkKOXlzODRreWo5Z1VCMzNxMHNCbzYwMExXZ1ZUZnZTSHlqbE5TMXhWRGhOWjlUTm5IaENqcEs1Q1RsSXgyV0RnawpMaGVXZjMyU1dLUkFXVnhpeEdtMHVDMks0MWk1SWFXOW1za0pNaFpEcnh1Y2ZTNDNnRWJ3M1dlZkpla3ZGZHhxCk9wKysvREoyMURVaTVqdG1oSjBrWEZuRXVXUjd4UTJIWmM5aFNPbmVWRDJNSVFQcE1RaUhVd2ttTm5saGxNNC8KY3pXeldXY1NKODR4MCtRSy80b3A1UGNCL21LcGZCaC9YbkZlYmlRa2ExaVBzUm11QkJKUUJSRzZPTjI4OThVYwpyaWRISG5ZT29TWGlUN2Q4MXJRMUFTbWxaNGJLCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0Kdashboard.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb2dJQkFBS0NBUUVBdTJNUWpFVFVtS2RrZnlKM09Vd3JkaGtOdlNGTUJUY2FJMXdPemJNcjdIUnBJYVVCCjIxM3VWTXdvRXAvckNkLzg5d0duQUJxNjBQeUZiakNVZXAzelBpWVZiSTJ5SVE5cnY5dGNqRGNzV0VPY043M0UKN3k1eGc4ZDh5M0I4dW1nUGZPaUlxenplZDRSUlJ6MjdHTWt2OW1yQkdRRTVzY2dNVDIxQnZuNGR0MEk2MkhBYwpVNGlHRkNIaDAraW4ra0FuVGF6Y25pSWpjaG02Szd6Yms1bXArWmZmWVdrcUpmQTVXeFFZaVRnTEhnTnAvL25HCjhCVkRMOVZSTklKU2JXWmk3QWZUR2FsaWVYWUlMSXVUTE1vN3FwbDhhbnBvd3NvOGlTcllhSTlsVEZSQ3dlcmMKRlVjajV6ZmtWOGc4N29HWlhLeGRHZkZzVmJMeXc5L2p4M3BiOHdJREFRQUJBb0lCQUVnZHVoS2hzc2dGTkJJUgpxNXlyaWRacmtmUUZ5b0gvVU5ubTVmT1lUd0V6VS9xVXpJQW1TRUR1U1VYUnNkMGREUGZxOU9CL2FRSmhET0Q1ClpVdERXb2ZDbEdBd3NDczFDaHpPU1hIVkVnWHVEME1NajZ3VlRhNlBxYUdKNnhhNlVhdWF1bTVjZ0tteWpLMUUKUHFzdFVuNGRXNjlKMzNCaU13cW1XN1Q2U0dsc00vNmlVTElWdGpXclJkOUZrRU40SVkyUHBsRmhZckRvNEQveQpVQlBUK0laQjJ5b0Z6VDRDQ0JZZkVDOC9WT3lzSVN2ajhWbW5lbStaZy96aVdkQzBmZzY5U3JQRzBUYStQZmdJCjJHUzNBcGQxdGJ3YUhzL01UV0UvR1dQRzZtVm92dkVwTUorek9wR2lMZDBVVVdRaEpZeUpIT3hZRkVKWHNrYTYKQ2RZL09wRUNnWUVBOXFnNDFWNTBWNGxUNWViMExxbWUzeGJFTVA3MHp3SkhJOFpKQ0pwSi9HR2lNYlB2dm5FYwpKMlVIMkdFOEgrQ1JCakZyRzRIcCttSlNzdFlDTUpGclU1bmpTZ3BRdXJCY3pTdXFqSkFUcWV1UUhVZkpkUXdwCjFydXR2YnBSZGtmTVJPK0NDbGkxSDdPNW1YWGo0NkoxNjF4aHhFWUtLYWdHU3BCUkJQUFNPdmNDZ1lFQXdud2QKRG9VZkpBTlBJcnV4ZUJ0VzFTTnQ0T1hzdHd6STJpWUNrbGFNSmI3VWJ1NndBNkdzUGJuT2puMWVvb0dLc0xPNgo0K05VckxVSGZBNzdwaW1LK2kwa2xPZDJVdFhweUdObjJqTm5kK0V0ZmpkZ3pLTWdvN09BQ28zQ1hnM1JJTDBJClVRYjRiUVV1bWRDM2NPYXUvbzNBNk1zKzJRT1ZXTDV5R1pkMUMrVUNnWUFJbW9tUTk4QjdKVEVsL2M1YXFsUCsKV0I3enpwRGZmNmJYbXAwRmpjd3kzM3oyMnQzcitLb1F2YmR1VnNYd0hyY3dUaHo4VXFYRXRCVktZNmlqNVE2bgpWZURWdmxKZWtMUkwrOC94SXoxc1dla20vRkFNb3lYNmRZVno3c0hVckdCMXJ4ME1HMWdHQ1JEYVI0Qnhla00rCnVIUTRrbkRjVHg0WkQ3dWp2cFdBdFFLQmdCc3hGVEx4ZytBYUlsZGQzTHRKUDBPL2wxNUpaMlpVZ0VTWDZlWWgKK2FoUlhReEJqUlNFNXpzZUhuWW5xektYWUJmQ21VL0JlaFpIblV0SUlRRWpiODM0djlPZDVScEIxRlR6S1JNRgordUowOWxKZVZjZG15MnAzNzJBS1gvR2NodS9IM2tETjg2L3llSWlDK1JMcy9leVRUelI5TGtWVFRlOUJlVnlBCm81bk5Bb0dBTCsxYk4rTDVmRG5YS2RzdlYrSkdUM3pBT3BPdCsySndGc0huWTdacVFmV3NFcVFITE53c0VzNk4Kb3kxU3g1T0I1K0owaWlhampPS0dlQzl3Z1Y3dFNxNkJieUoxQnZSc1Ewb20yZGg2RGVIQ0pDN0VZQnhWb2oxQwpVMSszTXVBZHJvOE45R1BtRHZYdlhvTkhRVnBQTTlEQTJ4UDZZTkZuVEZKN1NVRTRRcDA9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==
kind: Secret
metadata:
......

--- 重新部署dashboard ---

kubectl apply -f kubernetes-dashboard.yml
Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply
secret "kubernetes-dashboard-certs" configured
serviceaccount "kubernetes-dashboard" created
role "kubernetes-dashboard-minimal" created
rolebinding "kubernetes-dashboard-minimal" created
deployment "kubernetes-dashboard" created
service "kubernetes-dashboard" created

创建登陆账号

vi admin-user-role-binding.yaml

apiVersion: v1
kind: ServiceAccount
metadata:name: admin-usernamespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:name: admin-user
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: cluster-admin
subjects:
- kind: ServiceAccountname: admin-usernamespace: kube-system

kubectl create -f admin-user-role-binding.yaml

获取登陆token

kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

输出类似:

Name:         admin-user-token-qrj82
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name=admin-userkubernetes.io/service-account.uid=6cd60673-4d13-11e8-a548-00155d000529Type:  kubernetes.io/service-account-tokenData
====
token:  ......

访问dashboard

第一种:kubectl proxy

http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/

第二种:kube -n kube-system port-forward pod名 8443:3000 &

http://loaclhost:3000

第二种:设置service nodeport

http://node_ip:nodeport

参考:

kubernetes dashboard部署流程:https://www.cnblogs.com/RainingNight/p/deploying-k8s-dashboard-ui.html

密钥挂载到dashboard:https://blog.csdn.net/chenleiking/article/details/81488028

证书创建参考:https://github.com/kubernetes/dashboard/wiki/Certificate-management

github地址:https://github.com/kubernetes/dashboard

转载于:https://www.cnblogs.com/xulingjie/p/10812126.html

kubernetes搭建dashboard-v1.10.1相关推荐

  1. 安装kubernetes1.12.1的 dashboard v1.10 + Heapster

    2019独角兽企业重金招聘Python工程师标准>>> Dashboard是kubernetes的官方WEB UI. Heapster为集群添加使用统计和监控功能,为Dashboar ...

  2. Kubernetes1.13集群安装dashboard 1.10.1

    文章目录 Kubernetes1.13集群安装dashboard 1.10.1 安装dashboard 下载镜像 创建pod 授予Dashboard账户集群管理权限 APIServer方式 查看集群信 ...

  3. vm安装net失败_使用minikube安装kubernetes和dashboard

    minikube可以运行一个本地单节点的kubernetes集群,可以非常容易地在本地部署kubernetes.虽然只支持单节点的kubernetes集群,但是能支持很多kubernetes特性,包括 ...

  4. 深入玩转K8S之使用kubeadm安装Kubernetes v1.10以及常见问题解答

    原文链接:http://blog.51cto.com/devingeng/2096495 关于K8S: Kubernetes是Google开源的容器集群管理系统.它构建于docker技术之上,为容器化 ...

  5. Kubernetes v1.10.x HA 全手动安装教程(TL;DR)

    转自 https://www.kubernetes.org.cn/3814.html 本篇延续过往手动安装方式来部署 Kubernetes v1.10.x 版本的 High Availability ...

  6. Kubernetes v1.10.4 安装记录

    #参考文档:https://github.com/opsnull/follow-me-install-kubernetes-cluster #约定: #1.会显式的标注出命令都要再哪一台或哪几台上执行 ...

  7. kubeadm安装Kubernetes V1.10集群详细文档

    1:服务器信息以及节点介绍 系统信息:centos1708 minimal    只修改IP地址 主机名称 IP 备注 node01 192.168.150.181 master and etcd r ...

  8. kubernetes V1.10.4 集群部署 (手动生成证书)

    说明:本文档涉及docker镜像,yaml文件下载地址 链接:https://pan.baidu.com/s/1QuVelCG43_VbHiOs04R3-Q 密码:70q2 本文只是作为一个安装记录 ...

  9. Kubeadm 快速搭建 k8s v1.24.1 集群(openEuler 22.03 LTS)

    kubeadm 简介 kubeadm 是 Kubernetes(以下简称 k8s)官方提供的用于快速安装部署 k8s 集群的工具,伴随 k8s 每个版本的发布都会同步更新,kubeadm 会对集群配置 ...

最新文章

  1. 机器学习入门:K-近邻算法
  2. 谈谈我的移动端rem适配方案
  3. Moodle: 查询 / 更新 / 添加 / 删除 / 导出 用户 ($DB用法)
  4. 听说面试很少有人答出:距离最近点对问题
  5. CSS标签选择器(二)
  6. 没想到你是这样的EasyRecovery
  7. 阶段3 2.Spring_09.JdbcTemplate的基本使用_6 JdbcDaoSupport的使用以及Dao的两种编写方式...
  8. 蚂蚁课堂视频笔记思维导图-4期 四、微服务安全
  9. windows进程 windows多进程编程
  10. Eclipse多国语言包的安装
  11. java投屏 dlna 安卓_DLNA投屏
  12. 用java画人物_如何画不同人物的视角?该怎么画?
  13. Advanced Archive Password Recovery下载
  14. swagger中没有新加的实体类属性(新加的属性在swagger中不显示)问题
  15. Photoshop完全自学入门与经典实例全视频教程
  16. 2019 DGF(深度引导滤波网络) 相关的论文笔记
  17. MIPI2LVDS芯片TC358774XBG寄存器查看与调试
  18. OrangeS操作系统笔记1_环境的配置与第一个系统
  19. android spc 能卸载吗,SPC 文件扩展名: 它是什么以及如何打开它?
  20. 存储单位的位(bit)、字节(Byte)、MB(兆位)之间的换算关系

热门文章

  1. 苹果/Mac电脑怎么卸载软件?软件卸载不了怎么办?
  2. 使用纯css完成行星图并且封装成组件
  3. 【云原生】了解微服务低代码平台
  4. git clone 只有.git文件夹 git status后发现文件夹全都被删除了
  5. Lucene.Net+盘古分词器(详细介绍)(转)
  6. bs4提取p标签内的值href
  7. java + typeahead 使用
  8. python跳台阶_递推典型算法:猴子爬山,跳台阶,爬楼梯(牛客网)、魔法深渊(快手)----Python、Java...
  9. 爱贝支付 - 服务端 - nodejs实现
  10. STM32 学习笔记4-智能小车-超声波避障