Kubernetes基础:MacOS上设定Dashboard
2024-04-05 05:56:33
在上篇文章中在MacOS上通过Docker Desktop记录了安装Kubernetes的方法,这篇文章继续记录一下设定Dashboard的方式,这样Mac上的基础开发或者实验环境就基本就绪了。
目录
- 事前准备
- 下载yaml
- 修改yaml
- 安装确认
- 登录确认
- 获取token
- 登录确认
- 内容总结
- Dashboard的yaml文件
事前准备
- 操作系统
liumiaocn:~ liumiao$ sw_vers
ProductName: Mac OS X
ProductVersion: 10.15.6
BuildVersion: 19G73
liumiaocn:~ liumiao$
Docker Desktop
使用方式可参看:https://blog.csdn.net/liumiaocn/article/details/80780337Kubernetes
确认版本信息
liumiaocn:~ liumiao$ which kubectl
/usr/local/bin/kubectl
liumiaocn:~ liumiao$ kubectl version --short
Client Version: v1.18.8
Server Version: v1.18.8
liumiaocn:~ liumiao$
- 确认结点信息
liumiaocn:~ liumiao$ kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
docker-desktop Ready master 4m50s v1.18.8 192.168.65.3 <none> Docker Desktop 4.19.76-linuxkit docker://19.3.13
liumiaocn:~ liumiao$
- 确认集群状态信息
liumiaocn:~ liumiao$ kubectl cluster-info
Kubernetes master is running at https://kubernetes.docker.internal:6443
KubeDNS is running at https://kubernetes.docker.internal:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxyTo further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
liumiaocn:~ liumiao$
下载yaml
执行命令:wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.4/aio/deploy/recommended.yaml
修改yaml
liumiaocn:dashboard liumiao$ diff recommended.yaml*
43d42
< nodePort: 30443
46d44
< type: NodePort
200d197
< - --token-ttl=86400
liumiaocn:dashboard liumiao$
可以看到只添加了三行,主要是nodePort和token过期时间的设定(注意端口30443的区间取值限制为30000-32767)。详细可参看文末的yaml。在网络畅通的情况下直接执行此yaml即可,不然就想办法分别下载镜像和yaml文件,然后再使用kubectl apply即可。此文件中包含了Dashboard所需要的namespace、service等诸多信息,所以直接apply即可完成。所使用到的镜像如下:
- kubernetesui/dashboard:v2.0.4
- kubernetesui/metrics-scraper:v1.0.4
事前进行docker pull之后,安装会非常快
liumiaocn:dashboard liumiao$ kubectl apply -f recommended.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
liumiaocn:dashboard liumiao$
安装确认
通过如下命令,可以确认到Dashboard已经正常运行
liumiaocn:dashboard liumiao$ kubectl get pods --namespace kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-6b4884c9d5-5glgp 1/1 Running 0 2m43s
kubernetes-dashboard-76b754fc78-p4ncz 1/1 Running 0 2m43s
liumiaocn:dashboard liumiao$
登录确认
使用如下URL即可进行登录确认
URL:https://localhost:30443
获取token
执行命令:kubectl describe secret -n kubernetes-dashboard $(kubectl get secrets -n kubernetes-dashboard |grep dashboard |awk ‘{print $1}’ |grep token) |grep token: |awk -F: ‘{print $2}’
liumiaocn:dashboard liumiao$ kubectl describe secret -n kubernetes-dashboard $(kubectl get secrets -n kubernetes-dashboard |grep dashboard |awk '{print $1}' |grep token) |grep token: |awk -F: '{print $2}'eyJhbGciOiJSUzI1NiIsImtpZCI6ImFkaHVsR2cyNGZOSG1FRmxmYTVyd0hmbHlmMjV5UnQ1MjJHS2Z5dzhudGMifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi1uNXB3ZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImNkMGUwY2ZlLTY4N2MtNDczMi1iZjk2LTA5NGJlOTkyMjg2MiIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.RMz69kFq-cX7JS5B8sBdmjrGAXqXQ6Q1ZMzlSVOoIVfWhdDs2QH4gw1NTVjXrzHf2teLasyQsdNnXJmbz6MVCNUUH2b-_mjECQMowf1egjFqH64Uw49C8f0KMIBUnX-bchLu5sGLoygP_WV1dT5uiHLI8i2x8zeoARRLrF6HBM9MQ-kvGVRy3bbNz26nfmtqICLRzveeg4eG3iPUNhc_RuWPEdNYODEWZphnSO0EkD4iClkoiYsLxix3bZspxv1PEkAHfEH6mL6cwVsHTi5i1ZcbZmsbbkQxHWutHU0cjbBLWKcfna5HqyAxPJGmmMeB09CRfZbE13Aro6pWsPD-iA
liumiaocn:dashboard liumiao$
登录确认
使用上述获得的token进行登录即可看到dashboar页面了
内容总结
这篇文章整理了Mac下设定Dashboard的方式,实际上和其他OS上并无不同。
Dashboard的yaml文件
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.apiVersion: v1
kind: Namespace
metadata:name: kubernetes-dashboard---apiVersion: v1
kind: ServiceAccount
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard---kind: Service
apiVersion: v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard
spec:ports:- port: 443targetPort: 8443nodePort: 30443selector:k8s-app: kubernetes-dashboardtype: NodePort---apiVersion: v1
kind: Secret
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-certsnamespace: kubernetes-dashboard
type: Opaque---apiVersion: v1
kind: Secret
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-csrfnamespace: kubernetes-dashboard
type: Opaque
data:csrf: ""---apiVersion: v1
kind: Secret
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-key-holdernamespace: kubernetes-dashboard
type: Opaque---kind: ConfigMap
apiVersion: v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-settingsnamespace: kubernetes-dashboard---kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard
rules:# Allow Dashboard to get, update and delete Dashboard exclusive secrets.- apiGroups: [""]resources: ["secrets"]resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"]verbs: ["get", "update", "delete"]# Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.- apiGroups: [""]resources: ["configmaps"]resourceNames: ["kubernetes-dashboard-settings"]verbs: ["get", "update"]# Allow Dashboard to get metrics.- apiGroups: [""]resources: ["services"]resourceNames: ["heapster", "dashboard-metrics-scraper"]verbs: ["proxy"]- apiGroups: [""]resources: ["services/proxy"]resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"]verbs: ["get"]---kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard
rules:# Allow Metrics Scraper to get metrics from the Metrics server- apiGroups: ["metrics.k8s.io"]resources: ["pods", "nodes"]verbs: ["get", "list", "watch"]---apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard
roleRef:apiGroup: rbac.authorization.k8s.iokind: Rolename: kubernetes-dashboard
subjects:- kind: ServiceAccountname: kubernetes-dashboardnamespace: kubernetes-dashboard---apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:name: kubernetes-dashboard
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: kubernetes-dashboard
subjects:- kind: ServiceAccountname: kubernetes-dashboardnamespace: kubernetes-dashboard---kind: Deployment
apiVersion: apps/v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard
spec:replicas: 1revisionHistoryLimit: 10selector:matchLabels:k8s-app: kubernetes-dashboardtemplate:metadata:labels:k8s-app: kubernetes-dashboardspec:containers:- name: kubernetes-dashboardimage: kubernetesui/dashboard:v2.0.4imagePullPolicy: Alwaysports:- containerPort: 8443protocol: TCPargs:- --auto-generate-certificates- --namespace=kubernetes-dashboard- --token-ttl=86400# Uncomment the following line to manually specify Kubernetes API server Host# If not specified, Dashboard will attempt to auto discover the API server and connect# to it. Uncomment only if the default does not work.# - --apiserver-host=http://my-address:portvolumeMounts:- name: kubernetes-dashboard-certsmountPath: /certs# Create on-disk volume to store exec logs- mountPath: /tmpname: tmp-volumelivenessProbe:httpGet:scheme: HTTPSpath: /port: 8443initialDelaySeconds: 30timeoutSeconds: 30securityContext:allowPrivilegeEscalation: falsereadOnlyRootFilesystem: truerunAsUser: 1001runAsGroup: 2001volumes:- name: kubernetes-dashboard-certssecret:secretName: kubernetes-dashboard-certs- name: tmp-volumeemptyDir: {}serviceAccountName: kubernetes-dashboardnodeSelector:"kubernetes.io/os": linux# Comment the following tolerations if Dashboard must not be deployed on mastertolerations:- key: node-role.kubernetes.io/mastereffect: NoSchedule---kind: Service
apiVersion: v1
metadata:labels:k8s-app: dashboard-metrics-scrapername: dashboard-metrics-scrapernamespace: kubernetes-dashboard
spec:ports:- port: 8000targetPort: 8000selector:k8s-app: dashboard-metrics-scraper---kind: Deployment
apiVersion: apps/v1
metadata:labels:k8s-app: dashboard-metrics-scrapername: dashboard-metrics-scrapernamespace: kubernetes-dashboard
spec:replicas: 1revisionHistoryLimit: 10selector:matchLabels:k8s-app: dashboard-metrics-scrapertemplate:metadata:labels:k8s-app: dashboard-metrics-scraperannotations:seccomp.security.alpha.kubernetes.io/pod: 'runtime/default'spec:containers:- name: dashboard-metrics-scraperimage: kubernetesui/metrics-scraper:v1.0.4ports:- containerPort: 8000protocol: TCPlivenessProbe:httpGet:scheme: HTTPpath: /port: 8000initialDelaySeconds: 30timeoutSeconds: 30volumeMounts:- mountPath: /tmpname: tmp-volumesecurityContext:allowPrivilegeEscalation: falsereadOnlyRootFilesystem: truerunAsUser: 1001runAsGroup: 2001serviceAccountName: kubernetes-dashboardnodeSelector:"kubernetes.io/os": linux# Comment the following tolerations if Dashboard must not be deployed on mastertolerations:- key: node-role.kubernetes.io/mastereffect: NoSchedulevolumes:- name: tmp-volumeemptyDir: {}
Kubernetes基础:MacOS上设定Dashboard相关推荐
- Kubernetes基础:在MacOS上安装Kubernetes
在MacOS上通过Docker Desktop可以直接安装Kubernetes的预置版本并可持续更新,这篇文章记录一下在MacOS上安装Kubernetes的方式. 目录 事前准备 设定加速 安装Ku ...
- GDB基础:MacOS上的GDB安装与设定
这篇文章介绍一下MacOS下GDB的安装与设定方法.在MacOS上使用LLDB可能会更方便一些,但是对于习惯gdb的用于以及LLDB无法完成的地方,GDB还是有很多优势的. 目录 环境说明 安装与确认 ...
- Colima:MacOS 上的极简容器运行时和 Kubernetes
作者 | Addo Zhang 来源 | 云原生指北 Colima 是一个以最小化设置来在MacOS上运行容器运行时和 Kubernetes 的工具.支持 m1,同样也支持 Linux. Colima ...
- macOS上的汇编入门(四)——操作系统基础
当我们学习汇编的时候,除了数学基础以及硬件基础以外,操作系统的基础也是一个至关重要的环节.汇编语言本质上就是机器码的human-readable的版本,而硬件相同,则同一个程序的机器码一定相同.那么我 ...
- Bash基础:在MacOS上确认版本与升级Bash的方法
这篇文章记录一下在MacOS上Bash版本的确认和升级方法. 目录 事前确认 版本确认 当前稳定版本确认 更新BASH 事前确认 由于MacOS在新版中已经开始使用zsh作为缺省shell,首先需要确 ...
- Kubernetes基础入门(完整版)
简介 Kubernetes这个名字源于希腊语,意为"舵手"或"飞行员".k8s这个缩写是因为k和s之间有八个字符.Google在 2014年开源了Kuberne ...
- Kubernetes基础详解
1. Kubernetes介绍 1.1 应用部署方式演变 在部署应用程序的方式上,主要经历了三个时代: 传统部署:互联网早期,会直接将应用程序部署在物理机上 优点:简单,不需要其它技术的参与 缺点:不 ...
- Kubernetes基础组件概述
本文讲的是Kubernetes基础组件概述[编者的话]最近总有同学问Kubernetes中的各个组件的相关问题,其实这些概念内容在官方文档中都有,奈何我们有些同学可能英文不好,又或者懒得去看,又或者没 ...
- kubernetes基础介绍及kubectl常用命令
kubernetes基础介绍及kubectl常用命令 k8s的pod分类 自主式pod 控制器管理的pod 核心主键 HPA service 网络模型 同节点Pod之间的通信 不同节点上的Pod通信 ...
最新文章
- STM32 中malloc实际调用
- Android Hanlder综合
- 关于内层DIV设置margin-top不起作用的解决方案
- 微信红包随机生成算法(PHP版)
- 小心错误使用EasyUI 让网站性能减半
- 【剑指offer】Java版代码(完整版)
- Android 编程下 ListView 的 HeaderView 和 FooterView 不可选择点击
- MSP430G2553电子时钟实验
- latex 图片缩小指定比例
- MySQL规范「索引规范」码出高效,码出质量 - 第399篇
- 汇编版|电子印章在各类业务文件中的应用
- 十大著名黑客-----凯文-米特尼克
- wep破解——模拟chopchop攻击
- Android WebView 视频播放,全屏按钮不显示或灰显解决方案
- PMEdit一个富文本框可以编辑文本、并可以显示GIF动画
- Entering emergency mode. Exit the shell to continue
- 2013年第十九届全国青少年信息学奥林匹克联赛初赛
- 成像系统分辨率的理论
- 1、 赛灵思-Zynq UltraScale+ MPSoCs:产品简介
- Python 将日志输出到控制台,写入文件,根据不同日志级别打印不同颜色的日志