部署Dashboard图形界面控制docker集群
一.dashboard介绍
Dashboard是基于网页的Kuberbetes用户界面,可以使用Dashboard将容器应用部署到Kubernetes集群中,也可以使用对容器应用排错,还能管理集群资源,可以使用Dashboard获取或者修改Kubernetes资源(如Deployment,Job,DaemonSet等等)
Dashboard同时展示了Kubernetes集群中的资源状态信息和所有报错
官网:https://github.com/kubernetes/dashboard
二.dashboard安装
1.上传镜像到私有仓库
# 上传 dashboard 镜像 [root@master dashboard]# docker load -i dashboard.tar.gz [root@master dashboard]# docker tag kubernetesui/dashboard:v2.0.0 192.168.1.100:5000/dashboard:v2.0.0 [root@master dashboard]# docker push 192.168.1.100:5000/dashboard:v2.0.0 # 上传 metrics-scraper 镜像 [root@master dashboard]# docker load -i metrics-scraper.tar.gz [root@master dashboard]# docker tag kubernetesui/metrics-scraper:v1.0.4 192.168.1.100:5000/metrics-scraper:v1.0.4 [root@master dashboard]# docker push 192.168.1.100:5000/metrics-scraper:v1.0.4
2.安装发布服务
[root@master dashboard]# vim recommended.yaml# 190 行修改为image: 192.168.1.100:5000/dashboard:v2.0.0# 274 行修改为image: 192.168.1.100:5000/metrics-scraper:v1.0.4 [root@master dashboard]# kubectl apply -f recommended.yaml
cat recommended.yaml # Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License.apiVersion: v1 kind: Namespace metadata:name: kubernetes-dashboard---apiVersion: v1 kind: ServiceAccount metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard---kind: Service apiVersion: v1 metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard spec:ports:- port: 443targetPort: 8443selector:k8s-app: kubernetes-dashboard---apiVersion: v1 kind: Secret metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-certsnamespace: kubernetes-dashboard type: Opaque---apiVersion: v1 kind: Secret metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-csrfnamespace: kubernetes-dashboard type: Opaque data:csrf: ""---apiVersion: v1 kind: Secret metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-key-holdernamespace: kubernetes-dashboard type: Opaque---kind: ConfigMap apiVersion: v1 metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-settingsnamespace: kubernetes-dashboard---kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard rules:# Allow Dashboard to get, update and delete Dashboard exclusive secrets.- apiGroups: [""]resources: ["secrets"]resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"]verbs: ["get", "update", "delete"]# Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.- apiGroups: [""]resources: ["configmaps"]resourceNames: ["kubernetes-dashboard-settings"]verbs: ["get", "update"]# Allow Dashboard to get metrics.- apiGroups: [""]resources: ["services"]resourceNames: ["heapster", "dashboard-metrics-scraper"]verbs: ["proxy"]- apiGroups: [""]resources: ["services/proxy"]resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"]verbs: ["get"]---kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard rules:# Allow Metrics Scraper to get metrics from the Metrics server- apiGroups: ["metrics.k8s.io"]resources: ["pods", "nodes"]verbs: ["get", "list", "watch"]---apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard roleRef:apiGroup: rbac.authorization.k8s.iokind: Rolename: kubernetes-dashboard subjects:- kind: ServiceAccountname: kubernetes-dashboardnamespace: kubernetes-dashboard---apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata:name: kubernetes-dashboard roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: kubernetes-dashboard subjects:- kind: ServiceAccountname: kubernetes-dashboardnamespace: kubernetes-dashboard---kind: Deployment apiVersion: apps/v1 metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard spec:replicas: 1revisionHistoryLimit: 10selector:matchLabels:k8s-app: kubernetes-dashboardtemplate:metadata:labels:k8s-app: kubernetes-dashboardspec:containers:- name: kubernetes-dashboardimage: 192.168.1.100:5000/dashboard:v2.0.0imagePullPolicy: Alwaysports:- containerPort: 8443protocol: TCPargs:- --auto-generate-certificates- --namespace=kubernetes-dashboard# Uncomment the following line to manually specify Kubernetes API server Host# If not specified, Dashboard will attempt to auto discover the API server and connect# to it. Uncomment only if the default does not work.# - --apiserver-host=http://my-address:portvolumeMounts:- name: kubernetes-dashboard-certsmountPath: /certs# Create on-disk volume to store exec logs- mountPath: /tmpname: tmp-volumelivenessProbe:httpGet:scheme: HTTPSpath: /port: 8443initialDelaySeconds: 30timeoutSeconds: 30securityContext:allowPrivilegeEscalation: falsereadOnlyRootFilesystem: truerunAsUser: 1001runAsGroup: 2001volumes:- name: kubernetes-dashboard-certssecret:secretName: kubernetes-dashboard-certs- name: tmp-volumeemptyDir: {}serviceAccountName: kubernetes-dashboardnodeSelector:"kubernetes.io/os": linux# Comment the following tolerations if Dashboard must not be deployed on mastertolerations:- key: node-role.kubernetes.io/mastereffect: NoSchedule---kind: Service apiVersion: v1 metadata:labels:k8s-app: dashboard-metrics-scrapername: dashboard-metrics-scrapernamespace: kubernetes-dashboard spec:ports:- port: 8000targetPort: 8000selector:k8s-app: dashboard-metrics-scraper---kind: Deployment apiVersion: apps/v1 metadata:labels:k8s-app: dashboard-metrics-scrapername: dashboard-metrics-scrapernamespace: kubernetes-dashboard spec:replicas: 1revisionHistoryLimit: 10selector:matchLabels:k8s-app: dashboard-metrics-scrapertemplate:metadata:labels:k8s-app: dashboard-metrics-scraperannotations:seccomp.security.alpha.kubernetes.io/pod: 'runtime/default'spec:containers:- name: dashboard-metrics-scraperimage: 192.168.1.100:5000/metrics-scraper:v1.0.4ports:- containerPort: 8000protocol: TCPlivenessProbe:httpGet:scheme: HTTPpath: /port: 8000initialDelaySeconds: 30timeoutSeconds: 30volumeMounts:- mountPath: /tmpname: tmp-volumesecurityContext:allowPrivilegeEscalation: falsereadOnlyRootFilesystem: truerunAsUser: 1001runAsGroup: 2001serviceAccountName: kubernetes-dashboardnodeSelector:"kubernetes.io/os": linux# Comment the following tolerations if Dashboard must not be deployed on mastertolerations:- key: node-role.kubernetes.io/mastereffect: NoSchedulevolumes:- name: tmp-volumeemptyDir: {}
# ---------------------------------- 查询验证 --------------------------------------
[root@master dashboard]# kubectl -n kubernetes-dashboard get pod NAME READY STATUS RESTARTS AGE dashboard-metrics-scraper-57bf85fcc9-vsz74 1/1 Running 0 52s kubernetes-dashboard-7b7f78bcf9-5k8vq 1/1 Running 0 52s [root@master dashboard]# kubectl -n kubernetes-dashboard get service NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) dashboard-metrics-scraper ClusterIP 10.254.76.85 <none> 8000/TCP kubernetes-dashboard ClusterIP 10.254.211.125 <none> 443/TCP
# ---------------------------------- 对外发布服务 -----------------------------------
[root@master dashboard]# vim service.yaml --- kind: Service apiVersion: v1 metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard spec:ports:- port: 443nodePort: 30443 # 新添加targetPort: 8443selector:k8s-app: kubernetes-dashboardtype: NodePort # 新添加
[root@master dashboard]# kubectl apply -f service.yaml service/kubernetes-dashboard configured [root@master dashboard]# kubectl -n kubernetes-dashboard get service NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE dashboard-metrics-scraper ClusterIP 10.254.66.25 <none> 8000/TCP 2m6s kubernetes-dashboard NodePort 10.254.165.155 <none> 443:30443/TCP 2m6s [root@master dashboard]#
在华为云上为 node 节点绑定弹性公网IP [ https://弹性公网IP:30443/ ]
3.token认证登录
[root@master dashboard]# cat admin-token.yaml --- apiVersion: v1 kind: ServiceAccount metadata:name: admin-usernamespace: kubernetes-dashboard --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata:name: admin-user roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: cluster-admin subjects: - kind: ServiceAccountname: admin-usernamespace: kubernetes-dashboard [root@master dashboard]# kubectl apply -f admin-token.yaml serviceaccount/admin-user created clusterrolebinding.rbac.authorization.k8s.io/admin-user created
[root@master dashboard]# kubectl apply -f admin-token.yaml [root@master ~]# kubectl -n kubernetes-dashboard get secrets NAME TYPE DATA AGE admin-user-token-bxjlz kubernetes.io/service-account-token 3 23s [root@master ~]# kubectl -n kubernetes-dashboard describe secrets admin-user-token-bxjlz Name: admin-user-token-bxjlz ... ... ca.crt: 1025 bytes namespace: 20 bytes token: 这里这个很长的字符串就是你要找的认证 token
使用获取的 token 登录,通过 web 页面访问即可
部署Dashboard图形界面控制docker集群相关推荐
- 【云原生】Docker集群部署MinIO
MinIO 是全球领先的对象存储先锋,目前在全世界有数百万的用户. 在标准硬件上,读/写速度上高达183 GB / 秒 和 171 GB / 秒. 对象存储可以充当主存储层,以处理Spark.Pres ...
- Docker实战 (docker swarm的应用,docker集群的构建,在docker集群中部署服务)
Docker实战 ----docker swarm的应用,docker集群的构建,在docker集群中部署服务 转载来源:https://blog.csdn.net/No_red/article/de ...
- 基于Gitlab Jenkins Docker集群 微服务搭建自动化部署平台
随着公司应用系统的不断增多,原有手工部署流程越来越不满足上线的需求.为了各个系统能快速迭代与测试,减少上线流程时间和人为出错,迫切需要一套自动化部署系统. 转载原文:https://luoji.liv ...
- docker实战2 (docker swarm的应用,docker集群的构建,在docker集群中部署服务的创建与更新)
前言: 在之前曾写过一个关于docker集群创建的教程,但是不够深入,只是停留到集群的初始化和节点加入上,这次具体到服务,并详细讲解其中的原理.而且总结了很多自己做的过程中所踩过的很多坑(比如镜像的d ...
- SpringBoot + maven + Jenkins + docker 实现docker集群一键自动化部署
整体可分为以下几个步骤: 1,创建springboot项目 2,搭建docker私服库 3,build镜像并上传到私服库 4,搭建docker swarm集群 5,搭建jenkins并构建部署 演示系 ...
- 部署Consul建立Docker集群
部署Consul建立Docker集群 架构图 1.什么是consul 2.consul-template说明 3.registrator的作用 4.部署 ②.容器服务自动加入nginx集群 ③.服务端 ...
- docker集群_使用Docker,Chef和Amazon OpsWorks进行集群范围的Java / Scala应用程序部署...
docker集群 Docker非常适合在单个节点上运行隔离的容器. 但是,大多数软件系统都在多个节点上运行,因此,除了Docker之外,我们还需要某种方法来指定哪些容器应在哪些节点上运行. 我要解决的 ...
- docker集群部署:第3部分:服务
docker集群部署:第3部分:服务 介绍 在第3部分中,我们将扩展应用程序并实现负载平衡. 关于服务 在分布式应用程序中,应用程序的不同部分被称为"服务".例如,一个视频共享站点 ...
- Docker 进阶,Docker 集群部署
Docker 集群 Docker Compose 简介 DockerFile build run 手动操作,单个容器! 如果是微服务,100个微服务!各种依赖关系 Docker Compose 可以轻 ...
最新文章
- LeetCode简单题之交替合并字符串
- Ambari安装之部署 (Metrics Collector和 Metrics Monitor) Install Pending ...问题
- 路由器发展编年史 完结篇
- 全球及中国家电用PET薄膜涂层钢卷市场前景形势与未来竞争规模展望报告2022版
- java 一些容易忽视的小点-类和对象
- spring的jdbcTemplate的多数据源的配置,springboot的jdbcTemplate的多数据源的配置
- php calendar,php编译安装calendar扩展模块
- 攻防世界 pwn 二进制漏洞简单题练习区 答题(1-10题解)
- 倒立摆源代码仿真matlab/simulink神经网络PID(模糊)控制校正LQR 神经网络 倒立摆控制 倒立摆LQR控制仿真 单级倒立摆的模糊控制 旋转倒立摆
- 苹果「Find My iPhone」立功,帮警察追踪偷车嫌犯
- JS 数组 按个数进行分组
- 虚拟机vm介绍及虚拟机常见操作
- linux解压带密码zip,linux下解压有密码的rar压缩包的方法
- android 5 投射屏幕,从手机投射屏幕到电视的5种方法
- 全国青少年编程等级考试python一级真题2020年12月(含题库答题软件账号)
- coc跑团san数值规则_从新手到入门但其实没有入门的coc跑团教程---pl篇
- 本体李俊|区块链的实际业务场景需要哪些技术模块?
- 八一钢铁:宝钢入主,中报业绩大幅增长
- GCP认证考试之Storage专题
- Apache Torque连接多个数据库及其使用