一.dashboard介绍

Dashboard是基于网页的Kuberbetes用户界面，可以使用Dashboard将容器应用部署到Kubernetes集群中，也可以使用对容器应用排错，还能管理集群资源，可以使用Dashboard获取或者修改Kubernetes资源（如Deployment，Job，DaemonSet等等）

Dashboard同时展示了Kubernetes集群中的资源状态信息和所有报错

官网:https://github.com/kubernetes/dashboard

二.dashboard安装

1.上传镜像到私有仓库

# 上传 dashboard 镜像
[root@master dashboard]# docker load -i dashboard.tar.gz
[root@master dashboard]# docker tag kubernetesui/dashboard:v2.0.0 192.168.1.100:5000/dashboard:v2.0.0
[root@master dashboard]# docker push 192.168.1.100:5000/dashboard:v2.0.0
# 上传 metrics-scraper 镜像
[root@master dashboard]# docker load -i metrics-scraper.tar.gz
[root@master dashboard]# docker tag kubernetesui/metrics-scraper:v1.0.4 192.168.1.100:5000/metrics-scraper:v1.0.4
[root@master dashboard]# docker push 192.168.1.100:5000/metrics-scraper:v1.0.4

2.安装发布服务

[root@master dashboard]# vim recommended.yaml# 190 行修改为image: 192.168.1.100:5000/dashboard:v2.0.0# 274 行修改为image: 192.168.1.100:5000/metrics-scraper:v1.0.4
[root@master dashboard]# kubectl apply -f recommended.yaml

 cat recommended.yaml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.apiVersion: v1
kind: Namespace
metadata:name: kubernetes-dashboard---apiVersion: v1
kind: ServiceAccount
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard---kind: Service
apiVersion: v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard
spec:ports:- port: 443targetPort: 8443selector:k8s-app: kubernetes-dashboard---apiVersion: v1
kind: Secret
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-certsnamespace: kubernetes-dashboard
type: Opaque---apiVersion: v1
kind: Secret
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-csrfnamespace: kubernetes-dashboard
type: Opaque
data:csrf: ""---apiVersion: v1
kind: Secret
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-key-holdernamespace: kubernetes-dashboard
type: Opaque---kind: ConfigMap
apiVersion: v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard-settingsnamespace: kubernetes-dashboard---kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard
rules:# Allow Dashboard to get, update and delete Dashboard exclusive secrets.- apiGroups: [""]resources: ["secrets"]resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"]verbs: ["get", "update", "delete"]# Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.- apiGroups: [""]resources: ["configmaps"]resourceNames: ["kubernetes-dashboard-settings"]verbs: ["get", "update"]# Allow Dashboard to get metrics.- apiGroups: [""]resources: ["services"]resourceNames: ["heapster", "dashboard-metrics-scraper"]verbs: ["proxy"]- apiGroups: [""]resources: ["services/proxy"]resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"]verbs: ["get"]---kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboard
rules:# Allow Metrics Scraper to get metrics from the Metrics server- apiGroups: ["metrics.k8s.io"]resources: ["pods", "nodes"]verbs: ["get", "list", "watch"]---apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard
roleRef:apiGroup: rbac.authorization.k8s.iokind: Rolename: kubernetes-dashboard
subjects:- kind: ServiceAccountname: kubernetes-dashboardnamespace: kubernetes-dashboard---apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:name: kubernetes-dashboard
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: kubernetes-dashboard
subjects:- kind: ServiceAccountname: kubernetes-dashboardnamespace: kubernetes-dashboard---kind: Deployment
apiVersion: apps/v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard
spec:replicas: 1revisionHistoryLimit: 10selector:matchLabels:k8s-app: kubernetes-dashboardtemplate:metadata:labels:k8s-app: kubernetes-dashboardspec:containers:- name: kubernetes-dashboardimage: 192.168.1.100:5000/dashboard:v2.0.0imagePullPolicy: Alwaysports:- containerPort: 8443protocol: TCPargs:- --auto-generate-certificates- --namespace=kubernetes-dashboard# Uncomment the following line to manually specify Kubernetes API server Host# If not specified, Dashboard will attempt to auto discover the API server and connect# to it. Uncomment only if the default does not work.# - --apiserver-host=http://my-address:portvolumeMounts:- name: kubernetes-dashboard-certsmountPath: /certs# Create on-disk volume to store exec logs- mountPath: /tmpname: tmp-volumelivenessProbe:httpGet:scheme: HTTPSpath: /port: 8443initialDelaySeconds: 30timeoutSeconds: 30securityContext:allowPrivilegeEscalation: falsereadOnlyRootFilesystem: truerunAsUser: 1001runAsGroup: 2001volumes:- name: kubernetes-dashboard-certssecret:secretName: kubernetes-dashboard-certs- name: tmp-volumeemptyDir: {}serviceAccountName: kubernetes-dashboardnodeSelector:"kubernetes.io/os": linux# Comment the following tolerations if Dashboard must not be deployed on mastertolerations:- key: node-role.kubernetes.io/mastereffect: NoSchedule---kind: Service
apiVersion: v1
metadata:labels:k8s-app: dashboard-metrics-scrapername: dashboard-metrics-scrapernamespace: kubernetes-dashboard
spec:ports:- port: 8000targetPort: 8000selector:k8s-app: dashboard-metrics-scraper---kind: Deployment
apiVersion: apps/v1
metadata:labels:k8s-app: dashboard-metrics-scrapername: dashboard-metrics-scrapernamespace: kubernetes-dashboard
spec:replicas: 1revisionHistoryLimit: 10selector:matchLabels:k8s-app: dashboard-metrics-scrapertemplate:metadata:labels:k8s-app: dashboard-metrics-scraperannotations:seccomp.security.alpha.kubernetes.io/pod: 'runtime/default'spec:containers:- name: dashboard-metrics-scraperimage: 192.168.1.100:5000/metrics-scraper:v1.0.4ports:- containerPort: 8000protocol: TCPlivenessProbe:httpGet:scheme: HTTPpath: /port: 8000initialDelaySeconds: 30timeoutSeconds: 30volumeMounts:- mountPath: /tmpname: tmp-volumesecurityContext:allowPrivilegeEscalation: falsereadOnlyRootFilesystem: truerunAsUser: 1001runAsGroup: 2001serviceAccountName: kubernetes-dashboardnodeSelector:"kubernetes.io/os": linux# Comment the following tolerations if Dashboard must not be deployed on mastertolerations:- key: node-role.kubernetes.io/mastereffect: NoSchedulevolumes:- name: tmp-volumeemptyDir: {}

# ---------------------------------- 查询验证 --------------------------------------

[root@master dashboard]# kubectl -n kubernetes-dashboard get pod
NAME                                         READY   STATUS    RESTARTS   AGE
dashboard-metrics-scraper-57bf85fcc9-vsz74   1/1     Running   0          52s
kubernetes-dashboard-7b7f78bcf9-5k8vq        1/1     Running   0          52s
[root@master dashboard]# kubectl -n kubernetes-dashboard get service
NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)
dashboard-metrics-scraper   ClusterIP   10.254.76.85     <none>        8000/TCP
kubernetes-dashboard        ClusterIP   10.254.211.125   <none>        443/TCP

# ---------------------------------- 对外发布服务 -----------------------------------

[root@master dashboard]# vim service.yaml
---
kind: Service
apiVersion: v1
metadata:labels:k8s-app: kubernetes-dashboardname: kubernetes-dashboardnamespace: kubernetes-dashboard
spec:ports:- port: 443nodePort: 30443                # 新添加targetPort: 8443selector:k8s-app: kubernetes-dashboardtype: NodePort                     # 新添加

[root@master dashboard]# kubectl apply -f service.yaml
service/kubernetes-dashboard configured
[root@master dashboard]# kubectl -n kubernetes-dashboard get service
NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)         AGE
dashboard-metrics-scraper   ClusterIP   10.254.66.25     <none>        8000/TCP        2m6s
kubernetes-dashboard        NodePort    10.254.165.155   <none>        443:30443/TCP   2m6s
[root@master dashboard]#

在华为云上为 node 节点绑定弹性公网IP [ https://弹性公网IP:30443/ ]

3.token认证登录

[root@master dashboard]# cat admin-token.yaml
---
apiVersion: v1
kind: ServiceAccount
metadata:name: admin-usernamespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:name: admin-user
roleRef:apiGroup: rbac.authorization.k8s.iokind: ClusterRolename: cluster-admin
subjects:
- kind: ServiceAccountname: admin-usernamespace: kubernetes-dashboard
[root@master dashboard]# kubectl apply -f admin-token.yaml
serviceaccount/admin-user created
clusterrolebinding.rbac.authorization.k8s.io/admin-user created

[root@master dashboard]# kubectl apply -f admin-token.yaml
[root@master ~]# kubectl -n kubernetes-dashboard get secrets
NAME                               TYPE                                  DATA   AGE
admin-user-token-bxjlz             kubernetes.io/service-account-token   3      23s
[root@master ~]# kubectl -n kubernetes-dashboard describe secrets admin-user-token-bxjlz
Name:         admin-user-token-bxjlz
... ...
ca.crt:     1025 bytes
namespace:  20 bytes
token:      这里这个很长的字符串就是你要找的认证 token

使用获取的 token 登录，通过 web 页面访问即可

部署Dashboard图形界面控制docker集群相关推荐

1. 【云原生】Docker集群部署MinIO

   MinIO 是全球领先的对象存储先锋,目前在全世界有数百万的用户. 在标准硬件上,读/写速度上高达183 GB / 秒 和 171 GB / 秒. 对象存储可以充当主存储层,以处理Spark.Pres ...

2. Docker实战 (docker swarm的应用，docker集群的构建，在docker集群中部署服务)

   Docker实战 ----docker swarm的应用,docker集群的构建,在docker集群中部署服务 转载来源:https://blog.csdn.net/No_red/article/de ...

3. 基于Gitlab Jenkins Docker集群 微服务搭建自动化部署平台

   随着公司应用系统的不断增多,原有手工部署流程越来越不满足上线的需求.为了各个系统能快速迭代与测试,减少上线流程时间和人为出错,迫切需要一套自动化部署系统. 转载原文:https://luoji.liv ...

4. docker实战2 (docker swarm的应用，docker集群的构建，在docker集群中部署服务的创建与更新)

   前言: 在之前曾写过一个关于docker集群创建的教程,但是不够深入,只是停留到集群的初始化和节点加入上,这次具体到服务,并详细讲解其中的原理.而且总结了很多自己做的过程中所踩过的很多坑(比如镜像的d ...

5. SpringBoot + maven + Jenkins + docker 实现docker集群一键自动化部署

   整体可分为以下几个步骤: 1,创建springboot项目 2,搭建docker私服库 3,build镜像并上传到私服库 4,搭建docker swarm集群 5,搭建jenkins并构建部署 演示系 ...

6. 部署Consul建立Docker集群

   部署Consul建立Docker集群 架构图 1.什么是consul 2.consul-template说明 3.registrator的作用 4.部署 ②.容器服务自动加入nginx集群 ③.服务端 ...

7. docker集群_使用Docker，Chef和Amazon OpsWorks进行集群范围的Java / Scala应用程序部署...

   docker集群 Docker非常适合在单个节点上运行隔离的容器. 但是,大多数软件系统都在多个节点上运行,因此,除了Docker之外,我们还需要某种方法来指定哪些容器应在哪些节点上运行. 我要解决的 ...

8. docker集群部署：第3部分：服务

   docker集群部署:第3部分:服务 介绍 在第3部分中,我们将扩展应用程序并实现负载平衡. 关于服务 在分布式应用程序中,应用程序的不同部分被称为"服务".例如,一个视频共享站点 ...

9. Docker 进阶，Docker 集群部署

   Docker 集群 Docker Compose 简介 DockerFile build run 手动操作,单个容器! 如果是微服务,100个微服务!各种依赖关系 Docker Compose 可以轻 ...

最新文章

1. LeetCode简单题之交替合并字符串
2. Ambari安装之部署 （Metrics Collector和 Metrics Monitor） Install Pending ...问题
3. 路由器发展编年史 完结篇
4. 全球及中国家电用PET薄膜涂层钢卷市场前景形势与未来竞争规模展望报告2022版
5. java 一些容易忽视的小点-类和对象
6. spring的jdbcTemplate的多数据源的配置，springboot的jdbcTemplate的多数据源的配置
7. php calendar,php编译安装calendar扩展模块
8. 攻防世界 pwn 二进制漏洞简单题练习区 答题（1-10题解）
9. 倒立摆源代码仿真matlab/simulink神经网络PID(模糊)控制校正LQR 神经网络 倒立摆控制 倒立摆LQR控制仿真 单级倒立摆的模糊控制 旋转倒立摆
10. 苹果「Find My iPhone」立功，帮警察追踪偷车嫌犯
11. JS 数组 按个数进行分组
12. 虚拟机vm介绍及虚拟机常见操作
13. linux解压带密码zip,linux下解压有密码的rar压缩包的方法
14. android 5 投射屏幕,从手机投射屏幕到电视的5种方法
15. 全国青少年编程等级考试python一级真题2020年12月（含题库答题软件账号）
16. coc跑团san数值规则_从新手到入门但其实没有入门的coc跑团教程---pl篇
17. 本体李俊｜区块链的实际业务场景需要哪些技术模块？
18. 八一钢铁：宝钢入主，中报业绩大幅增长
19. GCP认证考试之Storage专题
20. Apache Torque连接多个数据库及其使用

热门文章

1. LaTeX 笔记：NFSS 那点事儿
2. Python运行报错IndentationError: unindent does not match any outer indentation level
3. MIT自然语言处理第三讲：概率语言模型（第四、五、六部分）
4. 在茫茫人海中发现相似的你——局部敏感哈希（LSH）
5. 数字图像处理：第五章 代数运算
6. 《大话数据结构》第9章 排序 9.1 开场白
7. 微信小程序中的渐变色
8. 腾讯业务监控的修炼之路
9. 数据库的三大范式以及五大约束
10. NMM3DViewer 设计