通過上一篇文章“Kubernetes二進制安裝之Node節點部署”的詳細安裝過程,我們詳細的瞭解了Kubernetes的kubelet的工作原理以及詳細的配置過程,通過上一期的講解一個mini的Kubernetes集群以及部署起來了。那麼,集群的整個部署情況如何查看呢?一種方法是通過命令行工具kubectl,另一種方法是通過Dashboard Web UI。那麼今天我們就來詳細看看Dashboard的安裝過程。
下面我們介紹下詳細的安裝步驟。
步驟一:準備Kubernetes Dashboard yaml文件
由於Kubernetes是一個開源的容器調度框架,所以它的所有組件在網絡上均能夠找到源碼,同樣dashboard的yaml文件我們也可以從網絡上下載。
curl -o kubernetes-dashboard.yaml https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended/kubernetes-dashboard.yaml
查看yaml文件
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# ------------------- Dashboard Secrets ------------------- #
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-certs
namespace: kube-system
type: Opaque
---
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-csrf
namespace: kube-system
type: Opaque
data:
csrf: ""
---
# ------------------- Dashboard Service Account ------------------- #
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
---
# ------------------- Dashboard Role & Role Binding ------------------- #
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kubernetes-dashboard-minimal
namespace: kube-system
rules:
# Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret.
- apiGroups: [""]
resources: ["secrets"]
verbs: ["create"]
# Allow Dashboard to create 'kubernetes-dashboard-settings' config map.
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["create"]
# Allow Dashboard to get, update and delete Dashboard exclusive secrets.
- apiGroups: [""]
resources: ["secrets"]
resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"]
verbs: ["get", "update", "delete"]
# Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
- apiGroups: [""]
resources: ["configmaps"]
resourceNames: ["kubernetes-dashboard-settings"]
verbs: ["get", "update"]
# Allow Dashboard to get metrics from heapster.
- apiGroups: [""]
resources: ["services"]
resourceNames: ["heapster"]
verbs: ["proxy"]
- apiGroups: [""]
resources: ["services/proxy"]
resourceNames: ["heapster", "http:heapster:", "https:heapster:"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: kubernetes-dashboard-minimal
namespace: kube-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kubernetes-dashboard-minimal
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kube-system
---
# ------------------- Dashboard Deployment ------------------- #
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
spec:
containers:
- name: kubernetes-dashboard
image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1
ports:
- containerPort: 8443
protocol: TCP
args:
- --auto-generate-certificates
# Uncomment the following line to manually specify Kubernetes API server Host
# If not specified, Dashboard will attempt to auto discover the API server and connect
# to it. Uncomment only if the default does not work.
# - --apiserver-host=http://my-address:port
volumeMounts:
- name: kubernetes-dashboard-certs
mountPath: /certs
# Create on-disk volume to store exec logs
- mountPath: /tmp
name: tmp-volume
livenessProbe:
httpGet:
scheme: HTTPS
path: /
port: 8443
initialDelaySeconds: 30
timeoutSeconds: 30
volumes:
- name: kubernetes-dashboard-certs
secret:
secretName: kubernetes-dashboard-certs
- name: tmp-volume
emptyDir: {}
serviceAccountName: kubernetes-dashboard
# Comment the following tolerations if Dashboard must not be deployed on master
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
---
# ------------------- Dashboard Service ------------------- #
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
ports:
- port: 443
targetPort: 8443
selector:
k8s-app: kubernetes-dashboard
下載yaml文件後,我們需要修改下yaml文件,需要指定我們的api server的IP地址和端口好,修改內容如下:
步驟二:部署Kubernetes Dashboard
下面我們通過命令行kubectl部署Dashboard Web UI
kubectl apply -f kubernetes-dashboard.yaml
通過執行上述命令可以看到Dashboard已經部署完成了。
步驟三:查看Dashboard Pod,Service的部署情況
我們還是通過命令行來完成這些操作
kubectl get pod,service,endpoints --all-namespaces
可以看到,Dashboard的service,pod都工作正常。
步驟四:通過瀏覽器訪問Dashboard Web UI
因為我們部署的是4節點集群,至於dashboard被調度到哪個Node節點運行由Kubernetes kube-scheduler決定,所以我們通過Kubernetes的proxy來訪問dashboard web UI
kubectl proxy --address='0.0.0.0' --disable-filter=true
在瀏覽器地址欄輸入master節點的IP地址:
http://10.0.0.10:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/#!/login
出現上面的界面說明我們可以訪問dashboard web UI了。我們點擊“跳過”。
通過上面的圖片我們可以看到Kunernetes的許多信息。點擊左邊的標籤,可以展示不同的信息。
到此,Kubernetes Dashboard Web UI已經部署完成了,整個部署過程都是通過kubectl命令行完成,通過yaml定義dashboard的service和pod信息,可以看到整個部署過程相對來說還是比較簡單的。通過Dashboard Web UI我們可以查看我們Kubernetes集群的整個詳細信息。
參考:
https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/
文章如有不妥之處,歡迎指正!謝謝!
分享到:
閱讀更多 雲計算AND容器技術 的文章
