网安装dashboard
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml
二、添加阿里云加速进行安装
vim recommended.yaml
image: kubernetesui/dashboard:v2.0.0
image: kubernetesui/metrics-scraper:v1.0.4
#改为
image: registry.cn-hangzhou.aliyuncs.com/google_containers/dashboard:v2.7.0
image: registry.cn-hangzhou.aliyuncs.com/google_containers/metrics-scraper:v1.0.8
#拉取镜像
kubectl apply -f recommended.yaml
部署报错:
ata.annotations[seccomp.security.alpha.kubernetes.io/pod]: deprecated since v1.19; use the "seccompProfile" field instead
解决方案:
将seccomp.security.alpha.kubernetes.io/pod替换为seccompProfile, 重新执行即可
[root@k8s-master ~]# kubectl get po -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-76b89847b4-6l4lm 1/1 Running 0 5s
kubernetes-dashboard-8d7f5bdb-q8zq8 1/1 Running 0 5s
三、访问dashboard
1、设置端口访问(把端口暴露到机器上方便外部访问)
kubectl edit svc kubernetes-dashboard -n kubernetes-dashboard
把ClusterIP修改为NodePort
2、验证端口设置是否成功
[root@k8s-master ~]# kubectl get svc -A | grep "kubernetes-dashboard"
kubernetes-dashboard dashboard-metrics-scraper ClusterIP 10.96.0.249 <none> 8000/TCP 7m33s
kubernetes-dashboard kubernetes-dashboard NodePort 10.96.2.78 <none> 443:31878/TCP 7m33s
1.24 版本以后的需要创建一个Pod
cat << EOF > pod1.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: pod1
name: pod1
namespace: kubernetes-dashboard
spec:
terminationGracePeriodSeconds: 0
serviceAccount: dashboard-admin
containers:
- image: registry.cn-hangzhou.aliyuncs.com/google_containers/nginx:1.14.1-8.6
imagePullPolicy: IfNotPresent
name: pod1
resources: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
status: {}
EOF
[root@k8s-master ~]# kubectl apply -f pod1.yaml
pod/pod1 created
4、创建访问账号;生成token令牌用于访问dashboard
#查看集群secret
[root@k8s-master ~]# kubectl get po -n kubernetes-dashboard
NAME READY STATUS RESTARTS AGE
dashboard-metrics-scraper-76b89847b4-6l4lm 1/1 Running 0 29m
kubernetes-dashboard-8d7f5bdb-q8zq8 1/1 Running 0 29m
pod1 1/1 Running 0 4m52s
[root@k8s-master ~]# kubectl exec -it pod1 -n kubernetes-dashboard -- cat /run/secrets/kubernetes.io/serviceaccount/token
eyJhbGciOiJSUzI1NiIsImtpZCI6IjZpT0hKbV9TcGJHSVhJSXY1R19FYmUydi1lRkF6bVVfU0twNkRfODVLR0kifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNzY3OTI3MDUwLCJpYXQiOjE3MzYzOTEwNTAsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInBvZCI6eyJuYW1lIjoicG9kMSIsInVpZCI6IjJmYTQ3ZmU5LWFhZjgtNDM0OC04MGJkLTQwMjY0MGI1NjgyOCJ9LCJzZXJ2aWNlYWNjb3VudCI6eyJuYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwidWlkIjoiMjc3OTkxNmYtYzYyMy00Y2E1LTg4MDItMjdiOTcwMDM0ZmU0In0sIndhcm5hZnRlciI6MTczNjM5NDY1N30sIm5iZiI6MTczNjM5MTA1MCwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmVybmV0ZXMtZGFzaGJvYXJkOmRhc2hib2FyZC1hZG1pbiJ9.pBVXjoSRehgk881LXGsGFNOTWR0PeHweMYW0zPyjmd10HB53sfsqx2onWV5hp2qnrJl4FI9Uik4Ivg6jmywDOcHDhMlgUmDK-UxQ87j32MzU8V94Pc77zUmJU_P8iIX2FpRWDKV_wK_dhwveb8z8IUjgIRLCgC9tReklosHjF6c8fpwdmFH89vKJLHontUGAdxkP5z3iyTo4ubipX3GCOcj5ewJHM1ny5MoCX1yS4Aw7Cn2uEl_TFhwXuNm2og3SmrL_PAhAAup2dm4riSE72ACzVsAB0e0immBd3bmZAfTR9TqaekdPhqqfUzrd5H51NDsRPGsyv6J6BT_Wrpia3w
[root@k8s-master ~]#