侧边栏壁纸
博主头像
往事随风博主等级

当你感到悲哀痛苦时,最好是去学些什么东西。学习会使你永远立于不败之地!

  • 累计撰写 16 篇文章
  • 累计创建 6 个标签
  • 累计收到 1 条评论
标签搜索

目 录CONTENT

文章目录

K8s中部署并使用Dashboard

往事随风
2023-01-05 / 0 评论 / 0 点赞 / 125 阅读 / 796 字 / 正在检测是否收录...

下载dashboard文件

去github地址:https://github.com/kubernetes/dashboard/releases/,
下载dashboard的recommended.yaml文件,

下载的时候需要看下版本是否完全支持
image-1672899938270

执行

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml

执行成功之后,修改一下服务

kubectl edit services -n kubernetes-dashboard kubernetes-dashboard

    port: 443
    protocol: TCP
    targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard
  sessionAffinity: None
  type: ClusterIP  #修改为NodePort

查看状态

[root@k8s-master-01 dashboard]# kubectl get pods,svc -n kubernetes-dashboard -o wide
NAME                                             READY   STATUS    RESTARTS   AGE     IP             NODE          NOMINATED NODE   READINESS GATES
pod/dashboard-metrics-scraper-6f669b9c9b-jjwst   1/1     Running   0          4h36m   10.244.1.141   k8s-node-02   <none>           <none>
pod/kubernetes-dashboard-758765f476-8n779        1/1     Running   0          4h36m   10.244.1.140   k8s-node-02   <none>           <none>

NAME                                TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE     SELECTOR
service/dashboard-metrics-scraper   ClusterIP   10.106.9.206    <none>        8000/TCP        4h36m   k8s-app=dashboard-metrics-scraper
service/kubernetes-dashboard        NodePort    10.104.157.64   <none>        443:30005/TCP   4h36m   k8s-app=kubernetes-dashboard

访问https://192.168.10.11:30005/,注意必须是https不然不能访问

登录

通过Token令牌访问

获取Token令牌
执行如下命令,创建一个ServiceAccount用户dashboard-admin:

kubectl create serviceaccount dashboard-admin -n kube-system

然后将dashboard-admin用户与角色绑定:

kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin

最后,查看Token令牌,执行如下组合命令:

[root@k8s-master-01 dashboard]# kubectl get secrets -n kubernetes-dashboard | grep dashboard-admin

dashboard-admin-token-q6fjc        kubernetes.io/service-account-token   3      4h38m

[root@k8s-master-01 dashboard]# kubectl describe secrets dashboard-admin-token-q6fjc  -n kubernetes-dashboard
Name:         dashboard-admin-token-q6fjc
Namespace:    kubernetes-dashboard
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: dashboard-admin
              kubernetes.io/service-account.uid: 0663a297-3546-4508-9f6b-cdb9f5b142a7

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1099 bytes
namespace:  20 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6Ik9IWWxrZTdTNXozV1BlZGd5ZlduOVZaaUdvQlJPXzJqOTBUNjJPbnZZMjgifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tcTZmamMiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiMDY2M2EyOTctMzU0Ni00NTA4LTlmNmItY2RiOWY1YjE0MmE3Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmVybmV0ZXMtZGFzaGJvYXJkOmRhc2hib2FyZC1hZG1pbiJ9.BIBV9ee9-3NR5CxANisF7OfYRe8k7ai_tJFzAM8QoWYbMoOjZE4LgdciM_cE2o_7J1DXYgYcc1vO1l7DM-1V9clvaoOXagoYHie379y3hVokmPXBByXxpX_M6P8t4WiNTkUu7F_c5WWTYr1Enlm25jWBzLJlcdcsPsirlXXtlVT15wDOXcgzeWrzumMSV3q_RWWAINLvxXzt-o_rvs94cnV_XyHIzvb2d9XfThYpTNKAadFbt7qwVYBeW_rBRegqi6nMF3N078ZRaSAvEpgQjNOKrpbEfxfuU16rmHik7YekUXPxzV4FKJ0TwwqaAzDzRJQygnguOAgagJBINFp4Ig

将查询到的token部分复制粘贴到“输入Token”
image-1672900542491

然后就登录成功了
image-1672900602021

安装监控组件

默认k8s集群不带监控组件,heapster从1.11版本开始逐渐废弃,替代品为新的组件metrics-server

下载此文件https://github.com/kubernetes-sigs/metrics-server/releases

wget  https://github.com/kubernetes-sigs/metrics-server/releases/download/v0.6.2/components.yaml

修改一下文件components.yaml

    spec:
      containers:
      - args:
        - --cert-dir=/tmp
        - --secure-port=4443
        #设定不验证tls
        - --kubelet-insecure-tls
        - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
        - --kubelet-use-node-status-port
        - --metric-resolution=15s
        #image: k8s.gcr.io/metrics-server/metrics-server:v0.6.1
        #默认的k8s.gcr.io我们是访问不到的,需要修改成国内的
        image: registry.cn-guangzhou.aliyuncs.com/k8s-hxg/metrics-server:v0.6.1
        imagePullPolicy: IfNotPresent

执行安装

kubectl apply -f components.yaml 
serviceaccount/metrics-server created
clusterrole.rbac.authorization.k8s.io/system:aggregated-metrics-reader created
clusterrole.rbac.authorization.k8s.io/system:metrics-server created
rolebinding.rbac.authorization.k8s.io/metrics-server-auth-reader created
clusterrolebinding.rbac.authorization.k8s.io/metrics-server:system:auth-delegator created
clusterrolebinding.rbac.authorization.k8s.io/system:metrics-server created
service/metrics-server created
deployment.apps/metrics-server created
apiservice.apiregistration.k8s.io/v1beta1.metrics.k8s.io created

#查看pod状态

[root@k8s-master-01 pki]# kubectl -n kube-system get pod | grep metrics
metrics-server-75cbbdf6b5-dv6kg         1/1     Running   0              31m

然后,就可以查看各个组件的资源使用信息了

[root@k8s-master-01 pki]# kubectl top node
NAME            CPU(cores)   CPU%   MEMORY(bytes)   MEMORY%
k8s-master-01   168m         8%     1955Mi          53%
k8s-node-01     114m         5%     4500Mi          122%
k8s-node-02     55m          2%     1229Mi          33%
k8s-node-03     88m          4%     561Mi           15%

image-1672901262661

参考文档:https://www.cnblogs.com/guangdelw/p/16970575.html

0

评论区