这篇博客详细介绍了k8s Dashboard的配置过程,包括yaml下载、登陆问题的解决、在nginx中的设置,以及查看服务端口、使用自定义证书、获取dashboard token、建立自签名证书等操作。同时,还涵盖了查看pod信息、文件配置的创建删除、强制删除pod以及绑定NodePort等日常管理任务。
k8s dashboard yaml 下载
# wget https://raw.githubusercontent.com/kubernetes/dashboard/v1.8.1/src/deploy/recommended/kubernetes-dashboard.yaml # 下载https版本
# wget https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/alternative/kubernetes-dashboard.yaml # 下载http版本k8s dashboard登陆报错
persistentvolumeclaims is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list persistentvolumeclaims in the namespace "default"解决
# cat kubernetes-dashboard.yaml
serviceAccountName: kubernetes-dashboard-admink8s在nginx中的配置
# cat nginx.conf
# k8s test proxy.
location /k8s/ {
proxy_pass https://192.168.x.xx:xxx;
rewrite ^/k8s/(.*) /$1 break; #不要忘记重定向
access_log logs/k8stest.access.log main;
}查看服务端口
# kubectl get service --all-namespaces使用自定义的cert
# kubectl create secret generic kubernetes-dashboard-certs --from-file=/home/k8s/certs -n kube-system # certs 是目录查看k8s dashuboard的token
# kubectl -n kube-system get secret | grep admin
# kubectl describe -n kube-system secret/kubernetes-dashboard-admin-token-xxxxxk8s 建立自签名
openssl genrsa -des3 -passout pass:x -out dashboard.pass.key 2048
openssl rsa -passin pass:x -in dashboard.pass.key -out dashboard.key
rm dashboard.pass.key
openssl req -new -key dashboard.key -out dashboard.csr
openssl x509 -req -sha256 -days 365 -in dashboard.csr -signkey dashboard.key -out dashboard.crt查看pod信息
# kubectl get pod -n default -o wide # -n namespace 创建删除文件配置
kubectl create/delete -f kube.XXX.yaml强制删除pod
# kubectl delete pod --grace-period=0 --force -n default podxxxxx绑定nodeport
# cat kubernetes-dashboard.yaml
spec:
type: NodePort # 使用nodeport
ports:
- port: 80
targetPort: 9090
nodePort: 31XXX
selector:
k8s-app: kubernetes-dashboard
扫一扫
3129
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
