在 https://github.com/kubernetes/dashboard/releases?after=v2.0.0-rc5 里查看K8s对应版本信息,我安装的是v2.0.0-rc3 版本,先下载 https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-rc3/aio/deploy/recommended.yaml 推荐配置,打开 recommended.yaml 文件,把下面几行注释掉
# apiVersion: v1
# kind: Secret
# metadata:
# labels:
# k8s-app: kubernetes-dashboard
# name: kubernetes-dashboard-certs
# namespace: kubernetes-dashboard
# type: Opaque
保存后执行
kubectl apply -f recommended.yaml
生成证书请求的key
openssl genrsa -out dashboard.key 2048
生成证书请求
openssl req -days 3650 -new -out dashboard.csr -key dashboard.key -subj '/CN=**主节点IP**'
生成自签证书
openssl x509 -req -in dashboard.csr -signkey dashboard.key -out dashboard.crt
创建与KubernetesDashboard 部署文件中同名的secret
kubectl create secret generic kubernetes-dashboard-certs --from-file=dashboard.key --from-file=dashboard.crt -n kubernetes-dashboard
kubernetes-dashbaord安装完毕后,kubernetes-dashboard默认service的类型为ClusterIP,为了从外部访问控制面板,开放为NodePort类型
kubectl edit svc kubernetes-dashboard -n kubernetes-dashboard
直接修改type:NodePort 保存退出即可
selector:
k8s-app: kubernetes-dashboard
sessionAffinity: None
type: NodePort
status:
loadBalancer: {}