内容要点:
1、环境介绍
2、web界面部署
一、环境介绍:
1、此篇作为k8s群集部署的最后一步,前几步博客地址:
kubernetes二进制集群部署一——etcd存储组件、flannel网络组件部署:
在 master01上:
[root@localhost dashboard]# vim dashboard-cert.sh
cat > dashboard-csr.json <<EOF
{
“CN”: “Dashboard”,
“hosts”: [],
“key”: {
“algo”: “rsa”,
“size”: 2048
},
“names”: [
{
“C”: “CN”,
“L”: “BeiJing”,
“ST”: “BeiJing”
}
]
}
EOF
K8S_CA=1cfsslgencert−ca=1
cfssl gencert -ca=1cfsslgencert−ca=K8S_CA/ca.pem -ca-key=K8SCA/ca−key.pem−config=K8S_CA/ca-key.pem -config=K8SCA/ca−key.pem−config=K8S_CA/ca-config.json -profile=kubernetes dashboard-csr.json | cfssljson -bare dashboard
kubectl delete secret kubernetes-dashboard-certs -n kube-system
kubectl create secret generic kubernetes-dashboard-certs --from-file=./ -n kube-system
//接下来,就是生成证书:
[root@localhost dashboard]# bash dashboard-cert.sh /root/k8s/k8s-cert/
[root@localhost dashboard]# vim dashboard-controller.yaml
在 args目录下,添加证书的路径:
…
(省略内容)
…
args:
# PLATFORM-SPECIFIC ARGS HERE
- --auto-generate-certificates
- --tls-key-file=dashboard-key.pem
- --tls-cert-file=dashboard.pem
…
(省略内容)
…
//接下来,进行重新部署:
[root@localhost dashboard]# kubectl apply -f dashboard-controller.yaml
Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply
serviceaccount/kubernetes-dashboard configured
Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply
deployment.apps/kubernetes-dashboard configured