CentOS 7.6安装Kubernetes v1.15.1(9)

# kubectl get pod -n ingress-nginx -o wide
NAME                                            READY  STATUS    RESTARTS  AGE  IP              NODE    NOMINATED NODE  READINESS GATES
nginx-ingress-controller-cc9b6d55b-pr8vr        1/1    Running  0          10m  192.168.1.21  node1  <none>          <none>
nginx-ingress-default-backend-cc888fd56-bf4h2  1/1    Running  0          10m  10.244.0.14    node1  <none>          <none>

如果发现nginx-ingress的容器状态是ContainersCreating/ImagePullBackOff，则需要手动下载镜像
# docker pull registry.aliyuncs.com/google_containers/nginx-ingress-controller:0.25.0
# docker tag registry.aliyuncs.com/google_containers/nginx-ingress-controller:0.25.0 quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.25.0
# docker pull registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/defaultbackend-amd64:1.5
# docker tag registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/defaultbackend-amd64:1.5 k8s.gcr.io/defaultbackend-amd64:1.5
# docker rmi registry.cn-qingdao.aliyuncs.com/kubernetes_xingej/defaultbackend-amd64:1.5
# docker rim registry.aliyuncs.com/google_containers/nginx-ingress-controller:0.25.0
如果访问返回default backend，则部署完成。

5.3、 使用Helm部署dashboard

创建 kubernetes-dashboard.yaml：

image:
  repository: registry.aliyuncs.com/google_containers/kubernetes-dashboard-amd64
  tag: v1.10.1
 ingress:
  enabled: true
  hosts:
    - k8s.frognew.com    #这里是你将来访问dashboard的域名
  annotations:
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
  tls:
    - secretName: frognew-com-tls-secret
      hosts:
      - k8s.frognew.com
 nodeSelector:
    node-role.kubernetes.io/edge: ''
 tolerations:
    - key: node-role.kubernetes.io/master
      operator: Exists
      effect: NoSchedule
    - key: node-role.kubernetes.io/master
      operator: Exists
      effect: PreferNoSchedule
 rbac:
  clusterAdminRole: true

执行安装

helm install stable/kubernetes-dashboard \
-n kubernetes-dashboard \
--namespace kube-system  \
-f kubernetes-dashboard.yaml

5.4、生成用户token

a、创建admin-sa.yaml

apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
  name: admin
  annotations:
    rbac.authorization.kubernetes.io/autoupdate: "true"
 roleRef:
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io
 subjects:
 kind: ServiceAccount
 name: admin
  namespace: kube-system
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: admin
  namespace: kube-system
  labels:
    kubernetes.io/cluster-service: "true"
    addonmanager.kubernetes.io/mode: Reconcile

b、创建admin-sa的pod

# kubectl create -f admin-sa.yaml

# kubectl get secret -n kube-system
NAME                                            TYPE                                  DATA  AGE
 admin-token-2tbzp                                kubernetes.io/service-account-token  3      9m5s
 attachdetach-controller-token-bmz2c              kubernetes.io/service-account-token  3      27h
 bootstrap-signer-token-6jctj                    kubernetes.io/service-account-token  3      27h
 certificate-controller-token-l4l9c              kubernetes.io/service-account-token  3      27h

c、生成 admin-token

# kubectl get secret admin-token-2tbzp -o jsonpath={.data.token} -n kube-system|base64 -d