Kubernetes v1.18.19二进制部署 (8)
[root@master01 cfg]# kubectl apply -f recommended.yaml
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
[root@master01 cfg]# kubectl get pods,svc -n kubernetes-dashboard
NAME
READY STATUS
RESTARTS AGE
pod/dashboard-metrics-scraper-694557449d-hvzhv 0/1
ContainerCreating 0
6s
pod/kubernetes-dashboard-9774cc786-tls7t
0/1
ContainerCreating 0
6s
NAME
TYPE
CLUSTER-IP EXTERNAL-IP PORT(S)
AGE
service/dashboard-metrics-scraper ClusterIP 10.0.0.200 <none>
8000/TCP
6s
service/kubernetes-dashboard
NodePort 10.0.0.16 <none>
443:30001/TCP 6s
注:上图显示正在创建容器,稍等一会再查看
5分钟后....
[root@master01 cfg]# kubectl get pods,svc -n kubernetes-dashboard
NAME
READY STATUS RESTARTS AGE
pod/dashboard-metrics-scraper-694557449d-hvzhv 1/1
Running 0
5m41s
pod/kubernetes-dashboard-9774cc786-tls7t
1/1
Running 0
5m41s
NAME
TYPE
CLUSTER-IP EXTERNAL-IP PORT(S)
AGE
service/dashboard-metrics-scraper ClusterIP 10.0.0.200 <none>
8000/TCP
5m41s
service/kubernetes-dashboard
NodePort 10.0.0.16 <none>
443:30001/TCP 5m41s
访问地址:https://NodeIP:30001
注:这里现在能打开了页面了,但不建议下载登陆,待执行完下面service account并绑定默认cluster-admin管理员集群角色后再登陆
创建service account并绑定默认cluster-admin管理员集群角色
[root@master01 ~]# kubectl create serviceaccount dashboard-admin -n kube-system
serviceaccount/dashboard-admin created
[root@master01 ~]# kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
clusterrolebinding.rbac.authorization.k8s.io/dashboard-admin created
[root@master01 ~]# kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk \'/dashboard-admin/{print $1}\')
Name:
dashboard-admin-token-lltwn
Namespace: kube-system
Labels:
<none>
Annotations: kubernetes.io/service-account.name: dashboard-admin
kubernetes.io/service-account.uid: 850a3785-8f94-49a0-a844-b963dab7e236
Type: kubernetes.io/service-account-token
Data
====
ca.crt:
1285 bytes
namespace: 11 bytes
token:
eyJhbGciOiJSUzI1NiIsImtpZCI6Iko4aDhNUzdraHQ1TzZ6dVh4aEpXM3ZFVVNxbzAzOU1PMUNCdmRUV0JqTjQifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tbGx0d24iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiODUwYTM3ODUtOGY5NC00OWEwLWE4NDQtYjk2M2RhYjdlMjM2Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.CxUJ8En7nwU-03ghy49fv_bZnbRDPFCgvr7iov3pIWqcy9NGNSJKH6j6LXLmmWmv5PQbK4a4xRCAuIsMsbsmsJOO0Hg6eFi0_oZhQBY9dYbZdzpdJHJ9HsKHJ5yTfrlc7hJaVmpNkpnj8BT0qVb6Buc-w1QUoW34lW5N-94JYiE7q4puXsw3p3IJLzelTccFOCu67weMLpwWEpunN3C3eWNX3DguInsaWXbBPbfYFzUr9Nccj8fXYBdasGlvfOtr475vAmu9_zLybwtkv_bbTB7dDobREs-CjR4SzTrDOu4xlVJ-eXoZpmz4_Rryz4FKCzvx2psAmV2jKPMyogkCFA
使用上面输出的token登录Dashboard,下图点"高级"也没用....
内容版权声明:除非注明,否则皆为本站原创文章。