Kubernetes 图形化界面 dashboard

科技2026-01-10 21

文章目录

图形化界面概述来吧！展示！！在master上进行操作查看命名空间状态成为running之后，查看pods在那个节点上打开页面查看生成登录令牌登录实验结束微软Edge或者谷歌浏览器登录方法

图形化界面概述

dashboard是商业智能仪表盘（business intelligence dashboard，BI dashboard）的简称，它是一般商业智能都拥有的实现数据可视化的模块，是向企业展示度量信息和关键业务指标（KPI）现状的数据虚拟化工具 . dashboard在一个简单屏幕上联合并整理数字、公制和绩效记分卡。它们调整适应特定角色并展示为单一视角或部门指定的度量。 dashboard关键的特征是从多种数据源获取实时数据，并且是定制化的交互式界面。 dashboard以丰富的，可交互的可视化界面为数据提供更好的使用体验.

K8s也有相对直观的图形话界面，官网已经把五个yaml文件合成了一个，但是这里我们还是使用旧款的五个文件进行的模拟实验

来吧！展示！！

根据上一次昨晚的多节点K8s接着部署

在master上进行操作

上传上面的全部文件

[root@localhost ~]# cd k8s/ [root@localhost k8s]# mkdir dashboard [root@localhost k8s]# cd dashboard/ [root@localhost dashboard]# kubectl get nodes NAME STATUS ROLES AGE VERSION 20.0.0.4 Ready <none> 8d v1.12.3 20.0.0.5 Ready <none> 8d v1.12.3 [root@localhost dashboard]# rz -E rz waiting to receive. [root@localhost dashboard]# ls dashboard-configmap.yaml dashboard-rbac.yaml dashboard-service.yaml dashboard-controller.yaml dashboard-secret.yaml k8s-admin.yaml

根据我提供的顺序，安装yaml文件

[root@localhost dashboard]# kubectl create -f dashboard-rbac.yaml role.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard-minimal created [root@localhost dashboard]# kubectl create -f dashboard-secret.yaml secret/kubernetes-dashboard-certs created secret/kubernetes-dashboard-key-holder created [root@localhost dashboard]# kubectl create -f dashboard-configmap.yaml configmap/kubernetes-dashboard-settings created [root@localhost dashboard]# kubectl create -f dashboard-controller.yaml serviceaccount/kubernetes-dashboard created deployment.apps/kubernetes-dashboard created [root@localhost dashboard]# kubectl create -f dashboard-service.yaml service/kubernetes-dashboard created

查看命名空间

完成后查看创建在指定的kube-system命名空间下的pods

[root@localhost dashboard]# kubectl get pods,service -n kube-system NAME READY STATUS RESTARTS AGE pod/kubernetes-dashboard-65f974f565-wtvtr 0/1 ContainerCreating 0 100s ##要等到创建成功才可以继续下一步，现在时创建中 NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/kubernetes-dashboard NodePort 10.0.0.238 <none> 443:30001/TCP 95s

状态成为running之后，查看pods在那个节点上

这边看到是在我 20.0.0.5的节点上，对外端口暴露为30001

[root@localhost dashboard]# kubectl get pods,service -n kube-system -o wi de NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE pod/kubernetes-dashboard-65f974f565-wtvtr 1/1 Running 0 4m15s 172.17.54.2 20.0.0.5 <none> NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR service/kubernetes-dashboard NodePort 10.0.0.238 <none> 443:30001/TCP 4m10s k8s-app=kubernetes-dashboard

打开页面查看

推荐使用火狐浏览器，可以跳过验证

生成登录令牌

[root@localhost dashboard]# kubectl create -f k8s-admin.yaml serviceaccount/dashboard-admin created clusterrolebinding.rbac.authorization.k8s.io/dashboard-admin created [root@localhost dashboard]# kubectl get secret -n kube-system NAME TYPE DATA AGE dashboard-admin-token-tl2bq kubernetes.io/service-account-token 3 45s ##复制这个名字 default-token-6rblg kubernetes.io/service-account-token 3 8d kubernetes-dashboard-certs Opaque 0 15m kubernetes-dashboard-key-holder Opaque 2 15m kubernetes-dashboard-token-jvqfp kubernetes.io/service-account-token 3 15m 查看证书详细信息 [root@localhost dashboard]# kubectl describe secret dashboard-admin-token-tl2bq -n kube-system Name: dashboard-admin-token-tl2bq Namespace: kube-system Labels: <none> Annotations: kubernetes.io/service-account.name: dashboard-admin kubernetes.io/service-account.uid: 97478dda-0957-11eb-ad59-000c29aff78f Type: kubernetes.io/service-account-token Data ==== ca.crt: 1359 bytes namespace: 11 bytes token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tdGwyYnEiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiOTc0NzhkZGEtMDk1Ny0xMWViLWFkNTktMDAwYzI5YWZmNzhmIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.KLzQdBQOb1ETbdpLTN9sbDOALknhOTurzBcB8FlbpmjC2Ef1H3Wbic9mOlqxFyOUwly6GT-YKNElGAqAAxiWpuh8Lbsn1pobBPCNdYQYpgCuTBxM4Al7BIG4uDOw1WZNXeEBtxze0k-LBxMnWcwB7WxNpETicoEewqN8KLZOQSM9LUMxM6Cy-tDi7NhTPBx57BpiEMrXA5IttBhXJmzEmmCUKIqgVxK3r5kcOff5FOLSslYVeML1K3dsijr-sW0pExKITSoqhLja2CWt_g_AP9jzt2pq4rgI51w7MDApceXsA1Fm6MKq6aWyDgESQYCmfuWBGE8ED4KFWRGJoodj0w

实验结束

成功看到图形界面

微软Edge或者谷歌浏览器登录方法

某些浏览器打开会报不安全，并且也不允许接受风险，像是下图这样，那我们就要手动添加证书

[root@localhost dashboard]# vim dashboard-cert.sh cat > dashboard-csr.json <<EOF { "CN": "Dashboard", "hosts": [], "key": { "algo": "rsa", "size": 2048 }, "names": [ { "C": "CN", "L": "BeiJing", "ST": "BeiJing" } ] } EOF K8S_CA=$1 cfssl gencert -ca=$K8S_CA/ca.pem -ca-key=$K8S_CA/ca-key.pem -config=$K8S_CA/ca-config.json -profile=kubernetes dashboard-csr.json | cfssljson -bare dashboard kubectl delete secret kubernetes-dashboard-certs -n kube-system kubectl create secret generic kubernetes-dashboard-certs --from-file=./ -n kube-system [root@localhost dashboard]# vim dashboard-controller.yaml ##这里声明两个证书文件 args: # PLATFORM-SPECIFIC ARGS HERE - --auto-generate-certificates - --tls-key-file=dashboard-key.pem ##这行和下面的 - --tls-cert-file=dashboard.pem [root@localhost dashboard]# bash dashboard-cert.sh /root/k8s/k8s-cert/ [root@localhost dashboard]# kubectl apply -f dashboard-controller.yaml Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply serviceaccount/kubernetes-dashboard configured Warning: kubectl apply should be used on resource created by either kubectl create --save-config or kubectl apply deployment.apps/kubernetes-dashboard configured

再次查看就OK了

Processed: 0.018, SQL: 9