官方参考https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta8/aio/deploy/recommended.yaml
修改Service
spec:
type: NodePort
ports:
- port: 443
nodePort: 30123
targetPort: 8443
修改 imagePullPolicy: IfNotPresent
注释掉 kind: Sceret全部内容
节点下载 docker pull kubernetesui/dashboard:v2.0.0-beta8
新建Cert目录 cd Cert #openssl genrsa -out dashboard.key 2048
#openssl req -days 36000 -new -out dashboard.csr -key dashboard.key 一直回车即可
#openssl x509 -req -in dashboard.csr -signkey dashboard.key -out dashboard.crt
安装
kubectl apply -f recommended.yaml
kubectl create secret generic kubernetes-dashboard-certs --from-file=dashboard.key --from-file=dashboard.crt -n kubernetes-dashboard
vi create-admin.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard
kubectl apply -f create-admin.yaml
kubectl get sa,secrets -n kubernetes-dashboard
kubectl describe secret admin-user-* -n kubernetes-dashboard
登陆web https://10*:30123