目錄
1 安裝kubernetes-dashboard
1.1 下載配置文件
https://github.com/kubernetes/dashboard/blob/master/aio/deploy/recommended.yaml
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
type: NodePort
ports:
- port: 443
targetPort: 8443
nodePort: 30001
selector:
k8s-app: kubernetes-dashboard
---
#因爲自動生成的證書很多瀏覽器無法使用,所以我們自己創建,註釋掉kubernetes-dashboard-certs對象聲明
#apiVersion: v1
#kind: Secret
#metadata:
# labels:
# k8s-app: kubernetes-dashboard
# name: kubernetes-dashboard-certs
# namespace: kubernetes-dashboard
#type: Opaque
---
1.2 創建證書
#創建命名空間
kubectl create namespace kubernetes-dashboard
# 創建key文件
openssl genrsa -out dashboard.key 2048
#證書請求
openssl req -days 36000 -new -out dashboard.csr -key dashboard.key -subj '/CN=dashboard-cert'
#自簽證書
openssl x509 -req -in dashboard.csr -signkey dashboard.key -out dashboard.crt
#創建kubernetes-dashboard-certs對象
kubectl create secret generic kubernetes-dashboard-certs --from-file=dashboard.key --from-file=dashboard.crt -n kubernetes-dashboard
部分命令
# 刪除POD
kubectl delete pod PODNAME --force --grace-period=0
# 刪除NAMESPACE
kubectl delete namespace NAMESPACENAME --force --grace-period=0
# 刪除default namespace下的pod名爲pod-to-be-deleted-0
ETCDCTL_API=3 etcdctl del /registry/pods/default/pod-to-be-deleted-0
# 刪除需要刪除的NAMESPACE
etcdctl del /registry/namespaces/NAMESPACENAME
#強制刪除pod
kubectl delete pod [pod name] --force --grace-period=0 -n [namespace]
# <secret file>這裏常用的就是property文件,內容是key=value
kubectl create secret generic <secret name> --from-env-file=<secret file> -n <namespace>
# 刪除secret
kubectl delete secret <secret name> -n <namespace>
# 查看有哪些secret:
kubectl get secrets -n <namespace>
# 查看secret詳細信息
kubectl describe secrets <secret name> -n <namespace>
1.3 安裝 kubernetes-dashboard
kubectl create -f recommended.yaml
kubectl delete -f recommended.yaml #清理
#檢查結果
kubectl get pods,svc -n kube-system
kubectl get pods -A -o wide
kubectl get service -n kubernetes-dashboard -o wide
1.4 創建管理員權限
dashboard-admin.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
name: dashboard-admin
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: dashboard-admin-bind-cluster-role
labels:
k8s-app: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: dashboard-admin
namespace: kubernetes-dashboard
[root@k8s-master ~]# kubectl create -f dashboard-admin.yaml
1.5 查看並複製用戶Token
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep dashboard-admin | awk '{print $1}')
Data
====
token: eyJhbGciOiJSUzI1NiIsImtpZCI6InFqUXlIeVE0b1Z0X1AwaGxHb2xibU5NUDhseDNlcWFXQkhURmZJRzJwMDAifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkZWZhdWx0LXRva2VuLWo3cGZ6Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImRlZmF1bHQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJjN2IzMzZjZS1kNTVhLTQ3NzAtYTRiMC00OWQ0NGE2ZWM5ODgiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6ZGVmYXVsdCJ9.r73ShiOAYEzrmUgXz6SqDHcnqhEjueYqxjJYQJyIQOavxLoVDQD7UaNhf4ZBJcnVJdGB2DFAT2hJHKzx6JrcMkhkoIrqeQXqWP6XynehkIGQqgH37J5xs04s-ShMkni-sRHdN5XMA4vU_WzRVDp5sMIIZvKhE1mMtu_WiVsO_bV0YCZ4lUm6kLpJtRApXpRNJHtqlBQq2BAYTmSVJQwi0Ptfub-kFQ9d_4qR7CJRoGctFLQu0DJZq87Knim5XFIdG7OcuY30872W9TsQC4RrULOfKAnaVPONskM1kxPxO90XXdTjfoGQJLEOksavdFSF2wEgJ-IZg_xLSfiQNvqfNw
ca.crt: 1025 bytes
namespace: 20 bytes
1.6 查看日誌
kubectl logs kubernetes-dashboard-56484d4c5-sk9fd --namespace=kubernetes-dashboard
2 安裝metrics-server
2.1 Node節點下載鏡像
docker pull bluersw/metrics-server-amd64:v0.3.6
docker tag bluersw/metrics-server-amd64:v0.3.6 k8s.gcr.io/metrics-server-amd64:v0.3.6
2.2 下載配置文件
https://github.com/kubernetes-sigs/metrics-server/releases
mkdir metrics-server-0.3.6
複製metrics-server-0.3.6/deploy/1.8+路徑下的yaml文件
修改metrics-server-deployment.yaml
spec:
hostNetwork: true #新增
serviceAccountName: metrics-server
volumes:
# mount in tmp so we can safely use from-scratch images and/or read-only containers
- name: tmp-dir
emptyDir: {}
containers:
- name: metrics-server
image: k8s.gcr.io/metrics-server-amd64:v0.3.6
imagePullPolicy: IfNotPresent
command:
- /metrics-server #新增
- --kubelet-insecure-tls #新增
- --kubelet-preferred-address-types=InternalIP,Hostname,InternalDNS,ExternalDNS,ExternalIP #新增
volumeMounts:
- name: tmp-dir
mountPath: /tmp
kubectl create -f metrics-server/
kubectl get pods -A -o wide
kubectl top nodes
kubectl top pods --all-namespace
如果出現: error: metrics not available yet 問題,說明服務還未完成啓動
參考資料: https://www.cnblogs.com/shunzi115/p/12438702.html