一、Kubernetes dashboard作用
- 通过dashboard能够直观了解Kubernetes集群中运行的资源对象
- 通过dashboard可以直接管理(创建、删除、重启等操作)资源对象
二、获取Kubernetes dashboard资源清单文件
kubectl部署
https://github.com/kubernetes/dashboard/releases
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml
kubectl edit svc -n kubernetes-dashboard kubernetes-dashboard
#修改svc,对外暴露nodeport端口
spec:
type: NodePort
ports:
- port: 443
targetPort: 8443
nodePort: 30000
selector:
k8s-app: kubernetes-dashboard
三、生成token
1、创建用户
# 创建 dashboard-admin 用户
kubectl create serviceaccount dashboard-admin -n kubernetes-dashboard
# 绑定 clusterrolebinding
kubectl create clusterrolebinding dashboard-admin-rb --clusterrole=cluster-admin --serviceaccount=kubernetes-dashboard:dashboard-admin
2、创建文件 dashboard-admin-token.yaml
apiVersion: v1
kind: Secret
metadata:
name: dashboard-admin-secret
namespace: kubernetes-dashboard
annotations:
kubernetes.io/service-account.name: dashboard-admin
type: kubernetes.io/service-account-token
3、获取token
创建token
kubectl apply -f dashboard-admin-token.yaml
获取token
kubectl describe secret dashboard-admin-secret -n kubernetes-dashboard