Chemmy's Blog

chengming0916@gmail.com

0%

发表于 Valine:

kubernetes部署Dashboard(可通过域名外网访问)_kubernetes dashboard 外部访问-CSDN博客

Excerpt

文章浏览阅读3.7k次。在kubernetes 1.22中部署Dashboard,并可以通过域名在外网访问_kubernetes dashboard 外部访问

一、安装环境

  • kubernetes 1.22
  • Dashboard v2.2.0

二、开始安装

1、参考文章

https://kubernetes.io/zh/docs/tasks/access-application-cluster/web-ui-dashboard/icon-default.png?t=LA92https://kubernetes.io/zh/docs/tasks/access-application-cluster/web-ui-dashboard/

部署 Kubernetes Dashboard 2.0.0 并通过域名访问 - 简书

2、下载recommended.yaml文件并运行:

1
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml
1
kubectl apply -f recommended.yaml

查看运行结果:

3、创建ingress,用于外网访问: 

 tips:安装ingress-nginx的步骤可以参考:

kubernetes安装ingress-nginx详细步骤_vampiresuper的专栏-CSDN博客在kubernetes 1.22版本中,安装ingress-nginx的详细步骤,适合刚刚接触k8s的同学https://blog.csdn.net/vampiresuper/article/details/122036310(1)创建secret:

由于Dashboard外网域名访问需要使用https,所以需要提前为你的域名申请一个证书,在阿里云或者腾讯云有免费的1年证书,申请好证书后将文件上传到服务器,然后执行:

1
kubectl -n kubernetes-dashboard create secret tls 定义一个自己的密码名称 --key 证书的.key文件路径 --cert 证书的.crt文件或者.pem文件路径

(2)创建ingress,内容如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
apiVersion: networking.k8s.io/v1

kind: Ingress

metadata:

name: kubernetes-dashboard

namespace: kubernetes-dashboard

annotations:

kubernetes.io/ingress.class: "nginx"

nginx.ingress.kubernetes.io/backend-protocol: HTTPS

nginx.ingress.kubernetes.io/configuration-snippet: |-

proxy_ssl_server_name on;

proxy_ssl_name $host;

spec:

tls:

- hosts:

- 你自己的域名

secretName: 上一步定义的secret名称

rules:

- host: 你自己的域名,同上

http:

paths:

- path: /

pathType: ImplementationSpecific

backend:

service:

name: kubernetes-dashboard

port:

number: 443

(3)创建一个用户:

用于使用token登陆Dashboard,内容如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
apiVersion: v1

kind: ServiceAccount

metadata:

name: admin-user

namespace: kubernetes-dashboard

---

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRoleBinding

metadata:

name: admin-user

roleRef:

apiGroup: rbac.authorization.k8s.io

kind: ClusterRole

name: cluster-admin

subjects:

- kind: ServiceAccount

name: admin-user

namespace: kubernetes-dashboard

(4)查看登陆用的token,是很长的一串:

1
kubectl -n kubernetes-dashboard get secret $(kubectl -n kubernetes-dashboard get sa/admin-user -o jsonpath="{.secrets[0].name}") -o go-template="{{.data.token | base64decode}}"

(5)在浏览器登录: