Kubernetes: 本地部署dashboard

本篇文章主要是介绍如何在本地部署kubernetes dashboard, 部署环境是mac m2

下载dashboard.yaml

官网release地址: kubernetes/dashboard/releases

本篇文章下载的是kubernetes-dashboard-v2.7.0的版本，通过wget命令下载到本地:

wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml

部署dashboard

修改recommended.yaml暴露nodeport

首先是要修改recommended.yaml中的service配置，将service端口通过nodeport的方式提供给kubernetes集群外部访问。

kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  type: NodePort #新增
  ports:
    - port: 443
      targetPort: 8443
      nodePort: 30443 #新增
  selector:
    k8s-app: kubernetes-dashboard

在集群中部署kubernetes dashboard

提交recommended.yaml文件进行kubernetes dashboard的安装。
如果不能访问容器镜像不能下载的话，需要梯子或者将docker的镜像源仓库调整为国内的

执行命令：

kubectl apply -f recommended.yaml

创建用户SA和Token

新增dashboard-admin.yaml文件，在其中添加dashboard-admin的ServiceAccount配置和ClusterRoleBinding配置。

apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: dashboard-admin
  namespace: kubernetes-dashboard
  
---

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: dashboard-admin-bind-cluster-role
  labels:
    k8s-app: kubernetes-dashboard
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: dashboard-admin
  namespace: kubernetes-dashboard

执行kubectl apply -f 命令将dashboard-admin.yaml提交到集群

kubectl apply -f dashboard-admin.yaml

创建dashboard-admin的token

kubectl create token dashboard-admin -n kubernetes-dashboard 

执行结果如下图:

将token复制出来用来访问kubernetes dashboard:

#参考
k8s Dashboard 2.7 使用EIP和多权限角色token的解决方案