kubernetes官方提供的可视化界面
https://github.com/kubernetes/dashboard
执行以下命令
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.3.1/aio/deploy/recommended.yaml
执行完可以使用kubectl get pods -A
查看集群中是否已running状态运行了dashboard应用。
笔者无法访问通,查看了应用状态为CrasshLoopBackOff如下
通过此命令查看日志 kubectl logs kubernetes-dashboard-658485d5c7-zhtrl -n kubernetes-dashboard
找到问题日志如下
panic: Get "https://10.96.0.1:443/api/v1/namespaces/kubernetes-dashboard/secrets/kubernetes-dashboard-csrf": dial tcp 10.96.0.1:443: i/o timeout
问题原因:初始化主节点时--pod-network-cidr
与主节点网络重叠了都是192.168,所以需要重新初始化了,解决步骤如下
sudo kubectl delete deployment kubernetes-dashboard --namespace=kubernetes-dashboard
sudo kubectl delete service kubernetes-dashboard --namespace=kubernetes-dashboard
sudo kubectl delete service dashboard-metrics-scraper --namespace=kubernetes-dashboard
sudo kubectl delete role.rbac.authorization.k8s.io kubernetes-dashboard --namespace=kubernetes-dashboard
sudo kubectl delete clusterrole.rbac.authorization.k8s.io kubernetes-dashboard --namespace=kubernetes-dashboard
sudo kubectl delete rolebinding.rbac.authorization.k8s.io kubernetes-dashboard --namespace=kubernetes-dashboard
sudo kubectl delete clusterrolebinding.rbac.authorization.k8s.io kubernetes-dashboard --namespace=kubernetes-dashboard
sudo kubectl delete deployment.apps kubernetes-dashboard --namespace=kubernetes-dashboard
sudo kubectl delete deployment.apps dashboard-metrics-scraper --namespace=kubernetes-dashboard
sudo kubectl delete sa kubernetes-dashboard --namespace=kubernetes-dashboard
sudo kubectl delete secret kubernetes-dashboard-certs --namespace=kubernetes-dashboard
sudo kubectl delete secret kubernetes-dashboard-csrf --namespace=kubernetes-dashboard
sudo kubectl delete secret kubernetes-dashboard-key-holder --namespace=kubernetes-dashboard
sudo kubectl delete namespace kubernetes-dashboard
sudo kubectl delete configmap kubernetes-dashboard-settings
kubectl drain k8s-node01 k8s-node02 --delete-local-data --force --ignore-daemonsets
kubectl delete node k8s-node01 k8s-node02
kubectl drain k8s-master01 k8s-master02 --delete-local-data --force --ignore-daemonsets
kubectl delete node k8s-master01 k8s-master02
# 重置K8S集群
kubeadm reset
# 删除残余文件
rm -rf /etc/kubernetes
rm -rf /var/lib/etcd/
rm -rf $HOME/.kube
# 重新初始化
kubeadm init \
--apiserver-advertise-address=192.168.134.110 \
--control-plane-endpoint=cluster-endpoint \
--image-repository registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images \
--kubernetes-version v1.20.9 \
--service-cidr=10.96.0.0/16 \
--pod-network-cidr=192.169.0.0/16
修改允许通过端口访问
kubectl edit svc kubernetes-dashboard -n kubernetes-dashboard
type: ClusterIP 改为 type: NodePort
寻找访问端口
kubectl get svc -A |grep kubernetes-dashboard
安装到工作节点的所以任意一台工作节点机器都可以访问dashboard
访问: https://集群任意IP:端口 https://192.168.134.150:30620
如果谷歌浏览器无法访问,按如下
将如下内容写到文件中,并安装到K8s
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard
通过以下命令获取token
#获取访问令牌
kubectl -n kubernetes-dashboard get secret $(kubectl -n kubernetes-dashboard get sa/admin-user -o jsonpath="{.secrets[0].name}") -o go-template="{{.data.token | base64decode}}"
生成令牌如下
eyJhbGciOiJSUzI1NiIsImtpZCI6ImlXdVI2LVZMZXF1VnkzN2lnOU5WbGlGUHNKREg0ZnItSmFXcnZpX2ZfUDAifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLWw4andzIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiIwMmY2OWEzYS1jMjhkLTRjYzQtYjc2Mi1kOTNlOGQ5ZGYyODUiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.e0ALKqpsJZxsyPfFC1iaWqEIC5lBj-fUeX3oQ_fhuKCAh35U-XU5TBtEqTMldSpCjCP7rS8FaruKiVLbkBDEclAxbYvBp7RfGsZy-w_pk_bCpjgZZNzLCuSQvF0Zyde6f9vucWVaQxElXfuHjaaeft7LPad2xVEc7XMIhdvD4orIa-SDXM6UiQwh8JneS3RmUljyIYaMMnJQCeAXun3RobulqkOIfPx81nj0ODDTj-BeO1SOMUtA_H9QeJqLhJgnv62NKPE7aNYz_Xh6gFa0DZdiqHL4RFh4gYeklDgWGn6VEIjeeYWJ5G0fzJ7BMCNzN_Cd3y6b_oatSPKSWAXseg
获取到令牌在页面复制进去,然后登录即可。
sudo kubectl delete deployment kubernetes-dashboard --namespace=kubernetes-dashboard
sudo kubectl delete service kubernetes-dashboard --namespace=kubernetes-dashboard
sudo kubectl delete service dashboard-metrics-scraper --namespace=kubernetes-dashboard
sudo kubectl delete role.rbac.authorization.k8s.io kubernetes-dashboard --namespace=kubernetes-dashboard
sudo kubectl delete clusterrole.rbac.authorization.k8s.io kubernetes-dashboard --namespace=kubernetes-dashboard
sudo kubectl delete rolebinding.rbac.authorization.k8s.io kubernetes-dashboard --namespace=kubernetes-dashboard
sudo kubectl delete clusterrolebinding.rbac.authorization.k8s.io kubernetes-dashboard --namespace=kubernetes-dashboard
sudo kubectl delete deployment.apps kubernetes-dashboard --namespace=kubernetes-dashboard
sudo kubectl delete deployment.apps dashboard-metrics-scraper --namespace=kubernetes-dashboard
sudo kubectl delete sa kubernetes-dashboard --namespace=kubernetes-dashboard
sudo kubectl delete secret kubernetes-dashboard-certs --namespace=kubernetes-dashboard
sudo kubectl delete secret kubernetes-dashboard-csrf --namespace=kubernetes-dashboard
sudo kubectl delete secret kubernetes-dashboard-key-holder --namespace=kubernetes-dashboard
sudo kubectl delete namespace kubernetes-dashboard
sudo kubectl delete configmap kubernetes-dashboard-settings