一、windows系统使用kubectl
1、windows安装Chocolatey
参考文章Installing Chocolatey
管理员运行 powershell
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
image.png
2、安装kubectl
参考文章Kubernetes Command Line Interface (CLI)
1.18.2
choco install kubernetes-cli
image.png
3、config文件
注意到在之前安装k8s有如下步骤
image.png
所以我们把这个
admin.conf文件下载到本地,
拷贝到
C:\Users\your user name\.kube\ 目录下
3、验证
-
kubectl config get-contexts
image.png -
kubectl get nodes
image.png
猜测是因为虚拟机的时间跟本地不同
image.png - 修复
timedatectl set-local-rtc 1
timedatectl set-timezone Asia/Shanghai
yum -y install ntp
#通过阿里云时间服务器校准时间
ntpdate ntp1.aliyun.com
#时间信息写入硬件
hwclock -w
image.png
-
重试
image.png
二、安装Dashboard
0、参考文章
- kubernetes.io 网页界面 (Dashboard)
- https://github.com/kubernetes/dashboard
- Creating sample user
- Kubernetes Dashboard 安装与使用
- How To Install Kubernetes Dashboard with NodePort
- Kubernetes的三种外部访问方式:NodePort、LoadBalancer 和 Ingress
- 浅析从外部访问 Kubernetes 集群中应用的几种方式
1、安装
- 下载文件到本地
https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.3/aio/deploy/recommended.yaml
- 安装
kubectl apply -f .\kubernetes-dashboard.yaml
image.png
- 查看运行情况
kubectl get pods -n kubernetes-dashboard
image.png
- 启用代理
kubectl proxy
image.png
- 本地主机访问
http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
可以看到登录界面
image.png
2、授权
- 新建文件
auth.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard
- kubectl 应用文件
kubectl apply -f .\auth.yaml
image.png
kubectl get deployment -n kubernetes-dashboard
image.png
- 获取token
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | sls admin-user | ForEach-Object { $_ -Split '\s+' } | Select -First 1)
image.png
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')
- 复制
token串,粘贴到登录界面即可
3.1、改为NodePort
image.png
kubectl edit service kubernetes-dashboard -n kubernetes-dashboard
将上图的值改为NodePort,保存
image.png
kubectl get svc --all-namespaces
image.png
3.2、改为NodePort -- 另一种方式
- 回滚之前的操作
kubectl delete -f .\auth.yaml
kubectl delete -f .\kubernetes-dashboard.yaml
- 修改
kubernetes-dashboard.yaml
Service下添加type: NodePort
image.png - 部署
kubectl apply -f .\kubernetes-dashboard.yaml
kubectl get deployments -n kubernetes-dashboard
kubectl get pods -n kubernetes-dashboard
kubectl get service -n kubernetes-dashboard
image.png
kubectl apply -f .\auth.yaml
image.png
- 访问
使用任意一个node节点【centos-master或centos-node】的ip+port即可访问
kubectl get svc -n kubernetes-dashboard
image.png
https://192.168.32.129:30667
https://192.168.32.131:30667
经测试,谷歌浏览器无法访问,edge可以
复制token,登录
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | sls admin-user | ForEach-Object { $_ -Split '\s+' } | Select -First 1)
image.png