释放双眼,带上耳机,听听看~!
系列链接
Kubernetes系列之一:在Ubuntu上快速搭建一个集群Demo
Kubernetes系列之二:将Slave节点加入集群
Kubernetes系列之三:部署你的第一个应用程序到k8s集群
Kubernetes系列之四:使用yaml文件创建deployment来部署一个应用程序到k8s集群
Kubernetes系列之五:使用yaml文件创建service向外暴露服务
Kubernetes系列之六:安装k8s通用的Web UI(Dashboard)
Kubernetes系列之N:使用K8s遇到的问题
安装k8s通用的Web UI(Dashboard)
这篇文章我们打算安装k8s官方的UI界面,这个界面能显示所有的工作负载(workload),包括运行的Nodes,Services,Pods,Jobs,Relica sets等k8s资源。
首先你需要连接VPN,不然的话,运行接下来的 kubectl create命令后,你会发现新建的pod会报ImagePullBackOff的错误。
2
2
这里是我踩过的坑,如下:
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
2Name: kubernetes-dashboard-6948bdb78-w9452
3Namespace: kube-system
4Priority: 0
5PriorityClassName: <none>
6Node: kube-master/192.168.29.138
7Start Time: Mon, 20 Aug 2018 05:25:50 -0700
8Labels: k8s-app=kubernetes-dashboard
9 pod-template-hash=250468634
10Annotations: cni.projectcalico.org/podIP=10.244.0.30/32
11Status: Pending
12IP: 10.244.0.30
13Controlled By: ReplicaSet/kubernetes-dashboard-6948bdb78
14Containers:
15 kubernetes-dashboard:
16 Container ID:
17 Image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.8.3
18 Image ID:
19 Port: 8443/TCP
20 Host Port: 0/TCP
21 Args:
22 --auto-generate-certificates
23 State: Waiting
24 Reason: ImagePullBackOff
25 Ready: False
26 Restart Count: 0
27 Liveness: http-get https://:8443/ delay=30s timeout=30s period=10s #success=1 #failure=3
28 Environment: <none>
29 Mounts:
30 /certs from kubernetes-dashboard-certs (rw)
31 /tmp from tmp-volume (rw)
32 /var/run/secrets/kubernetes.io/serviceaccount from kubernetes-dashboard-token-5t4vr (ro)
33Conditions:
34 Type Status
35 Initialized True
36 Ready False
37 ContainersReady False
38 PodScheduled True
39Volumes:
40 kubernetes-dashboard-certs:
41 Type: Secret (a volume populated by a Secret)
42 SecretName: kubernetes-dashboard-certs
43 Optional: false
44 tmp-volume:
45 Type: EmptyDir (a temporary directory that shares a pod's lifetime)
46 Medium:
47 kubernetes-dashboard-token-5t4vr:
48 Type: Secret (a volume populated by a Secret)
49 SecretName: kubernetes-dashboard-token-5t4vr
50 Optional: false
51QoS Class: BestEffort
52Node-Selectors: <none>
53Tolerations: node-role.kubernetes.io/master:NoSchedule
54 node.kubernetes.io/not-ready:NoExecute for 300s
55 node.kubernetes.io/unreachable:NoExecute for 300s
56Events:
57 Type Reason Age From Message
58 ---- ------ ---- ---- -------
59 Warning Failed 37m (x94 over 20h) kubelet, kube-master Error: ErrImagePull
60 Normal BackOff 2m (x2100 over 20h) kubelet, kube-master Back-off pulling image "k8s.gcr.io/kubernetes-dashboard-amd64:v1.8.3" # 这里可以看出来镜像拉取不下来
61
62
在发现这个问题前,我怀疑是不是我执行kubectl create命令有问题,所以之后,把创建的service给删掉了,然后我又发现这条创建命令不仅仅只创建一个service那么简单,这样一下子就乱掉了。然后机智我的发现K8s中所有的配置都是通过API对象的spec去设置的,也就是用户通过配置系统的理想状态来改变系统,这是k8s重要设计理念之一,即所有的操作都是声明式(Declarative)的而不是命令式(Imperative)的。
所以,接下执行了apply 命令
2
2
然后运行命令
2
2
创建一个cluster-admin角色的service account , 和一个clusterrolebinding, 以便访问所有的k8s资源
2
3
4
5
6
2
3kubectl create clusterrolebinding cluster-admin-dashboard-sa \
4 --clusterrole=cluster-admin \
5 --serviceaccount=default:cluster-admin-dashboard-sa
6
Copy产生的Token,并使用此Token登录到dashboard中
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
2cluster-admin-dashboard-sa-token-6thzn kubernetes.io/service-account-token 3 2m
3
4root@kube-master:/home/cong# kubectl describe secrets/cluster-admin-dashboard-sa-token-6thzn
5Name: cluster-admin-dashboard-sa-token-6thzn
6Namespace: default
7Labels: <none>
8Annotations: kubernetes.io/service-account.name=cluster-admin-dashboard-sa
9 kubernetes.io/service-account.uid=4948b3f7-a524-11e8-8b23-000c29dbad4f
10
11Type: kubernetes.io/service-account-token
12
13Data
14====
15ca.crt: 1025 bytes
16namespace: 7 bytes
17token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImNsdXN0ZXItYWRtaW4tZGFzaGJvYXJkLXNhLXRva2VuLTZ0aHpuIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImNsdXN0ZXItYWRtaW4tZGFzaGJvYXJkLXNhIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiNDk0OGIzZjctYTUyNC0xMWU4LThiMjMtMDAwYzI5ZGJhZDRmIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50OmRlZmF1bHQ6Y2x1c3Rlci1hZG1pbi1kYXNoYm9hcmQtc2EifQ.OTweFHvblKXdX4AOwYydfvZojsdPKDXHFfXvy9YPjdX47x0aSNFEq93l-MnLmt2o55QpKM-ipXxyXojbMvrZYNoaID3JVJWBumg_U9ORq3sSZbI0x_0rNQAWDbsJNwfj73sWs47hSaLINJD7cT3BaFEqvi8F46kb2Cm7RdEyz_-4mKQk4Urhg9Xq7zWZ8UEQihp2XRREaMc15m4H2r8XhTGN_Xv_KFmh_sZy27XktzYxFEh03lIS-pZYzd98o2RLT2oJjup6mtVqzDGJ-jZKuF4g4tEpvLgEFXuPp2mwKDfgGAbewUBb-AjXkimoCltE_WrL_wz-KqqfzzpvjhVjKw
18
19root@kube-master:/home/cong# kubectl proxy
20Starting to serve on 127.0.0.1:8001
21
22
好了,终于看到界面了。。。
延伸阅读:
https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/
https://docs.giantswarm.io/guides/install-kubernetes-dashboard/\#
