本文基于kubernetes 1.5.2版本编写
使用http方式访问api server的部署
cat dashboard-controller.yaml apiVersion: extensions/v1beta1 kind: Deployment metadata:labels:k8s-app: kubernetes-dashboardkubernetes.io/cluster-service: "true"name: kubernetes-dashboardnamespace: kube-systemselfLink: /apis/extensions/v1beta1/namespaces/kube-system/deployments/kubernetes-dashboard spec:replicas: 1selector:matchLabels:k8s-app: kubernetes-dashboardstrategy:rollingUpdate:maxSurge: 1maxUnavailable: 1type: RollingUpdatetemplate:metadata:labels:k8s-app: kubernetes-dashboardspec:containers:- args:- --apiserver-host=http://192.168.20.128:8080image: docker.io/googlecontainer/kubernetes-dashboard-amd64:v1.6.1imagePullPolicy: IfNotPresentlivenessProbe:failureThreshold: 3httpGet:path: /port: 9090scheme: HTTPinitialDelaySeconds: 30periodSeconds: 10successThreshold: 1timeoutSeconds: 30name: kubernetes-dashboardports:- containerPort: 9090protocol: TCPresources:limits:cpu: 100mmemory: 50Mirequests:cpu: 100mmemory: 50MidnsPolicy: ClusterFirstrestartPolicy: Always
使用https访问api server部署
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
spec:
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
annotations:
scheduler.alpha.kubernetes.io/critical-pod: ''
scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
spec:
containers:
- name: kubernetes-dashboard
image: docker.io/googlecontainer/kubernetes-dashboard-amd64:v1.6.1
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: 100m
memory: 512Mi
requests:
cpu: 100m
memory: 128Mi
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
ports:
- containerPort: 9090
args:
- --apiserver-host=https://192.168.20.128:6443
- --kubeconfig=/etc/kubernetes/kubelet-config
volumeMounts:
- name: config
mountPath: /etc/kubernetes/kubelet-config
readOnly: True
- name: certs
mountPath: /etc/ssl/kube
readOnly: True
volumes:
- name: certs
hostPath:
path: /etc/ssl/kube
- name: config
hostPath:
path: /etc/kubernetes/kubelet-config
service
cat dashboard-service.yaml
apiVersion: v1
kind: Service
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
spec:
selector:
k8s-app: kubernetes-dashboard
ports:
- port: 80
targetPort: 9090
kubectl create -f dashboard-controller.yaml kubectl create -f dashboard-service.yaml
访问地址
http:http://192.168.20.128:8080/ui
https:https://192.168.20.128:6443/ui
如果API Server配置文件中没有配置登陆账号和密码(--basic-auth-file=/etc/kubernetes/useraccount.csv),登陆失败; 如果配置了,账号和密码为/etc/kubernetes/useraccount.csv任意中的一个