k8s-1.18.x创建dashboard管理员账号token,创建create-admin.yaml文件
apiVersion: v1 kind: ServiceAccount metadata: name: admin-user namespace: kubernetes-dashboard --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: admin-user roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: admin-user namespace: kubernetes-dashboard
下载官方的 kubernetes-dashboard.yaml,在这个地方定义HTTPS证书selinux1.key和selinux1.pem
containers:
- name: kubernetes-dashboard
image: hub.meiyou.com/k8s/dashboard:v2.0.0
imagePullPolicy: Always
ports:
- containerPort: 8443
protocol: TCP
args:
##- --auto-generate-certificates
- --namespace=kubernetes-dashboard
- --tls-key-file=selinux1.key
- --tls-cert-file=selinux1.pem
- --token-ttl=3600
下载metrics-server-v3.7.yaml文件(https://github.com/kubernetes-sigs/metrics-server/releases/download/v0.3.7/components.yaml)
###需etcd监控使用
###kubectl -n monitoring create secret generic etcd-certs --from-file=/etc/kubernetes/pki/etcd/healthcheck-client.crt --from-file=/etc/kubernetes/pki/etcd/healthcheck-client.key --from-file=/etc/kubernetes/pki/etcd/ca.crt
kubectl apply -f metrics-server-v3.7.yaml
kubectl create namespace kubernetes-dashboard
kubectl create secret generic kubernetes-dashboard-certs --from-file=/opt/ssl -n kubernetes-dashboard
kubectl apply -f kubernetes-dashboard.yaml
kubectl apply -f create-admin.yaml
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')
