spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: kubernetes-dashboard
template:
metadata:
labels:
app: kubernetes-dashboard
# Comment the following annotation if Dashboard must not be deployed on master
annotations:
scheduler.alpha.kubernetes.io/tolerations: |
[
{
"key": "dedicated",
"operator": "Equal",
"value": "master",
"effect": "NoSchedule"
}
]
spec:
containers:
- name: kubernetes-dashboard
image: docker.io/siriuszg/kubernetes-dashboard-amd64:v1.5.1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9090
protocol: TCP
args:
# Uncomment the following line to manually specify Kubernetes API server Host
# If not specified, Dashboard will attempt to auto discover the API server and connect
# to it. Uncomment only if the default does not work.
- --apiserver-host=http://192.168.3.216:8080
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
2、执行启动,dashboard搭建完成。
[root@k8s_master ~]# kubectl create -f kubernetes-dashboard.yaml
deployment "kubernetes-dashboard" created
[root@k8s_master ~]# kubectl create -f dashboard-service.yaml
service "kubernetes-dashboard" created
3、验证:
执行以下命令
[root@k8s_master ~]# kubectl get deployment --all-namespaces
NAMESPACE NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
kube-system kubernetes-dashboard 1 1 1 1 1m
[root@k8s_master ~]# kubectl get svc --all-namespaces
NAMESPACE NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes 10.254.0.1 443/TCP 5d
kube-system kubernetes-dashboard 10.254.141.158 80:31633/TCP 1m
[root@k8s_master ~]# kubectl get pod -o wide --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE
kube-system kubernetes-dashboard-1270457039-t1z15 1/1 Running 0 2m 10.8.43.2 192.168.3.219
4、界面查看,浏览器输入:http://192.168.3.216:8080/ui
5、删除应用
[root@k8s_master ~]# kubectl delete deployment kubernetes-dashboard --namespace=kube-system
deployment "kubernetes-dashboard" deleted
[root@k8s_master ~]# kubectl delete svc kubernetes-dashboard --namespace=kube-system
service "kubernetes-dashboard" deleted
报错解决:
1、无法拉取镜像registry.access.redhat.com/rhel7/pod-infrastructure:latest
[root@k8s_master ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ...
open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory
解决方法:
[root@registry ~]# yum install *rhsm* -y
2、浏览器打开ui界面报错
{ "kind": "Status",
"apiVersion": "v1",
"metadata": {},
"status": "Failure",
"message": "no endpoints available for service \"kubernetes-dashboard\"",
"reason": "ServiceUnavailable",
"code": 503
}
解决方法:
KUBE_ADMISSION_CONTROL配置中默认需要认证,编辑配置文件,在KUBE_ADMISSION_CONTROL中,去除SecurityContextDeny,ServiceAccount
[root@k8s_master ~]# vim /etc/kubernetes/apiserver
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"
重启服务,正常打开