Sign in Subscribe

Kubernetes監控器 — 官方dashboard

Last updated on 
Kubernetes監控器 — 官方dashboard

Kubernetes Version : v1.30.0

Kubernetes Dashboard Version : 7.4.0

將分為以下幾個步驟

  1. 透過helm 安裝 dashboard
  2. 創建ingress 對外開放dashboard
  3. 創建ServiceAccount訪問用戶取得token 登入介面

Step 1 透過helm 安裝 dashboard

安裝可直接參照官方 官方安裝 ,也可以直接輸入以下指令透過helm 進行安裝。安裝好後 基礎版是沒有ingress 對外開放所以需要透過一個ingress,這邊選用ingress-nginx。

# Add kubernetes-dashboard repository 
helm repo add kubernetes-dashboard https://kubernetes.github.io/dashboard/ 
# Deploy a Helm Release named "kubernetes-dashboard" using the kubernetes-dashboard chart 
helm upgrade --install kubernetes-dashboard kubernetes-dashboard/kubernetes-dashboard --create-namespace --namespace kubernetes-dashboard

Step 2 創建ingress 對外開放dashboard

創建ingress 對外開放dashboard

這邊要注意 若回報Unknown error (200): Http failure during parsing for https://<site>/api/v1/csrftoken/login 則代表cookie 或者其他因素 造成無法登入。

而當時使用的ingress 無法登入是參照以下github issues 參考1 參考2

# ingress-dashboard.yaml 
# 要記得修改host  
apiVersion: networking.k8s.io/v1 
kind: Ingress 
metadata: 
  annotations: 
    kubernetes.io/ingress.class: nginx 
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" 
    cert-manager.io/cluster-issuer: letsencrypt-production 
  generation: 1 
  name: dashboard 
  namespace: kubernetes-dashboard 
spec: 
  rules: 
  - host: {host} 
    http: 
      paths: 
      - backend: 
          service: 
            name: kubernetes-dashboard-kong-proxy 
            port: 
              number: 443 
        path: / 
        pathType: Prefix 
  tls: 
    - hosts: 
      - {host} 
      secretName: k8s-dashboard

Step 3 創建ServiceAccount訪問用戶取得token 登入介面

透過以下yaml 創建一個名為 admin-user 在kubernetes-dashboard 的namespace中當然也可以放在其他地方,即可透過 kubectl -n kubernetes-dashboard create token admin-user 取得訪問 dashboard的token。

# ServiceAccount-admin.yaml 
 
apiVersion: v1 
kind: ServiceAccount 
metadata: 
  name: admin-user 
  namespace: kubernetes-dashboard 
--- 
apiVersion: rbac.authorization.k8s.io/v1 
kind: ClusterRoleBinding 
metadata: 
  name: admin-user 
roleRef: 
  apiGroup: rbac.authorization.k8s.io 
  kind: ClusterRole 
  name: cluster-admin 
subjects: 
- kind: ServiceAccount 
  name: admin-user 
  namespace: kubernetes-dashboard
# 獲取token 
 
kubectl -n kubernetes-dashboard  create token admin-user

通常以上步驟即可創建一個 監測k8s的dashboard的UI。