kubernetes部署dashboard
1. 简介
Dashboard 是基于网页的 Kubernetes 用户界面。 你可以使用 Dashboard 将容器应用部署到 Kubernetes 集群中,也可以对容器应用排错,还能管理集群资源。 你可以使用 Dashboard 获取运行在集群中的应用的概览信息,也可以创建或者修改 Kubernetes 资源 (如 Deployment、Job、DaemonSet 等等)。 例如,你可以对 Deployment 实现弹性伸缩、发起滚动升级、重启 Pod 或者使用向导创建新的应用。
Dashboard 同时展示了 Kubernetes 集群中的资源状态信息和所有报错信息。
2. 版本兼容性
k8s和dashboard版本存在兼容性关系,版本配套可以到下面的网页查询:https://github.com/kubernetes/dashboard/releases/
以下是部分配套关系:
| Kubernetes version | dashboard version | 备注 |
|---|---|---|
| 1.18 | v2.0.0 | 完全支持 |
| 1.19 | v2.0.4 | 完全支持 |
| 1.20 | v2.4.0 | 完全支持 |
| 1.21 | v2.4.0 | 完全支持 |
| 1.23 | v2.5.0 | 完全支持 |
| 1.24 | v2.6.0 | 完全支持 |
| 1.25 | v2.7.0 | 完全支持 |
| 1.27 | v3.0.0-alpha0 | 完全支持 |
| 1.29 | kubernetes-dashboard-7.5.0 | 完全支持 |
本文使用的k8s版本为1.23,使用dashboard v2.5.0版本部署。
3. 安装
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.5.0/aio/deploy/recommended.yaml
如果yaml无法下载,可以手动打开网页拷贝到文件中。以下是v2.5.0版本文件内容。
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: Namespace
metadata:
name: kubernetes-dashboard
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
---
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
ports:
- port: 443
targetPort: 8443
selector:
k8s-app: kubernetes-dashboard
---
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-certs
namespace: kubernetes-dashboard
type: Opaque
---
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-csrf
namespace: kubernetes-dashboard
type: Opaque
data:
csrf: ""
---
apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-key-holder
namespace: kubernetes-dashboard
type: Opaque
---
kind: ConfigMap
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-settings
namespace: kubernetes-dashboard
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
rules:
# Allow Dashboard to get, update and delete Dashboard exclusive secrets.
- apiGroups: [""]
resources: ["secrets"]
resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"]
verbs: ["get", "update", "delete"]
# Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
- apiGroups: [""]
resources: ["configmaps"]
resourceNames: ["kubernetes-dashboard-settings"]
verbs: ["get", "update"]
# Allow Dashboard to get metrics.
- apiGroups: [""]
resources: ["services"]
resourceNames: ["heapster", "dashboard-metrics-scraper"]
verbs: ["proxy"]
- apiGroups: [""]
resources: ["services/proxy"]
resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"]
verbs: ["get"]
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
rules:
# Allow Metrics Scraper to get metrics from the Metrics server
- apiGroups: ["metrics.k8s.io"]
resources: ["pods", "nodes"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kubernetes-dashboard
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kubernetes-dashboard
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kubernetes-dashboard
---
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
spec:
securityContext:
seccompProfile:
type: RuntimeDefault
containers:
- name: kubernetes-dashboard
image: kubernetesui/dashboard:v2.5.0
imagePullPolicy: Always
ports:
- containerPort: 8443
protocol: TCP
args:
- --auto-generate-certificates
- --namespace=kubernetes-dashboard
# Uncomment the following line to manually specify Kubernetes API server Host
# If not specified, Dashboard will attempt to auto discover the API server and connect
# to it. Uncomment only if the default does not work.
# - --apiserver-host=http://my-address:port
volumeMounts:
- name: kubernetes-dashboard-certs
mountPath: /certs
# Create on-disk volume to store exec logs
- mountPath: /tmp
name: tmp-volume
livenessProbe:
httpGet:
scheme: HTTPS
path: /
port: 8443
initialDelaySeconds: 30
timeoutSeconds: 30
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsUser: 1001
runAsGroup: 2001
volumes:
- name: kubernetes-dashboard-certs
secret:
secretName: kubernetes-dashboard-certs
- name: tmp-volume
emptyDir: {}
serviceAccountName: kubernetes-dashboard
nodeSelector:
"kubernetes.io/os": linux
# Comment the following tolerations if Dashboard must not be deployed on master
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
---
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: dashboard-metrics-scraper
name: dashboard-metrics-scraper
namespace: kubernetes-dashboard
spec:
ports:
- port: 8000
targetPort: 8000
selector:
k8s-app: dashboard-metrics-scraper
---
kind: Deployment
apiVersion: apps/v1
metadata:
labels:
k8s-app: dashboard-metrics-scraper
name: dashboard-metrics-scraper
namespace: kubernetes-dashboard
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: dashboard-metrics-scraper
template:
metadata:
labels:
k8s-app: dashboard-metrics-scraper
spec:
securityContext:
seccompProfile:
type: RuntimeDefault
containers:
- name: dashboard-metrics-scraper
image: kubernetesui/metrics-scraper:v1.0.7
ports:
- containerPort: 8000
protocol: TCP
livenessProbe:
httpGet:
scheme: HTTP
path: /
port: 8000
initialDelaySeconds: 30
timeoutSeconds: 30
volumeMounts:
- mountPath: /tmp
name: tmp-volume
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsUser: 1001
runAsGroup: 2001
serviceAccountName: kubernetes-dashboard
nodeSelector:
"kubernetes.io/os": linux
# Comment the following tolerations if Dashboard must not be deployed on master
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
volumes:
- name: tmp-volume
emptyDir: {}
确保dashboard容器运行正常:
[root@k8s ~]# kubectl get pod -A
NAMESPACE NAME READY STATUS RESTARTS AGE
default nginx-6799fc88d8-lxqvx 1/1 Running 2 (3m53s ago) 3h1m
kube-flannel kube-flannel-ds-7rfqc 1/1 Running 10 (2m12s ago) 3d21h
kube-system coredns-6d8c4cb4d-8sfdr 1/1 Running 3 (2m8s ago) 178m
kube-system coredns-6d8c4cb4d-vw7nz 1/1 Running 4 (113s ago) 178m
kube-system etcd-k8s 1/1 Running 4 (2m13s ago) 170m
kube-system kube-apiserver-k8s 1/1 Running 4 (2m3s ago) 170m
kube-system kube-controller-manager-k8s 1/1 Running 3 (2m13s ago) 169m
kube-system kube-proxy-97l68 1/1 Running 3 (2m13s ago) 178m
kube-system kube-scheduler-k8s 1/1 Running 4 (2m13s ago) 170m
kubernetes-dashboard dashboard-metrics-scraper-799d786dbf-rpcft 1/1 Running 3 (2m13s ago) 156m
kubernetes-dashboard kubernetes-dashboard-546cbc58cd-2wcrz 1/1 Running 0 156m
4. 访问配置
4.1 开启远程访问
dashboard service默认为ClusterIP,需要配置为NodePort,外部才能访问。
[root@k8s ~]# kubectl get svc -A
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d22h
default nginx NodePort 10.109.172.88 <none> 80:32409/TCP 3d22h
kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 3d22h
kubernetes-dashboard dashboard-metrics-scraper ClusterIP 10.102.9.117 <none> 8000/TCP 175m
kubernetes-dashboard kubernetes-dashboard ClusterIP 10.97.21.53 <none> 443/TCP 175m
修改svc改为NodePort类型:
[root@k8s ~]# kubectl edit service kubernetes-dashboard -n kubernetes-dashboard
[root@k8s ~]# kubectl get svc -A
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d22h
default nginx NodePort 10.109.172.88 <none> 80:32409/TCP 3d22h
kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 3d22h
kubernetes-dashboard dashboard-metrics-scraper ClusterIP 10.102.9.117 <none> 8000/TCP 3h34m
kubernetes-dashboard kubernetes-dashboard NodePort 10.97.21.53 <none> 443:31930/TCP 3h34m
这个时候就可以通过节点IP+31930端口访问dashboard了。dashboard需要使用https访问,自带的证书在最新的chrome、edge浏览器中不受信,切界面无法手动进行确认继续。使用firefox访问可以在界面操作确认继续。
备注:
在较新版本的
Chrome或Edge中访问一些未受信任的HTTPS页面时,会提示类似NET::ERR_CERT_INVALID的错误。以往旧版本中,我们可以选择跳过得以继续访问,但是新版本的Chrome中并不允许继续。当出现 “您的连接不是私密” 页面时,点击高级后,并直接输入thisisunsafe关键字并回车。
4.2 配置访问认证
dashboard 支持Token和Kubeconfig两种认证方式进行登录。
4.2.1 Token认证
创建Service Account 及 ClusterRoleBinding,创建auth.yaml文件,内容如下:
apiVersion: v1
kind: ServiceAccount
metadata:
name: kubernetes-admin
namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kubernetes-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: kubernetes-admin
namespace: kubernetes-dashboard
创建对应的资源:kubectl apply -f auth.yaml
获取访问所需要的Token:
[root@k8s ~]# kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep kubernetes-admin | awk '{print $1}')
Name: admin-user-token-khrll
Namespace: kubernetes-dashboard
Labels: <none>
Annotations: kubernetes.io/service-account.name: admin-user
kubernetes.io/service-account.uid: 266c923b-ed2f-471b-a8fc-1dde3cc10205
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1099 bytes
namespace: 20 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6InloSUtPM3R6cG9xVnkzNEx5STBmaTctRDRkWE9jX0Zfa0tKVjlBY3hhY2sifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLWtocmxsIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiIyNjZjOTIzYi1lZDJmLTQ3MWItYThmYy0xZGRlM2NjMTAyMDUiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.nYgOBdscFaO3_JUHAC3hX5F-4Imx4RFAu1UA05tbufI6VgR5npJHPBCriNkseo02qaSsjlBwr7slzUcIALC4F16oTVrVHuuPMPSaqrqi-VjoEdd_ZB7vbX6qH7KbAabzmwW966PoXwOiARjraU2CMTmA9dFfk4MkSiwrySUxNUrwQ02isPMDIUxeF5RGESXff7kBzgNFkhwdEuLopmK9k6i0CyuM2ns3TpMO_2TcBlPkDViag1JxixatBJuz9x-OJS-Tnt5A1pmc9J-76MSH7fTRHu3sim2RIPq29QV5EXc4kwyAxha6fnNC3aCTiU9nsDR6E24qYK70ULJKVGxxIQ
4.2.2 kubeconfig认证
如果是使用kubeadmin部署的集群,默认会在下面路径生成一个kubeconfig文件:/etc/kubernetes/admin.conf,下载该文件并编辑,在该文件将上面的toekn加入文件末尾。
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUMvakNDQWVhZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJME1EWXhNVEUwTURJd00xb1hEVE0wTURZd09URTBNREl3TTFvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBT2RUCjFSU3FmM3JyY1V3WkRsUk5OS05vVlZEelEzNlp4OUovckNSYzR1V3Qzd0YxTitsbFlIaVA2VHdoL0s2UGd0aUEKaHBYeDdWaGRYWElKdHhVd3F2OW8vTnArdUpoOHV2eFdyY25JRDNycFJzWXFvM1ZZSlhnTEtuS1o0bkpRREZzUApCQVZQcUJvS3RhYm9qV0pjU2tTc09VVXM5TFV0VnV3aEZUdmR0ZnJ1TVNMczFjOE1naTlGWlNkTUg3UHN0NzczCkNtUFhvb0k4dlRQSWwwU0dSTU1sSGtIaGJaUDJRVU0rZ1hzUlBRdWt3NFZ4MS9aQ29lZlhjRUE2czJUQmR3MXAKMlhpN2JpdWFKei80Qm1aYWVoQk5LZE1iR1ZMR1NhL1FwRjVDOXUwdnVybEdFZWw5eldoYnFLRFVzenN3dzZxUwpId2V6MXl0UWZpYTEyK2R0V1NNQ0F3RUFBYU5aTUZjd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZQZno5VzJ5UWJaZTAwT3M0ckNSbkc0c3dSV1VNQlVHQTFVZEVRUU8KTUF5Q0NtdDFZbVZ5Ym1WMFpYTXdEUVlKS29aSWh2Y05BUUVMQlFBRGdnRUJBR0w1eE1mcU5INDdERGh3Uzd0bApTMWoxZ3hKWWxDclk4M09acTF3bUF0aFlqR2wwN1FJVDJ6NGszVXlMOU5MZzBJWmlIMy93eElsVnc5V0hJYVFRCmwzK0dwMi9Fc0VuWURlWWt0Z2VySDk3M2xGWGsySEJSOWhxemRiNlNnbVd5cWRGdWpvMisrM3Vzb1dxOHJ0eHAKMUdZNU5aakxiQnA0aWs0UVYvSFYvNFRJNzF6VmYyTzd1VG5JMEZ6VlUzR214MmhDSVRzdHRFa0VVd2NCaHRhYgphUWF3NzNiZjU3MEp2bWJXSlF6dnZkMmFVQWk5MUtxQzhEUUFLMk00QUk5NDRsU2xsQlZDeXpQZUdiNnEwc3ZxCmtBaVpVZzFHYSt6d1NLdVhTdmRESm1uQ3psYnE2V2I5N29UdkVaTDJnMlJwMW5Ua1hTSU10Nk41bU1TNXVrYVMKbWVzPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
server: https://192.168.0.159:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURJVENDQWdtZ0F3SUJBZ0lJWiszaHUzTDI2aGN3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TkRBMk1URXhOREF5TUROYUZ3MHlOVEEyTVRVd09EVTBNRFphTURReApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sa3dGd1lEVlFRREV4QnJkV0psY201bGRHVnpMV0ZrCmJXbHVNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQTJ5amFFSi9kSTlDcUhuL2cKWm5CZXhOTG1NTmJRNWltd1pBSnBCTzFyT3A3ZE1JN2ZXZUlvRnN4SlpDUFpodU5SSFhhK29XYjQvM0hYMGl6QgpadGVSeEJUS1F2UkxkT0x5Qnk3SXUyS0JISmJNLzA0bE16cXBlVlVycll4YmkxZjJ1YXZaUXllZjJ1S3g2b1FPCjJPTTZ6RmMwbHNuSFhjYnpOamtWc0wzdElFZXBiVDJsNlFRVDlwOEI5OWs2alBCNDgwOGVPVGRDMEpSK25rTEEKRnhhN05qK2VBU3ZaTTQwbm5qK3BRdUVBWS9SZWF6UU1sTGhRN3hVV1p4WWtJQXZ6eU51Z1ZsazR3VjVrUk1maAplODZjaERKQ05ITERqR1FDdVR0QmluY3c2QWt1RWtMRmk5cnBLL2hrYVZQdFVaekxBNjFFdnZjUzZVVGNLS1BqCnNWT3AzUUlEQVFBQm8xWXdWREFPQmdOVkhROEJBZjhFQkFNQ0JhQXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUgKQXdJd0RBWURWUjBUQVFIL0JBSXdBREFmQmdOVkhTTUVHREFXZ0JUMzgvVnRza0cyWHRORHJPS3drWnh1TE1FVgpsREFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBbTExNU00NGZYVjRrV0ExdEMxUE9qZWdMbnUvT1EzYVpLZmdPCkoraGpWRWdOaFUzSHgvaExDcGE4eS8zNkIvU3Fud0ZXRE0xaXpWSlhBZndDQWVZaGZIYUZmWjlHL1pFRW9PTmUKajkrZEVWMEo0KzFRWEZzNEFtUGY3bUhJbTV2b0VmSkVRL3dleWt4QTl4cmh2WUprMHhQWWdpSTFUMWJIWkVLZAo5Zjk0ZFNTdTZ4MGUrUTZwK3RwMDFId1ZQR2pEL21XTG5GSHZNOHA4ZS82cWV6VHR3QzB3RlNGb2hBMVdza2hZClVEZGJXTFlFcEN1UkZoUTFuc0V0Z1g3bDkvRndwNG41bmR0Z0JCMzVjU2FrVU9OVkYwbUpCbFpKTVZaM0VqVXoKTzRxVmFTMXlUNXlOOStDUU1tRHd4QUlNRDZPQjJGSG9ac1FaQ0tJdnZ1Mzc5ZzFMM1E9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBMnlqYUVKL2RJOUNxSG4vZ1puQmV4TkxtTU5iUTVpbXdaQUpwQk8xck9wN2RNSTdmCldlSW9Gc3hKWkNQWmh1TlJIWGErb1diNC8zSFgwaXpCWnRlUnhCVEtRdlJMZE9MeUJ5N0l1MktCSEpiTS8wNGwKTXpxcGVWVXJyWXhiaTFmMnVhdlpReWVmMnVLeDZvUU8yT002ekZjMGxzbkhYY2J6TmprVnNMM3RJRWVwYlQybAo2UVFUOXA4Qjk5azZqUEI0ODA4ZU9UZEMwSlIrbmtMQUZ4YTdOaitlQVN2Wk00MG5uaitwUXVFQVkvUmVhelFNCmxMaFE3eFVXWnhZa0lBdnp5TnVnVmxrNHdWNWtSTWZoZTg2Y2hESkNOSExEakdRQ3VUdEJpbmN3NkFrdUVrTEYKaTlycEsvaGthVlB0VVp6TEE2MUV2dmNTNlVUY0tLUGpzVk9wM1FJREFRQUJBb0lCQUNiTFgzYUw1ZWhlR284VgprZEp3VjhZOWt2UFlRdGhMVHVjVktpUHVKd29VYnhFV2FXRU8wSXZnazZrL1UxVTJUZmlLT1lwMm9PTU84dVpJCmQ5L05qd2NIcXhvWkJuWmxhZlJ0aXFqbzhmUHVtZEVqc3lBVFpVYU9GaEk5ZzBMeVNrRnBzeWJaRDhuK1VRSXoKYURGcVg5RW1LcS82ZmVrU3U2REFrQjllTDJpRUV4SmRrL0FVRlJqRVdybkpsb1Z6Tkp6endyaVBNcUMwSlV3eAovUTh4Qjdwc3FQYWpGQzdNL0VNQ0VjeTBQcnpIamk4d1dHUUZjNGdub0FZY1VDdmFhZzdsMjExS3VSZk9YL2Z5CmpWS3Q3Z1RDR0plbXYwMkFobG1laWVlS2kyQjg4Y0dsMmhPVFNqVE1kRnBkVUh1RTJubTNSWXZXcDFVdWliclIKUlpXQlcwRUNnWUVBNlNuSTZwUlNyYWdicjJoQTlvdytJTHhkWkNVWk53YnY3RFdBbkZWU3hGWHYwNmtMTDJ3SwpmREkraWgrMTJ6M2twQXdLVzE5MkdtUXBpelhuRXhzYlRheTNJbGxCZEwvcG9UNXV5QjZnd3hwM1N2U2pNRWZ4CjMwKzZ3U2NtM1MwWU5JM2R5Q3dtbTljeFdpdFlsTm51S0dVQ3hZdFo5ZHBid2pMYjJFYThPeTBDZ1lFQThKL3kKWC9zVUEzTVhHRUd3N2dkU28ycHJILy9SUlVaSVdvY2piWUJFdWpuVVJjSS9SakYrckpITVJuZEQzMTlBdDdxMQpHV0RwS1FZMGowZkY2U1AwRWp0Tm1PZzh6c2pvOHlzREUyRHliZWkrN2g1N2FabG9hUGJkczRQOE5aQllRK1JsCkZZY2hTODU4SG5Xa2JVSWoyd2hmY09aVW1PeWZCalBFakpSdWwzRUNnWUFCOGpKV0d1VFJ4RHh1NjF6WGNmWTIKeWJ1eDBVbHpseUE3aFhyTVV6MzhtNGNENmo1SXFBc3lYQ3ovZENKTmNTZk9ZcmRYYWVXUGROU1A3K1E4MlpZUgp3T1pLYUJwT3dpZE9ERHBhZXo3MlFldEsrZDIrMG1yblpULzJ5ci9kU3JvUC9qc2lwNU91NjAzakpjZDRmcFVwClN5YUp4WTc3cVZYb3Vnbnh0UzF2QlFLQmdCYk1BSW1KWHhjSWsxcVA5clJHYTFUaUl5NFA3WUt6cXUwd3VuR0kKWW5xR09nODEzUXJJYTZqcjB6K2wwdjlacGVjQ1FHQWNKMXJrcEp3aWY2U2I3R2JCeVpOQUJXck43QXdGdWkvZQowbmtKUVBXTVc4TGdidHpxN293d1ovZW5La1djWU50T1J5Qkllc2ZqKzJVQ2pDVVhRUHVRUnRtS0tYTEwrc1lhCjFmTnhBb0dCQUoyTy9MUWZiQWt0ZlI5U2ZpQ3NhcTJKWVduWWhnNU1NVzB2YzlBeUxEdnpQeGNXUHhveVRWREgKK0lmWllhckNkdElTUzZ2NjFYamZva1VFMjhqS1N2dlVtcnhhbkp0RzZudTFTQldzczc1OXhMdlZ3Wi9zS2haaQpwcUZoRURxRXdoejVIem9TbkM2WHFtVEh2V2hPaHdsb21kM2lTY1hVWFlhSnVDMHp5N0JjCi0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg==
token: eyJhbGciOiJSUzI1NiIsImtpZCI6InloSUtPM3R6cG9xVnkzNEx5STBmaTctRDRkWE9jX0Zfa0tKVjlBY3hhY2sifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWFkbWluLXRva2VuLTc4NWN0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6Imt1YmVybmV0ZXMtYWRtaW4iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJmMjA2YzUyOC1iMzkyLTQzNDItOWU1Ny02ZjM2YjRkZjgyZWYiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6a3ViZXJuZXRlcy1hZG1pbiJ9.FvL4BtAbTGlBZfQcY72AnI2ynBswv7Ug12jczmRoGp1iSRLYPT9kmyEkT13SuggWxxuEDvwwwelgHZ5x6WOO6jSeqCyPwPoojVhszvd56gmiVs2g6Rlqpe2ZCNHY4UXcWg7XXF3FpoLv-760XgxAxy6DHFy_4D31el-DRVn-R3Qy-ji4a7wukQWTBpXo2DY-_ZWBpOeVPX6qjaRTEodBNve8_YU9rOA3HMH380jtfAyoBfT5igCED-15gNilj-IdoCEJWO3mersSzi_HY9OunOqs5ADuhCtdCMSMKUFibSyt_6qkRxvD7ws0d74rCZ2VUKzFMalX9yZ4i0n5sGlAsA
然后登录dashboard选择下载的kubeconfig文件即可进行登录。
5. 参考资料
-
artifacthub:https://artifacthub.io/packages/helm/k8s-dashboard/kubernetes-dashboard
-
github仓库:https://github.com/kubernetes/dashboard
-
部署和访问 Kubernetes 仪表板(Dashboard):https://kubernetes.io/zh-cn/docs/tasks/access-application-cluster/web-ui-dashboard/