官方推荐方法:
连接:https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/
运行推荐yaml:
kubectl create -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml但是因为国内无法上google的原因,此办法一般都会报错。推荐以下办法:
daocloude镜像地址:https://dashboard.daocloud.io/packages
1、编写yaml文件
dashboard.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
# Keep the name in sync with image version and
# gce/coreos/kube-manifests/addons/dashboard counterparts
name: kubernetes-dashboard-latest
namespace: kube-system
spec:
replicas: 1
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
version: latest
kubernetes.io/cluster-service: "true"
spec:
containers:
- name: kubernetes-dashboard
image: daocloud.io/gfkchinanetquest/kubernetes-dashboard-amd64:v1.5.1
#这里使用daoclod的镜像,默认镜像为gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.1 resources:
# keep request = limit to keep this container in guaranteed class
limits:
cpu: 100m
memory: 50Mi
requests:
cpu: 100m
memory: 50Mi
ports:
- containerPort: 9090
args:
- --apiserver-host=http://192.168.50.131:8080 #这里修改为自己环境master的地址
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
dashboardsvc.yaml
apiVersion: v1
kind: Service
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
spec:
selector:
k8s-app: kubernetes-dashboard
ports:
- port: 80
targetPort: 9090
2、创建depolyment和service
正常情况下创建depolyment和service,
kubectl create -f dashboard.yaml
kubectl create -f dashboardsvc.yaml
3、验证
master上执行
[root@test03 pods]# kubectl get deploy --namespace=kube-system
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
kubernetes-dashboard-latest 1 1 1 1 45m
[root@test03 pods]# kubectl get svc --namespace=kube-system
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes-dashboard 10.254.211.210 <none> 80/TCP 45m
[root@test03 pods]# kubectl get pod -o wide --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE
default nginx01 1/1 Running 0 8d 172.30.42.2 node01
default nginx03 1/1 Running 0 10h 172.30.53.2 node02
kube-system kubernetes-dashboard-latest-713129511-8p8gn 1/1 Running 0 46m 172.30.53.3 node02
通过页面访问:http://192.168.50.131:8080/ui
ps:会跳转到http://192.168.50.131:8080/api/v1/proxy/namespaces/kube-system/services/kubernetes-dashboard/#/workload?namespace=default
其实最终访问的是:http://172.30.53.3:9090/ 及node上的pod
4、遇到的问题
就可以通过页面http://192.168.50.131:8080/ui就可以访问bashborad了。但是这里有几个坑
(1)国内无法访问gcr.io的镜像,所以在dashboard.yaml中我们使用daoclod的镜像,可以现在node节点中docker pull一下,确认是否可以拉取镜像。
我的环境不是很稳定,其中一个node02拉去成功,第二个node01拉取失败,并且创建的pod正好在失败的节点上。
[root@test03 pods]# kubectl get pod -o wide --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE
default nginx01 1/1 Running 0 7d 172.30.42.2 node01
default nginx03 1/1 Running 0 3h 172.30.53.2 node02
kube-system kubernetes-dashboard-latest-2290711670-q5kzx 0/1 ImagePullBackOff 0 34m 172.30.42.3 node01
表示创建pod失败,使用kubectl describe pods --namespace=kube-system,查看报错日志,一般都是镜像拉取失败
现在需要再node01中拉取镜像,可以通过node02的镜像load即可。
node02:
[root@test01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/nginx latest e548f1a579cf 3 weeks ago 108.6 MB
registry.access.redhat.com/rhel7/pod-infrastructure latest 99965fb98423 5 months ago 208.6 MB
daocloud.io/gfkchinanetquest/kubernetes-dashboard-amd64 v1.5.1 1180413103fd 14 months ago 103.6 MB
ansible/centos7-ansible-tag latest 688353a31fde 15 months ago 447.2 MB
ansible/centos7-ansible latest 688353a31fde 15 months ago 447.2 MB
docker.io/kubernetes/pause latest f9d5de079539 3 years ago 239.8 kB
gcr.io/google_containers/pause 2.0 f9d5de079539 3 years ago 239.8 kB
[root@test01 ~]# docker save daocloud.io/gfkchinanetquest/kubernetes-dashboard-amd64:v1.5.1 > bashborad.tar
[root@test01 ~]# ll
total 160592
-rw-------. 1 root root 1026 Feb 5 23:08 anaconda-ks.cfg
-rw-r--r--. 1 root root 103781888 Mar 15 00:20 bashborad.tar
-r--r--r--. 1 root root 60654199 Aug 27 2013 VMwareTools-9.6.0-1294478.tar.gz
scp bashborad.tar到node01 执行load即可,docker image查看,发现镜像已经导入
docker load < dashboard.tar
此时node上镜像已经都已经拉取成功,需要销毁重新创建deployment和service
master上执行
kubectl delete deployment kubernetes-dashboard-latest --namespace=kube-system
kubectl delete svc kubernetes-dashboard --namespace=kube-system
创建:
kubectl create -f bashborad.yaml
kubectl create -f bashboradsvc.yaml
2、flannel网路问题,安装成功,访问页面失败
访问http://192.168.50.131:8080/ui,没有反应
访问:http://192.168.50.131:8080/api/v1/proxy/namespaces/kube-system/services/kubernetes-dashboard/#/workload?namespace=default
报错如下:
Error: 'dial tcp 172.30.53.3:9090: getsockopt: connection timed out'
Trying to reach: 'http://172.30.53.3:9090/'
根据提示能够知道192.168.50.131无法访问172.30.53.3:9090。ifconfig查看master上的网络,发现没有flanne网络,可能之前忘记重启了,systemctl restart flanneld
flannel.1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 172.30.10.0 netmask 255.255.255.255 broadcast 0.0.0.0
inet6 fe80::e051:bfff:fefe:d009 prefixlen 64 scopeid 0x20<link>
ether e2:51:bf:fe:d0:09 txqueuelen 0 (Ethernet)
RX packets 1249 bytes 1625343 (1.5 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 481 bytes 42378 (41.3 KiB)
TX errors 0 dropped 10 overruns 0 carrier 0 collisions 0
3、node节点上镜像pull成功,但是还是安装失败
dashboard.yaml中
daocloud.io/gfkchinanetquest/kubernetes-dashboard-amd64:v1.5.1
没有选择版本,如果为 daocloud.io/gfkchinanetquest/kubernetes-dashboard-amd64,则表示拉去lastest版本,即
daocloud.io/gfkchinanetquest/kubernetes-dashboard-amd64:lastest
但是因为我们是离线load的,并没有lastest版本,所以会报错。
4、不修改dashboard.yaml内容的方法
load镜像后,tag镜像为
gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.1即可。(后续补充)