Kubernetes_Dashboard

Kubernetes Dashboard: node的狀況、Pod之間溝通狀態將describe、logs以視覺化方式呈現出來
- 注意: kubernetes Dashboard 1.7版後會需要用到SSL 驗證，若不製作憑證的話就只能用localhost來預覽
  1
  kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml

製作帳號權限供dashboard給外部使用

1 2	kubectl -n kube-system create sa dashboard kubectl create clusterrolebinding dashboard --clusterrole cluster-admin --serviceaccount=kube-system:dashboard

取得dashboard名稱且describe secrets後獲取token

該token可用於dashboard登入用

1 2	kubectl -n kube-system get sa dashboard -o yaml kubectl -n kube-system describe secrets 'Dashboard Name'

製作SSL 憑證，並將其安裝client端瀏覽器

# 生成client-certificate-data
grep 'client-certificate-data' ~/.kube/config | head -n 1 | awk '{print $2}' | base64 -d >> kubecfg.crt
 
# 生成client-key-data
grep 'client-key-data' ~/.kube/config | head -n 1 | awk '{print $2}' | base64 -d >> kubecfg.key
 
# 生成p12
openssl pkcs12 -export -clcerts -inkey kubecfg.key -in kubecfg.crt -out kubecfg.p12 -name "kubernetes-client"

連結方法有兩種

k8s proxy

k8s apiservice

1 2	# apiservice solution https://'master IP':6443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/

登入頁就可以由剛剛獲得的token來做驗證

注意: kubernetes Dashboard 1.7版後會需要用到SSL 驗證，若不製作憑證的話就只能用localhost來預覽