k8s安裝dashboard

   一、Kubernetes Dashboard 是 k8s集羣的⼀個 WEB UI管理⼯具，代碼託管在 github 上，地址：

https://github.com/kubernetes/dashboard

　二、安裝直接使用官方文件就行(若是地址失效去github 看一下)

wget   https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml

kubectl apply -f  kubernetes-dashboard.yaml

　三、我在master執行完如今以下

[root@master ~]# kubectl get pods --all-namespaces
NAMESPACE     NAME                                    READY   STATUS    RESTARTS   AGE
kube-system   coredns-576cbf47c7-2g27x                1/1     Running   0          18h
kube-system   coredns-576cbf47c7-47mgd                1/1     Running   0          18h
kube-system   etcd-master                             1/1     Running   0          18h
kube-system   kube-apiserver-master                   1/1     Running   0          18h
kube-system   kube-controller-manager-master          1/1     Running   0          18h
kube-system   kube-flannel-ds-amd64-hw277             1/1     Running   4          18h
kube-system   kube-flannel-ds-amd64-j5jcr             1/1     Running   1          18h
kube-system   kube-proxy-8tfsp                        1/1     Running   1          18h
kube-system   kube-proxy-k6k79                        1/1     Running   0          18h
kube-system   kube-scheduler-master                   1/1     Running   0          18h
kube-system   kubernetes-dashboard-65c76f6c97-htfxt   1/1     ImagePullBackOff 0 18h
 #ImagePullBackOff：這個狀態是有問題的，而後我就各類百度，從啓服務器，發下沒有什麼卵用啊，初學就是比較費勁，而後才百度出來下面的解決方法

[root@master ~]# kubectl describe -n kube-system pod/kubernetes-dashboard-65c76f6c97-htfxt
Name:               kubernetes-dashboard-65c76f6c97-htfxt
Namespace:          kube-system
Priority:           0
PriorityClassName:  <none>
Node:               node01/172.21.0.14
Start Time:         Sun, 13 Oct 2019 19:42:52 +0800
Labels:             k8s-app=kubernetes-dashboard
                    pod-template-hash=65c76f6c97
Annotations:        <none>
Status:             Running
IP:                 10.244.1.3
Controlled By:      ReplicaSet/kubernetes-dashboard-65c76f6c97
Containers:
  kubernetes-dashboard:
    Container ID:  docker://7f9d2b3f22112c761af8c451376fb2155ac2014f7c13a4a7cda8ebcefebb0de3
    Image:         k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1
    Image ID:      docker://sha256:f9aed6605b814b69e92dece6a50ed1e4e730144eb1cc971389dde9cb3820d124
    Port:          8443/TCP
    Host Port:     0/TCP
    Args:
      --auto-generate-certificates
    State:          Running
      Started:      Sun, 13 Oct 2019 20:20:58 +0800
    Ready:          True
    Restart Count:  0
    Liveness:       http-get https://:8443/ delay=30s timeout=30s period=10s #success=1 #failure=3
    Environment:    <none>
    Mounts:
      /certs from kubernetes-dashboard-certs (rw)
      /tmp from tmp-volume (rw)
      /var/run/secrets/kubernetes.io/serviceaccount from kubernetes-dashboard-token-m4s7k (ro)
Conditions:
  Type              Status
  Initialized       True 
  Ready             True 
  ContainersReady   True 
  PodScheduled      True 
Volumes:
  kubernetes-dashboard-certs:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  kubernetes-dashboard-certs
    Optional:    false
  tmp-volume:
    Type:    EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:  
  kubernetes-dashboard-token-m4s7k:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  kubernetes-dashboard-token-m4s7k
    Optional:    false
QoS Class:       BestEffort
Node-Selectors:  <none>
Tolerations:     node-role.kubernetes.io/master:NoSchedule
                 node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type     Reason                  Age                 From               Message
  ----     ------                  ----                ----               -------
  Normal   Scheduled               60m                 default-scheduler  Successfully assigned kube-system/kubernetes-dashboard-65c76f6c97-htfxt to node01
  Normal   Pulling                 58m (x4 over 60m)   kubelet, node01    pulling image "k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1"
  Warning  Failed                  58m (x4 over 60m)   kubelet, node01    Failed to pull image "k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1": rpc error: code = Unknown desc = Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
  Warning  Failed                  58m (x4 over 60m)   kubelet, node01    Error: ErrImagePull
  Normal   BackOff                 57m (x6 over 60m)   kubelet, node01    Back-off pulling image "k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1"
  Warning  Failed                  50m (x37 over 60m)  kubelet, node01    Error: ImagePullBackOff
  Warning  FailedMount             28m                 kubelet, node01    MountVolume.SetUp failed for volume "kubernetes-dashboard-certs" : couldn't propagate object cache: timed out waiting for the condition
  Warning  FailedMount             28m                 kubelet, node01    MountVolume.SetUp failed for volume "kubernetes-dashboard-token-m4s7k" : couldn't propagate object cache: timed out waiting for the condition
  Warning  FailedCreatePodSandBox  28m                 kubelet, node01    Failed create pod sandbox: rpc error: code = Unknown desc = failed to set up sandbox container "0ac235fed359b9d102282bcc816ff3de7c9e26d18270067761f5304aa998d747" network for pod "kubernetes-dashboard-65c76f6c97-htfxt": NetworkPlugin cni failed to set up pod "kubernetes-dashboard-65c76f6c97-htfxt_kube-system" network: open /run/flannel/subnet.env: no such file or directory
  Warning  FailedCreatePodSandBox  28m                 kubelet, node01    Failed create pod sandbox: rpc error: code = Unknown desc = failed to set up sandbox container "233c431e6bceddf5f315f1b8aac762359202ca5a13cd4e4d2fd6a2aaf4123cd2" network for pod "kubernetes-dashboard-65c76f6c97-htfxt": NetworkPlugin cni failed to set up pod "kubernetes-dashboard-65c76f6c97-htfxt_kube-system" network: open /run/flannel/subnet.env: no such file or directory
  Normal   SandboxChanged          28m (x3 over 28m)   kubelet, node01    Pod sandbox changed, it will be killed and re-created.
  Warning  FailedCreatePodSandBox  28m                 kubelet, node01    Failed create pod sandbox: rpc error: code = Unknown desc = failed to set up sandbox container "0de536b8aa18baa69b6fbdd645063b61ee7fe0fb141b063a0387872e216a6d18" network for pod "kubernetes-dashboard-65c76f6c97-htfxt": NetworkPlugin cni failed to set up pod "kubernetes-dashboard-65c76f6c97-htfxt_kube-system" network: open /run/flannel/subnet.env: no such file or directory
  Normal   Pulling                 27m (x3 over 28m)   kubelet, node01    pulling image "k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1"
  Warning  Failed                  27m (x3 over 28m)   kubelet, node01    Failed to pull image "k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1": rpc error: code = Unknown desc = Error response from daemon: Get https://k8s.gcr.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
  Warning  Failed                  27m (x3 over 28m)   kubelet, node01    Error: ErrImagePull
  Normal   BackOff                 26m (x4 over 28m)   kubelet, node01    Back-off pulling image "k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1"
  Warning  Failed                  23m (x14 over 28m)  kubelet, node01    Error: ImagePullBackOff

 結果是鏡像不存在，我是阿里雲全部直接從阿里雲pull,在打包，而後在看，仍是不行，而後又一頓百度，

docker pull  mirrorgooglecontainers/kubernetes-dashboard-amd64:v1.10.1
docker tag mirrorgooglecontainers/kubernetes-dashboard-amd64:v1.10.1 k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1

　一頓百度解決方法以下： 查看詳細信息，發下pod在node01 上運行的，而後吧鏡像save 一份到node01服務器就行了，或者直接在node01上面直接pull

[root@master ~]# kubectl  get pods --all-namespaces -o wide
NAMESPACE     NAME                                    READY   STATUS    RESTARTS   AGE   IP            NODE     NOMINATED NODE
kube-system   coredns-576cbf47c7-2g27x                1/1     Running   0          18h   10.244.0.4    master   <none>
kube-system   coredns-576cbf47c7-47mgd                1/1     Running   0          18h   10.244.0.5    master   <none>
kube-system   etcd-master                             1/1     Running   0          18h   172.21.0.10   master   <none>
kube-system   kube-apiserver-master                   1/1     Running   0          18h   172.21.0.10   master   <none>
kube-system   kube-controller-manager-master          1/1     Running   0          18h   172.21.0.10   master   <none>
kube-system   kube-flannel-ds-amd64-hw277             1/1     Running   4          18h   172.21.0.14   node01   <none>
kube-system   kube-flannel-ds-amd64-j5jcr             1/1     Running   1          18h   172.21.0.10   master   <none>
kube-system   kube-proxy-8tfsp                        1/1     Running   1          18h   172.21.0.14   node01   <none>
kube-system   kube-proxy-k6k79                        1/1     Running   0          18h   172.21.0.10   master   <none>
kube-system   kube-scheduler-master                   1/1     Running   0          18h   172.21.0.10   master   <none>
kube-system   kubernetes-dashboard-65c76f6c97-htfxt   1/1     Running   0          18h   10.244.1.3    node01   <none>

　四、刪除現有的dashboard服務，dashboard服務的namespace是kube-system，可是該服務的類型是ClusterIP，不便於咱們經過瀏覽器訪問，所以須要改爲NodePort型的；

kubectl delete service kubernetes-dashboard --namespace=kube-system

　五、執行如下命令，建立dashboard服務的配置文件

cat <<EOF >  ~/dashboard-svc.yaml
kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kube-system
spec:
  type: NodePort
  ports:
    - port: 443
      targetPort: 8443
  selector:
    k8s-app: kubernetes-dashboard
EOF

　六、用剛剛建立的yaml文件建立新的dashboard服務：　

kubectl create -f ~/dashboard-svc.yaml

　七、想要訪問dashboard服務，就要有訪問權限，這裏須要先設置一個dashboard服務的權限和綁定關係，執行如下命令建立對應的資源文件dashboard-svc-account.yaml：　

cat <<EOF >  ~/dashboard-svc-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-admin
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: kubernetes-dashboard-admin
  labels:
    k8s-app: kubernetes-dashboard
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: kubernetes-dashboard-admin
  namespace: kube-system
EOF

八、執行命令建立ServiceAccount和ClusterRoleBinding：

kubectl create -f ~/dashboard-svc-account.yaml

九、找出secret，這個secret中有token，該token是登陸dashboard時用到的

[root@master data]# kubectl -n kube-system get secret|egrep  kubernetes-dashboard-admin
kubernetes-dashboard-admin-token-2q42n           kubernetes.io/service-account-token   3      18h

十、查看kubernetes-dashboard-admin-token-2q42n 的詳情，裏面有對應的token信息：　　

kubectl describe -n kube-system secret/kubernetes-dashboard-admin-token-2q42n|egrep token:

 十一、查看pod 位於node01節點：

kubectl describe -n kube-system pod/kubernetes-dashboard-65c76f6c97-htfxt

#查看服務
kubectl get svc -n kube-system

十二、用Firefox訪問   https://ip:31330     地址，獲得如下提示：

 

 

 1三、建立以config方式登陸dashborad的用戶參考

http://www.javashuo.com/article/p-zwettpqj-e.html