在 vagrantbox (virtualbox) 中将 Dashboard 应用程序部署到 Kubernetes
Deploy Dashboard application to Kubernetes in vagrantbox (virtualbox)
我正在尝试在 virtualbox 中设置一个 kubernetes 集群。我关注了 https://kubernetes.io/blog/2019/03/15/kubernetes-setup-using-ansible-and-vagrant,到目前为止一切似乎都正常。
但是我无法让仪表板应用程序工作。我遵循了 https://github.com/kubernetes/dashboard and https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md 的指南,但我无法从我的主机访问 Web-UI。
我的整个设置可以在这里找到:https://github.com/sebastian9486/v-kube-cluster/tree/feature/deploy-dashboard
我的 Vagrantfile 在 src/main/kube-cluster 中,我的 ansible playbook 在 src/main/kube-cluster/kubernetes-setup 中。这些部分目前有效。
在 src/main/kube-cluster/kubernetes-setup/deploy/ 中是 dashboard.sh 部署仪表板应用程序。可能有一些更优雅的方式,但为了知道我试着得到它 运行.
安装看起来不错。我的 dashboard.sh
的输出
[INFO] Deploy and configure application 'dashboard'
[INFO] Start deployment
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
Connection to 127.0.0.1 closed.
Connection to 127.0.0.1 closed.
[DONE] Finished deployment
[INFO] Start configuration
serviceaccount/admin-user created
Connection to 127.0.0.1 closed.
clusterrolebinding.rbac.authorization.k8s.io/admin-user created
Connection to 127.0.0.1 closed.
[INFO] ******************************************************************
[INFO] ***** BEARER TOKEN ***********************************************
eyJhbGciOiJSUzI1NiIsImtpZCI6IlRzWkFqejB1RnJJUjBNUDlXSHo0MEVBZmRlTFN1MmxYRThweFRBVTdRNmsifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLWxjajQ4Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiIwYzhiMjFiYS05ZWZkLTRmNjUtOGM5Yi0wZTczMGU3NGUyZTUiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.LExiVLOykdGVmtXNyUz2vn0VPc1Gazlng-lKnnBV541XPRjUjudjAaTKvfVoOQfEUDxLTLCLS8ePNPqXpnF3zvf7NEmBV5KCttCQWyqFW5PoiQVF2MbFiIXGMHYfYoBrjw_-BqKtbUAr23akPIp8n0m9OyQrHSbGz4m6T1kt2NwcKAX-rpIvkcLo5SaxFpMb6om-pce2EUjQ8fy17ciskN988_jhTgfXQEuwCuIIoUQ_ZblY1MABtdKE0STt9M78qzkY2sZQv8yeKzpmsWSrpX0CechFlA6Ce1XaWrwbqt6vSYpejuK34j1aWh4cUG-f50LaPwXZUnQhbLRViSZaYQConnection to 127.0.0.1 closed.
[INFO] ******************************************************************
[INFO] ******************************************************************
[DONE] Finished configuration
[INFO] Finished Deployment and configuration of application 'dashboard'
但是我无法从我的主机访问该页面。
来自我的主节点 kubectl get pods -A
的 pods 列表
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-86bddfcff-dl6hl 1/1 Running 0 5m49s
kube-system calico-node-gvjqp 1/1 Running 0 2m15s
kube-system calico-node-jsvk6 1/1 Running 0 5m50s
kube-system coredns-74ff55c5b-nhkwv 1/1 Running 0 5m49s
kube-system coredns-74ff55c5b-pjl97 1/1 Running 0 5m49s
kube-system etcd-v-k8s-master 1/1 Running 0 5m58s
kube-system kube-apiserver-v-k8s-master 1/1 Running 0 5m58s
kube-system kube-controller-manager-v-k8s-master 1/1 Running 0 5m58s
kube-system kube-proxy-cb79j 1/1 Running 0 2m15s
kube-system kube-proxy-vq7lr 1/1 Running 0 5m50s
kube-system kube-scheduler-v-k8s-master 1/1 Running 0 5m58s
kubernetes-dashboard dashboard-metrics-scraper-79c5968bdc-jc7hl 1/1 Running 0 2m11s
kubernetes-dashboard kubernetes-dashboard-7448ffc97b-czsdn 1/1 Running 0 2m11s
问题已在评论部分解决,但为了更好的可见性,我决定提供一个答案。
部署 Kubernetes Dashboard 后,要从本地工作站访问它,我们可以通过 运行 创建到 Kubernetes 集群(我们的机器和 Kubernetes API 服务器之间的代理服务器)的安全通道:
$ kubectl proxy
Starting to serve on 127.0.0.1:8001
注意: 默认情况下,仪表板只能从启动代理服务器的计算机访问。
仪表板端点可在以下 link 下访问:
http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
了解访问 Kubernetes 仪表板的其他方式(kubectl port-forward, NodePort and Ingress), please visit the Accessing Dashboard documentation。
我正在尝试在 virtualbox 中设置一个 kubernetes 集群。我关注了 https://kubernetes.io/blog/2019/03/15/kubernetes-setup-using-ansible-and-vagrant,到目前为止一切似乎都正常。
但是我无法让仪表板应用程序工作。我遵循了 https://github.com/kubernetes/dashboard and https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md 的指南,但我无法从我的主机访问 Web-UI。
我的整个设置可以在这里找到:https://github.com/sebastian9486/v-kube-cluster/tree/feature/deploy-dashboard
我的 Vagrantfile 在 src/main/kube-cluster 中,我的 ansible playbook 在 src/main/kube-cluster/kubernetes-setup 中。这些部分目前有效。
在 src/main/kube-cluster/kubernetes-setup/deploy/ 中是 dashboard.sh 部署仪表板应用程序。可能有一些更优雅的方式,但为了知道我试着得到它 运行.
安装看起来不错。我的 dashboard.sh
的输出[INFO] Deploy and configure application 'dashboard'
[INFO] Start deployment
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
Connection to 127.0.0.1 closed.
Connection to 127.0.0.1 closed.
[DONE] Finished deployment
[INFO] Start configuration
serviceaccount/admin-user created
Connection to 127.0.0.1 closed.
clusterrolebinding.rbac.authorization.k8s.io/admin-user created
Connection to 127.0.0.1 closed.
[INFO] ******************************************************************
[INFO] ***** BEARER TOKEN ***********************************************
eyJhbGciOiJSUzI1NiIsImtpZCI6IlRzWkFqejB1RnJJUjBNUDlXSHo0MEVBZmRlTFN1MmxYRThweFRBVTdRNmsifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLWxjajQ4Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiIwYzhiMjFiYS05ZWZkLTRmNjUtOGM5Yi0wZTczMGU3NGUyZTUiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.LExiVLOykdGVmtXNyUz2vn0VPc1Gazlng-lKnnBV541XPRjUjudjAaTKvfVoOQfEUDxLTLCLS8ePNPqXpnF3zvf7NEmBV5KCttCQWyqFW5PoiQVF2MbFiIXGMHYfYoBrjw_-BqKtbUAr23akPIp8n0m9OyQrHSbGz4m6T1kt2NwcKAX-rpIvkcLo5SaxFpMb6om-pce2EUjQ8fy17ciskN988_jhTgfXQEuwCuIIoUQ_ZblY1MABtdKE0STt9M78qzkY2sZQv8yeKzpmsWSrpX0CechFlA6Ce1XaWrwbqt6vSYpejuK34j1aWh4cUG-f50LaPwXZUnQhbLRViSZaYQConnection to 127.0.0.1 closed.
[INFO] ******************************************************************
[INFO] ******************************************************************
[DONE] Finished configuration
[INFO] Finished Deployment and configuration of application 'dashboard'
但是我无法从我的主机访问该页面。
来自我的主节点 kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-86bddfcff-dl6hl 1/1 Running 0 5m49s
kube-system calico-node-gvjqp 1/1 Running 0 2m15s
kube-system calico-node-jsvk6 1/1 Running 0 5m50s
kube-system coredns-74ff55c5b-nhkwv 1/1 Running 0 5m49s
kube-system coredns-74ff55c5b-pjl97 1/1 Running 0 5m49s
kube-system etcd-v-k8s-master 1/1 Running 0 5m58s
kube-system kube-apiserver-v-k8s-master 1/1 Running 0 5m58s
kube-system kube-controller-manager-v-k8s-master 1/1 Running 0 5m58s
kube-system kube-proxy-cb79j 1/1 Running 0 2m15s
kube-system kube-proxy-vq7lr 1/1 Running 0 5m50s
kube-system kube-scheduler-v-k8s-master 1/1 Running 0 5m58s
kubernetes-dashboard dashboard-metrics-scraper-79c5968bdc-jc7hl 1/1 Running 0 2m11s
kubernetes-dashboard kubernetes-dashboard-7448ffc97b-czsdn 1/1 Running 0 2m11s
问题已在评论部分解决,但为了更好的可见性,我决定提供一个答案。
部署 Kubernetes Dashboard 后,要从本地工作站访问它,我们可以通过 运行 创建到 Kubernetes 集群(我们的机器和 Kubernetes API 服务器之间的代理服务器)的安全通道:
$ kubectl proxy
Starting to serve on 127.0.0.1:8001
注意: 默认情况下,仪表板只能从启动代理服务器的计算机访问。
仪表板端点可在以下 link 下访问:
http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
了解访问 Kubernetes 仪表板的其他方式(kubectl port-forward, NodePort and Ingress), please visit the Accessing Dashboard documentation。