在虚拟机中访问 Kubernetes 集群
Access Kubernetes Cluster in Virtual Machines
我已经使用 vagrant 和虚拟 vbox 设置了一个 kubernetes 集群。到目前为止一切似乎都没有问题。
下一步是使用 https://github.com/kubernetes/dashboard 中的指南(以及链接的“创建身份验证令牌 (RBAC)”部分)部署仪表板应用程序。
现在我运行遇到一个问题。由于我将所有节点设置为虚拟机,因此我需要将我的应用程序部署到 VM。但是我怎样才能通过浏览器从我的主机访问这些服务呢?
运行 kubectl proxy & VM 内部无法实现从我的主机访问的技巧。
我的整个设置在 Github 上可用:https://github.com/sebastian9486/v-kube-cluster
- src/main/ -> 启动/停止脚本
- src/main/kube-cluster/ -> Vagrantfile、Ansible 剧本和部署仪表板应用程序的脚本
我的 dashboard.sh 的输出(IP 地址来自我的 vagrantboxes)
[INFO] Start deployment of application: dashboard
[INFO] Start deployment
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
Connection to 127.0.0.1 closed.
serviceaccount/admin-user created
Connection to 127.0.0.1 closed.
[DONE] Created service account
clusterrolebinding.rbac.authorization.k8s.io/admin-user created
Connection to 127.0.0.1 closed.
[DONE] Created service account
[INFO] *** BEARER TOKEN *********************************************
eyJhbGciOiJSUzI1NiIsImtpZCI6IlBZZ2wzUWtHeTdKbC0xVEptQXBMQTI0MXpmdzdkMEo0dDNEYVdSenV0NmcifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLTVkYnhrIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJhOWZiYmNiYS1kZDI2LTQ4MzAtYWRkOC0xOTg5MWJhZTg0NTAiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.TBH-NHpG8KMqzucQ70OoCijcAIi3qo0pM2LURa01hFG-7WQfvhYNGQo5q36hBenZdOPwZrIQ5WewfUJTEQ52UpnPKUhZVy7jwhIZEn7qaIQkHJYynNXzqnCAP7aS__paTG5AVQNDUWSpwEVBR0GNp0pBZq1rq_6SdA3ePuqKqCXnhWzGEgkN-Vy1hOORL87ecbTy2TNWADDPy90_rSPc4NdpF6NDFbpU1yW9upmR1AL7qNpUWsCYGWRLavY2jcCaG4s6uSsYcTlJByCKePBrALQa1LyIcwHlvZjaEDCBQLvhXfLI6pm6rF2ln_AhV0WXGG1zdzCYI9Xw1HSsyKhdaQConnection to 127.0.0.1 closed.
[INFO] ******************************************************************
[DONE] ------------------------------------------------------------------
[DONE] Deployed application: dashboard
[DONE] ------------------------------------------------------------------
Connection to 127.0.0.1 closed.
[DONE] Started kube proxy on v-kube-master machine
[INFO] http://192.168.50.10:8001/ui
[INFO] http://192.168.50.10:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
在主机浏览器中访问 URL 会导致:
- http://192.168.50.10:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/ -> 无法连接
- http://127.0.0.1:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/ -> 无法连接
当我通过 ssh 进入主节点时,我得到了这些结果:
vagrant@v-k8s-master:~$ curl http://192.168.50.10:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
curl: (7) Failed to connect to 192.168.50.10 port 8001: Connection refused
vagrant@v-k8s-master:~$ curl http://127.0.0.1:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
curl: (7) Failed to connect to 127.0.0.1 port 8001: Connection refused
vagrant@v-k8s-master:~$ curl http://127.0.0.1:8080/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
curl: (7) Failed to connect to 127.0.0.1 port 8080: Connection refused
vagrant@v-k8s-master:~$ curl http://192.168.50.10:8080/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
curl: (7) Failed to connect to 192.168.50.10 port 8080: Connection refused
有人知道吗?
尝试用这种方式公开代理:
kubectl proxy --address='0.0.0.0' --port=8001 --accept-hosts='.*'
然后从您的主机加入 http://192.168.50.10:8001/api/v1/..。
我已经使用 vagrant 和虚拟 vbox 设置了一个 kubernetes 集群。到目前为止一切似乎都没有问题。
下一步是使用 https://github.com/kubernetes/dashboard 中的指南(以及链接的“创建身份验证令牌 (RBAC)”部分)部署仪表板应用程序。
现在我运行遇到一个问题。由于我将所有节点设置为虚拟机,因此我需要将我的应用程序部署到 VM。但是我怎样才能通过浏览器从我的主机访问这些服务呢?
运行 kubectl proxy & VM 内部无法实现从我的主机访问的技巧。
我的整个设置在 Github 上可用:https://github.com/sebastian9486/v-kube-cluster
- src/main/ -> 启动/停止脚本
- src/main/kube-cluster/ -> Vagrantfile、Ansible 剧本和部署仪表板应用程序的脚本
我的 dashboard.sh 的输出(IP 地址来自我的 vagrantboxes)
[INFO] Start deployment of application: dashboard
[INFO] Start deployment
namespace/kubernetes-dashboard created
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
Connection to 127.0.0.1 closed.
serviceaccount/admin-user created
Connection to 127.0.0.1 closed.
[DONE] Created service account
clusterrolebinding.rbac.authorization.k8s.io/admin-user created
Connection to 127.0.0.1 closed.
[DONE] Created service account
[INFO] *** BEARER TOKEN *********************************************
eyJhbGciOiJSUzI1NiIsImtpZCI6IlBZZ2wzUWtHeTdKbC0xVEptQXBMQTI0MXpmdzdkMEo0dDNEYVdSenV0NmcifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLTVkYnhrIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJhOWZiYmNiYS1kZDI2LTQ4MzAtYWRkOC0xOTg5MWJhZTg0NTAiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZXJuZXRlcy1kYXNoYm9hcmQ6YWRtaW4tdXNlciJ9.TBH-NHpG8KMqzucQ70OoCijcAIi3qo0pM2LURa01hFG-7WQfvhYNGQo5q36hBenZdOPwZrIQ5WewfUJTEQ52UpnPKUhZVy7jwhIZEn7qaIQkHJYynNXzqnCAP7aS__paTG5AVQNDUWSpwEVBR0GNp0pBZq1rq_6SdA3ePuqKqCXnhWzGEgkN-Vy1hOORL87ecbTy2TNWADDPy90_rSPc4NdpF6NDFbpU1yW9upmR1AL7qNpUWsCYGWRLavY2jcCaG4s6uSsYcTlJByCKePBrALQa1LyIcwHlvZjaEDCBQLvhXfLI6pm6rF2ln_AhV0WXGG1zdzCYI9Xw1HSsyKhdaQConnection to 127.0.0.1 closed.
[INFO] ******************************************************************
[DONE] ------------------------------------------------------------------
[DONE] Deployed application: dashboard
[DONE] ------------------------------------------------------------------
Connection to 127.0.0.1 closed.
[DONE] Started kube proxy on v-kube-master machine
[INFO] http://192.168.50.10:8001/ui
[INFO] http://192.168.50.10:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
在主机浏览器中访问 URL 会导致:
- http://192.168.50.10:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/ -> 无法连接
- http://127.0.0.1:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/ -> 无法连接
当我通过 ssh 进入主节点时,我得到了这些结果:
vagrant@v-k8s-master:~$ curl http://192.168.50.10:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
curl: (7) Failed to connect to 192.168.50.10 port 8001: Connection refused
vagrant@v-k8s-master:~$ curl http://127.0.0.1:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
curl: (7) Failed to connect to 127.0.0.1 port 8001: Connection refused
vagrant@v-k8s-master:~$ curl http://127.0.0.1:8080/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
curl: (7) Failed to connect to 127.0.0.1 port 8080: Connection refused
vagrant@v-k8s-master:~$ curl http://192.168.50.10:8080/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/
curl: (7) Failed to connect to 192.168.50.10 port 8080: Connection refused
有人知道吗?
尝试用这种方式公开代理:
kubectl proxy --address='0.0.0.0' --port=8001 --accept-hosts='.*'
然后从您的主机加入 http://192.168.50.10:8001/api/v1/..。