반응형
k8s dashboard 설치 및 구성가이드입니다.
1. Dashboard 설치
git clone https://github.com/kubernetes/dashboard.git
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml
## Off-line
kubectl apply -f recommended.yaml
## On-line
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml
## 전체 namespace pod 조회
kubectl get pods --all-namespaces
kubernetes-dashboard dashboard-metrics-scraper-79c5968bdc-vt4n7 1/1 Running 0 105m
kubernetes-dashboard kubernetes-dashboard-9f9799597-v7r5t 1/1 Running 0 105m
## Cluster Info 확인
[root@hk-k8s-master1 ~]# kubectl cluster-info
Kubernetes control plane is running at https://88.88.88.10:8443
KubeDNS is running at https://88.88.88.10:8443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
2. Dashboard 접속 방법
2.1 Proxy를 통한 접속 방법
Proxy 포트를 생성합니다.
## Local 포트 생성
kubectl proxy --port=5555 &
curl 127.0.0.1:5555
# localhost 접속주소
# http://127.0.0.1:5555/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login
# master 노드 VIP로 생성
kubectl proxy --port=5555 --address=88.88.88.10 --accept-hosts='^*$' &
# server ip 접속주소
http://88.88.88.10:5555/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login
서비스 계정 및 ClusterRoleBinding를 생성합니다.
cat <<EOF | kubectl create -f -
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system
EOF
cat <<EOF | kubectl create -f -
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kube-system
EOF
사용자 계정의 토큰을 확인합니다.
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
Name: admin-user-token-77fdc
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: admin-user
kubernetes.io/service-account.uid: fc99f6c0-a0cd-4186-8b34-8adac653ce00
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1066 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6Imcxa2RPaENGVXg1bk5QOE43ZS1Gei1SeENRMk1TR2JURy1sbzZncTBEQ2cifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLTc3ZmRjIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiJmYzk5ZjZjMC1hMGNkLTQxODYtOGIzNC04YWRhYzY1M2NlMDAiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.omJXDCKdedt5Om8sPidIC8xBR6T5aQr2Q2svVsNDT4Uo4q9KuxOKf0MAuXfeH4yMLUdn7QkyPcVz992ufOKjsMmK95f9XQj1vCUiK2yCqPIIjDtKqTi9PaogbLw3fx-psoIP4kcGPnLvVSS0NXj-In6RwB9wiy8jxQrYLQsF_DBPkeXUKAtEdRcsngbwrVRt0dMBU146H074nbbRfTVeLga-FK1UcuP8Fu2eTRZwiSiYFqJQFuWyt9P0DIAbVpjkP7hZBCvVWTvsNHqsNFweDWQVM9OQ4c_NiHNzUeZq3lR20xZofQRtl09eF-Vxu1vdzNXqSHlS35U-00cBcfy5_g
2.2 NodePort를 통한 접속 방법
k8s-dashboard 설정을 ClusterIP -> NodePort로 변경합니다.
## type 변경
kubectl -n kubernetes-dashboard edit service kubernetes-dashboard
type: ClusterIP -> NodePort
## dashboard service 확인
kubectl -n kubernetes-dashboard get service kubernetes-dashboard
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes-dashboard ClusterIP 10.102.160.224 <none> 443/TCP 164m
======> 위는 NodePort로 변경 전 kubernetes-dashboard 정보이며, 아래는 변경 후 정보
NodePort번호는 시작 및 셋팅시점 마다 변경되니 필히 포트 확인 필요
[root@hk-k8s-master1 ~]# kubectl -n kubernetes-dashboard get service kubernetes-dashboard
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes-dashboard NodePort 10.102.160.224 <none> 443:32522/TCP 166m
3. Dashboard 접속
web : https://88.88.88.0:32522
728x90
'Cloud > Kubernetes (k8s)' 카테고리의 다른 글
| [k8s] k8s cluster install guide (설치 가이드) (0) | 2022.04.22 |
|---|---|
| [Container] Podman 설치 및 사용법 (0) | 2021.08.24 |
| [Container] Docker 설치 및 사용법 (0) | 2021.08.24 |
| [k8s] kubernetes 구조 (0) | 2021.07.05 |
| [k8s] 주요 컴포넌트 설명 (0) | 2021.07.05 |
