1. 首页
  2. 文章中心
  3. 笔记

Ubuntu环境Docker+K8s+Dashboard的安装配置(无坑亲测)

178 阅读 0 评论
我是靠谱客的博主 潇洒毛衣,这篇文章主要介绍Ubuntu环境Docker+K8s+Dashboard的安装配置(无坑亲测),现在分享给大家,希望可以做个参考。

安装之前的准备:

安装docker

使用国内 daocloud 一键安装命令:

复制代码
1
2
curl -sSL https://get.daocloud.io/docker | sh

直接从dockerhub下载镜像太慢, 需要配置国内镜像源, 修改daemon.json文件
添加镜像源, luffy使用的是中科大的镜像源

复制代码
1
2
3
4
5
6
cat <<EOF >/etc/docker/daemon.json
{
  "registry-mirrors": ["https://docker.mirrors.ustc.edu.cn/"]
}  
EOF

启动docker

复制代码
1
2
3
sudo systemctl daemon-reload
sudo systemctl restart docker

安装kubelet,kubectl,kubeadm:

打开apt源文件:

复制代码
1
2
vim /etc/apt/sources.list

添加如下:

复制代码
1
2
deb https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial main

然后更新apt源:

复制代码
1
2
apt-get update

ps:如果出现下面错误
W: GPG error: https://mirrors.aliyun.com/kubernetes/apt kubernetes-xenial InRelease: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY FEEA9169307EA071 NO_PUBKEY 8B57C5C2836F4BEB

执行安装GPG秘钥:

复制代码
1
2
curl https://mirrors.aliyun.com/kubernetes/apt/doc/apt-key.gpg |sudo apt-key add -

在进行

复制代码
1
2
apt-get update

安装kube:

复制代码
1
2
apt-get install -y kubelet=1.18.0-00 kubeadm=1.18.0-00 kubectl=1.18.0-00

启动master节点

查看镜像列表

复制代码
1
2
kubeadm config images list --kubernetes-version v1.18.0

拉取镜像:

复制代码
1
2
3
4
5
6
7
8
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.18.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.18.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.18.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.18.0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.4.3-0
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.6.7

给镜像改名:

复制代码
1
2
3
4
5
6
7
8
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-apiserver:v1.18.0 k8s.gcr.io/kube-apiserver:v1.18.0
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-controller-manager:v1.18.0 k8s.gcr.io/kube-controller-manager:v1.18.0
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-scheduler:v1.18.0 k8s.gcr.io/kube-scheduler:v1.18.0
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/kube-proxy:v1.18.0 k8s.gcr.io/kube-proxy:v1.18.0
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/pause:3.2 k8s.gcr.io/pause:3.2
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/etcd:3.4.3-0 k8s.gcr.io/etcd:3.4.3-0
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/coredns:1.6.7 k8s.gcr.io/coredns:1.6.7

注意:以上三步关于镜像的操作也可以直接写到一个脚本里,for循环来执行,详情可以查询脚本操作。

复制代码
1
2
vim k8s-pull.sh

添加内容:

复制代码
1
2
3
4
5
6
7
8
#将对应的包, 从国内镜像上拉下来
for  i  in  `kubeadm config images list --kubernetes-version v1.18.0`;  do
    imageName=${i#k8s.gcr.io/}
    docker pull registry.aliyuncs.com/google_containers/$imageName
    docker tag registry.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
    docker rmi registry.aliyuncs.com/google_containers/$imageName
done;

执行脚本

复制代码
1
2
sh k8s-pull.sh

镜像下载完成,可以启动master节点了:

复制代码
1
2
kubeadm init --kubernetes-version=v1.18.0 --pod-network-cidr=10.10.0.0/16 --apiserver-advertise-address=172.18.10.172 --ignore-preflight-errors=NumCPU

注意172.18.10.172是我的服务器内网地址,注意替换,–ignore-preflight-errors=NumCPU 是因为我的服务器是买的低配单核,加上就忽略启动是的cpu核心数报错,多核 的不用加这个

设置配置文件如下:

复制代码
1
2
3
4
mkdir -p /root/.kube
cp -i /etc/kubernetes/admin.conf /root/.kube/config
chown root:root /root/.kube/config

设置网络插件

复制代码
1
2
3
export KUBECONFIG=/etc/kubernetes/admin.conf
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
复制代码
1
2
mkdir -p /etc/cni/net.d

编辑网络通道配置列表(没有会默认创建)

复制代码
1
2
vi 10-flannel.conflist
复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
{
    undefined"name": "cbr0",
    "plugins": [
        {
            undefined"type": "flannel",
            "delegate": {
                undefined"hairpinMode": true,
                "isDefaultGateway": true
            }
        },
        {
            undefined"type": "portmap",
            "capabilities": {
                undefined"portMappings": true
            }
        }
    ]
}

多次刷新查看是否relay

复制代码
1
2
kubectl get nodes

显示Ready表示执行成功

复制代码
1
2
3
NAME                      STATUS   ROLES    AGE   VERSION
izwz91w9jegcgf28ttbe2yz   Ready    master   46h   v1.18.0

重启kubelet

复制代码
1
2
3
systemctl daemon-reload
systemctl restart kubelet

安装 kubernetes-dashboard

下载包

复制代码
1
2
wget https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml

可以修改下名字kubernetes-dashboard,编辑配置文件

复制代码
1
2
vim kubernetes-dashboard.yaml

下面我这个已经修改好了没有坑,注意下端口就行

复制代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: v1
kind: Namespace
metadata:
  name: kubernetes-dashboard

---

apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard

---

kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  type: NodePort # 新增
  ports:
    - port: 443
      targetPort: 8443
      nodePort: 30443 # 新增
  selector:
    k8s-app: kubernetes-dashboard

---

apiVersion: v1
kind: Secret
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-certs
  namespace: kubernetes-dashboard
type: Opaque

---

apiVersion: v1
kind: Secret
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-csrf
  namespace: kubernetes-dashboard
type: Opaque
data:
  csrf: ""

---

apiVersion: v1
kind: Secret
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-key-holder
  namespace: kubernetes-dashboard
type: Opaque

---

kind: ConfigMap
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard-settings
  namespace: kubernetes-dashboard

---

kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
rules:
  # Allow Dashboard to get, update and delete Dashboard exclusive secrets.
  - apiGroups: [""]
    resources: ["secrets"]
    resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"]
    verbs: ["get", "update", "delete"]
    # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
  - apiGroups: [""]
    resources: ["configmaps"]
    resourceNames: ["kubernetes-dashboard-settings"]
    verbs: ["get", "update"]
    # Allow Dashboard to get metrics.
  - apiGroups: [""]
    resources: ["services"]
    resourceNames: ["heapster", "dashboard-metrics-scraper"]
    verbs: ["proxy"]
  - apiGroups: [""]
    resources: ["services/proxy"]
    resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"]
    verbs: ["get"]

---

kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
rules:
  # Allow Metrics Scraper to get metrics from the Metrics server
  - apiGroups: ["metrics.k8s.io"]
    resources: ["pods", "nodes"]
    verbs: ["get", "list", "watch"]

---

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: kubernetes-dashboard
subjects:
  - kind: ServiceAccount
    name: kubernetes-dashboard
    namespace: kubernetes-dashboard

---

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: kubernetes-dashboard
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: kubernetes-dashboard
subjects:
  - kind: ServiceAccount
    name: kubernetes-dashboard
    namespace: kubernetes-dashboard

---

kind: Deployment
apiVersion: apps/v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      k8s-app: kubernetes-dashboard
  template:
    metadata:
      labels:
        k8s-app: kubernetes-dashboard
    spec:
      containers:
        - name: kubernetes-dashboard
          image: kubernetesui/dashboard:v2.0.0
          imagePullPolicy: Always
          ports:
            - containerPort: 8443
              protocol: TCP
          args:
            - --auto-generate-certificates
            - --namespace=kubernetes-dashboard
            # Uncomment the following line to manually specify Kubernetes API server Host
            # If not specified, Dashboard will attempt to auto discover the API server and connect
            # to it. Uncomment only if the default does not work.
            # - --apiserver-host=http://my-address:port
          volumeMounts:
            - name: kubernetes-dashboard-certs
              mountPath: /certs
              # Create on-disk volume to store exec logs
            - mountPath: /tmp
              name: tmp-volume
          livenessProbe:
            httpGet:
              scheme: HTTPS
              path: /
              port: 8443
            initialDelaySeconds: 30
            timeoutSeconds: 30
          securityContext:
            allowPrivilegeEscalation: false
            readOnlyRootFilesystem: true
            runAsUser: 1001
            runAsGroup: 2001
      volumes:
        - name: kubernetes-dashboard-certs
          secret:
            secretName: kubernetes-dashboard-certs
        - name: tmp-volume
          emptyDir: {}
      serviceAccountName: kubernetes-dashboard
      nodeSelector:
        "kubernetes.io/os": linux
      # Comment the following tolerations if Dashboard must not be deployed on master
      tolerations:
        - key: node-role.kubernetes.io/master
          effect: NoSchedule

---

kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: dashboard-metrics-scraper
  name: dashboard-metrics-scraper
  namespace: kubernetes-dashboard
spec:
  ports:
    - port: 8000
      targetPort: 8000
  selector:
    k8s-app: dashboard-metrics-scraper

---

kind: Deployment
apiVersion: apps/v1
metadata:
  labels:
    k8s-app: dashboard-metrics-scraper
  name: dashboard-metrics-scraper
  namespace: kubernetes-dashboard
spec:
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      k8s-app: dashboard-metrics-scraper
  template:
    metadata:
      labels:
        k8s-app: dashboard-metrics-scraper
      annotations:
        seccomp.security.alpha.kubernetes.io/pod: 'runtime/default'
    spec:
      containers:
        - name: dashboard-metrics-scraper
          image: kubernetesui/metrics-scraper:v1.0.4
          ports:
            - containerPort: 8000
              protocol: TCP
          livenessProbe:
            httpGet:
              scheme: HTTP
              path: /
              port: 8000
            initialDelaySeconds: 30
            timeoutSeconds: 30
          volumeMounts:
          - mountPath: /tmp
            name: tmp-volume
          securityContext:
            allowPrivilegeEscalation: false
            readOnlyRootFilesystem: true
            runAsUser: 1001
            runAsGroup: 2001
      serviceAccountName: kubernetes-dashboard
      nodeSelector:
        "kubernetes.io/os": linux
      # Comment the following tolerations if Dashboard must not be deployed on master
      tolerations:
        - key: node-role.kubernetes.io/master
          effect: NoSchedule
      volumes:
        - name: tmp-volume
          emptyDir: {}

更新dashboard配置

复制代码
1
2
kubectl apply -f kubernetes-dashboard.yaml

查看dashboard端口

复制代码
1
2
kubectl get pod,deploy,svc --all-namespaces

返回下面数据都显示running:表示成功
在这里插入图片描述
在这里插入图片描述

登录dashboard

此时通过 https://服务器外网ip:30443
可以访问dashboard页面
在这里插入图片描述

生成登陆须要的token:

1:建立service account

复制代码
1
2
kubectl create sa dashboard-admin -n kube-system

2:建立角色绑定关系

复制代码
1
2
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin

3:查看dashboard-admin的secret名字

复制代码
1
2
3
ADMIN_SECRET=$(kubectl get secrets -n kube-system | grep dashboard-admin | awk '{print $1}')
echo ADMIN_SECRET

4:打印secret的token

复制代码
1
2
kubectl describe secret -n kube-system ${ADMIN_SECRET} | grep -E '^token' | awk '{print $2}'

在这里插入图片描述

在这里插入图片描述

备注:有什么问题可以查看日志,排查

复制代码
1
2
journalctl -xeu kubelet

最后

以上就是潇洒毛衣最近收集整理的关于Ubuntu环境Docker+K8s+Dashboard的安装配置(无坑亲测)的全部内容,更多相关Ubuntu环境Docker+K8s+Dashboard内容请搜索靠谱客的其他文章。

本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
点赞(118)

相关文章

ubuntu14.04 在Dash中添加条目并把它放到启动器上
ubuntu14.04 在Dash中添加条目并把它放到启动器上
Ubuntu16制作程序图标并添加到启动栏和dash
Ubuntu16制作程序图标并添加到启动栏和dash
在Ubuntu12.04LTS的Dash主页上创建快捷方式在Dash界面创建Eclipse等软件的图标
在Ubuntu12.04LTS的Dash主页上创建快捷方式在Dash界面创建Eclipse等软件的图标
Ubuntu 16.04添加启动图标到Dash Home中
Ubuntu 16.04添加启动图标到Dash Home中
Ubuntu环境Docker+K8s+Dashboard的安装配置(无坑亲测)
Ubuntu环境Docker+K8s+Dashboard的安装配置(无坑亲测)
Ubuntu 12.04 添加程序启动器
Ubuntu 12.04 添加程序启动器
一文完成 Windows Terminal 设置与 zsh 安装【非WSL】为 Windows Terminal 添加标签页在 Windows 环境下为 Git Bash 安装 zsh 【非WSL】
一文完成 Windows Terminal 设置与 zsh 安装【非WSL】为 Windows Terminal 添加标签页在 Windows 环境下为 Git Bash 安装 zsh 【非WSL】
zsh-install
zsh-install

评论列表共有 0 条评论

立即
投稿
返回
顶部