一、k8s管理界面 这里主要列举以下3个: 官方的kubernetes-dashboard Rancher Kuboard 二、安装步骤1、前言 之前部署过dashboard v1.x的版本,后来dashboard升级了,按照之前的部署方式部署后,总是出现无法访问的现象,后面又去github找到最新版的dashboard 部署方式,特此记录 2、正式安装 step1:安装方式也是类似k8s pod创建,通过kubectl apply方式 $ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.3/aio/deploy/recommended.yaml step2: 如果拉取不了,可以在hosts里配置这个 echo "151.101.108.133 raw.githubusercontent.com" >> /etc/hosts 注意: 选择版本时要注意,一定要下载与自己k8s的版本对应dashboard,不然web界面会报404。也就是要看看版本中的"Compatibility" 各版本见官方项目地址: https://github.com/kubernetes/dashboard github.com/kubernetes/dashboard step3:优化配置文件(修改相应的镜像配置以免国内无法下载) 我将此服务改为NodePort方式进行部署,方便后续进行测试,镜像地址也修改为阿里云仓库的地址,配置文件地址: 点击直达 github.com/pythonTaotao/kubernetes/tree/master/dashboard p.s.recommended.yaml文件需要修改2处recommended.yaml 中的镜像地址改成(一般官方默认的镜像下载不了): registry.cn-hangzhou.aliyuncs.com/kubernetes_ns/dashboard:v2.0.3recommended.yaml 指定nodeport端口,方便主机上访问 具体如何修改参见此文: https://www.cnblogs.com/caoxb/p/ www.cnblogs.com/caoxb/p/11244285.html step4:Getting a Bearer Token(登录WEB页面是需要使用)kubectl describe secrets -n kubernetes-dashboard admin-user-token | grep token | awk "NR==3{print $2}" step5:查看服务端口[root@master ~]# kubectl get svc -n kubernetes-dashboard NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE dashboard-metrics-scraper ClusterIP 10.100.164.298000/TCP 11h kubernetes-dashboard NodePort 10.107.131.103 443:32136/TCP 11hstep6:登录验证 https://IP:Port 问题总结 kubernetes搭建dashboard报错warning configmaps is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list configmaps in the namespace "default" close warning persistentvolumeclaims is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list persistentvolumeclaims in the namespace "default" close warning secrets is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list secrets in the namespace "default" close warning services is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list services in the namespace "default" close warning ingresses.extensions is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list ingresses.extensions in the namespace "default" close warning daemonsets.apps is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list daemonsets.apps in the namespace "default" close warning pods is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list pods in the namespace "default" close warning events is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list events in the namespace "default" close warning deployments.apps is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list deployments.apps in the namespace "default" close warning replicasets.apps is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list replicasets.apps in the namespace "default" close warning jobs.batch is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list jobs.batch in the namespace "default" close warning cronjobs.batch is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list cronjobs.batch in the namespace "default" close warning replicationcontrollers is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list replicationcontrollers in the namespace "default" close warning statefulsets.apps is forbidden: User "system:serviceaccount:kube-system:kubernetes-dashboard" cannot list statefulsets.apps in the namespace "default" 解决办法安装dashboard-adminuser.yamlkubectl apply -f https://hub.fastgit.org/pythonTaotao/kubernetes/blob/master/dashboard/dashboard-adminuser.yaml