您的位置:首页 > 其它

搭建及使用K8s集群 <k8s dashboard pod方式部署>

2017-10-16 10:10 1096 查看

k8s dashboard pod方式部署

编写yaml文件

创建pod

浏览器打开webui

编写yaml文件

# cat dashboard.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
# Keep the name in sync with image version and
# gce/coreos/kube-manifests/addons/dashboard counterparts
name: kubernetes-dashboard-latest
namespace: kube-system
spec:
replicas: 1
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
version: latest
kubernetes.io/cluster-service: "true"
spec:
containers:
- name: kubernetes-dashboard
image: huanwei/kubernetes-dashboard-amd64:latest
resources:
# keep request = limit to keep this container in guaranteed class
limits:
cpu: 100m
memory: 50Mi
requests:
cpu: 100m
memory: 50Mi
ports:
- containerPort: 9090
args:
-  --apiserver-host=http://192.168.6.150:8080
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: 30
timeoutSeconds: 30
---
kind: Service
metadata:
name: kubernetes-dashboard
namespace: kube-system
labels:
k8s-app: kubernetes-dashboard
kubernetes.io/cluster-service: "true"
spec:
type: NodePort
selector:
k8s-app: kubernetes-dashboard
ports:
- port: 80
targetPort: 9090


其中- –apiserver-host=http://192.168.6.45:8080 为master的ip,此处不能使用主机名称【如果非要用就要在所有的节点添加host,因为部署pod的时候不知道会分配到哪一个node】

创建pod

# kubectl create -f dashboard.yaml
deployment "kubernetes-dashboard-latest" created
service "kubernetes-dashboard" created


如上代码显示则创建成功

浏览器打开webui

==,ip、端口 我都不知道怎么知道webui的地址?so 命令查看pod是部署在哪一台node上,

# kubectl get pods --namespace=kube-system
No resources found.


悲剧,创建pod 失败了,

那怎么查看kube日志?

如果 kubernetes 的启动参数中有 –logtostderr=true 表示使用 systemd 接管 kubernetes 的输出,可以用 journalctl 查看

在Linux系统上systemd系统来管理kubernetes服务,并且journal系统会接管服务程序的输出日志,可以通过systemctl status 或journalctl -u -f来查看kubernetes服务的日志。

其中kubernetes组件包括:

k8s组件涉及日志内容
kube-apiserver
kube-controller-managerPod扩容相关或RC相关
kube-schedulerPod扩容相关或RC相关
kubeletPod生命周期相关:创建、停止等
etcd
转自博客 http://blog.csdn.net/huwh_/article/details/71308301

# journalctl -u kube-controller-manager | tail
FailedCreate' Error creating: No API token found for service account "default", retry after the token is automatically created and added to the service account


通过上面错误信息得知失败原因 身份认证

解决的方法有两种 跳过认证 和 添加认证,

参考博客 http://blog.csdn.net/jinzhencs/article/details/51435020

本次采用跳过认证来解决,修改/etc/kubernetes/apiserver

# cat /etc/kubernetes/apiserver
###
# kubernetes system config
#
# The following values are used to configure the kube-apiserver
#

# The address on the local server to listen to.
KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"

# The port on the local server to listen on.
KUBE_API_PORT="--port=8080"

# Port minions listen on
# KUBELET_PORT="--kubelet-port=10250"

# Comma separated list of nodes in the etcd cluster
KUBE_ETCD_SERVERS="--etcd-servers=http://127.0.0.1:2379"

# Address range to use for services
KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"

# default admission control policies
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"

# Add your own!
KUBE_API_ARGS=""


KUBE_ADMISSION_CONTROL 去掉 ServiceAccount 我前面一篇 搭建k8s集群的博客中有提到过。

重启master再执行一次第二步。

查看pod明细

# kubectl describe service/kubernetes-dashboard --namespace="kube-system"
Name:                   kubernetes-dashboard
Namespace:              kube-system
Labels:                 k8s-app=kubernetes-dashboard
kubernetes.io/cluster-service=true
Selector:               k8s-app=kubernetes-dashboard
Type:                   NodePort
IP:                     10.254.235.156
Port:                   <unset> 80/TCP
NodePort:               <unset> 31081/TCP
Endpoints:              172.17.26.2:9090
Session Affinity:       None
No events.


在 node中执行docker ps,查看进程存在哪个node上

# docker ps
CONTAINER ID        IMAGE                                                        COMMAND                  CREATED              STATUS              PORTS               NAMES
62630e335fc1        huanwei/kubernetes-dashboard-amd64:latest                    "/dashboard --port=90"   About a minute ago   Up About a minute                       k8s_kubernetes-dashboard.44479d71_kubernetes-dashboard-latest-2748740746-dj9m0_kube-system_a0cfa399-b218-11e7-a8b9-080027cd4201_90a07124
90f1a6ddaa03        registry.access.redhat.com/rhel7/pod-infrastructure:latest   "/usr/bin/pod"           About a minute ago   Up About a minute                       k8s_POD.28c50bab_kubernetes-dashboard-latest-2748740746-dj9m0_kube-system_a0cfa399-b218-11e7-a8b9-080027cd4201_bd775cdb


故访问地址为:

http://node2:31081/#/workload?namespace=default

每次重启 ip和端口都会改变,怎么能用固定地址访问?

在我的另外一篇博客使用ingress 暴露服务会提及
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: