dashboard add-ons

  • kubernetes-dashboard
  • lens
  • octant
  • weave scope

kubernetes-dashboard

https://github.com/kubernetes/dashboard

// 部署dashboard
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml

// check
$ kubectl -n kubernetes-dashboard get pods --watch

1

// 删除已安装的dashboard
$ kubectl delete ns kubernetes-dashboard

dashboard arguments

使用basic auth:

--enable-skip-login
--enable-insecure-login
--system-banner="Welcome to Kubernetes"
--authentication-mode="basic" // 默认是 token 登陆.

access control

  • kubeconfig

  • authorization header

  • token

  • basic

username/password login

access dashboard

本机访问

$ kubectl proxy
#> http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/

远程访问

port-forward:

$ kubectl port-forward -n kubernetes-dashboard service/kubernetes-dashboard 8080:443 --address 0.0.0.0

nodePort:

kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  type: NodePort
  ports:
    - port: 443
    targetPort: 8443
    nodePort: 30001
selector:
  k8s-app: kubernetes-dashboard

#> https://<node-ip>:30001

ingress:

#> https://<ingress-host>:<ingress-port> 

metrics-server

https://github.com/kubernetes-sigs/metrics-server

参数:

--kubelet-preferred-address-types
--kubelet-insecure-tls
--requestheader-client-ca-file

部署:

# deploy 0.3.6
# 修改image为  registry.aliyuncs.com/google_containers/metrics-server-amd64:v0.3.6
$ kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml