Download deployment Files according to official documentshttps://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml
Edit this and replace the role name with the following command implementation:
- Create Kubernetes-dashboard-rbac.yaml
Download the deployment file, there is a place to note, it is created in a serviceaccount=kubernetes-dashboard, grant it is only the permission to operate kube-system inside the resources, The serviceaccount created by deployment is Kubernetes-dashboard, so you will not be allowed to view other namespace resources when you visit dashboard, so To dashboard can see other namespace resources need to re-create RBAC permissions.
Create a Kubernetes-dashboard-rbac.yaml with the following content:
apiVersion: v1kind: ServiceAccountmetadata: name: dashboard namespace: kube-system---kind: ClusterRoleBindingapiVersion: rbac.authorization.k8s.io/v1beta1metadata: name: dashboardsubjects: - kind: ServiceAccount name: dashboard namespace: kube-systemroleRef: kind: ClusterRole name: cluster-admin #将集群管理员的角色赋予dashboard apiGroup: rbac.authorization.k8s.io
After the creation, in the download of the deployment file there is a place to change, before the deployment used by the ServiceAccount is Kubernetes-dashboard, need to change it to the ServiceAccount created here for dashboard.
kubectl create-f dashboard-rbac.yaml-f kubernetes-dashboard.yaml #先部署RBAC再部署deployment [email protected]:/data/dashboard# kubectl get deploy,pod,svc-n kube-system NAME desired current Up-to-date AVAILABLE Agedeploy/kubernetes-dashboard 1 1 1 1 1hNAME Ready STATUS Restarts agepo/kubernetes-dashboard-56466b7cbf-x4z99 1/1 Running 0 1hNAME TYPE cluster-ip external-ip PORT (S) agesvc/k Ubernetes-dashboard clusterip 10.254.160.221 <none> 443/tcp 1hdashboard# kubectl get pod-n Kub E-system-o Widename Ready STATUS restarts IP NOD ekubernetes-dashboard-56466b7cbf-x4z99 1/1 Running 0 1h 172.30.11.7 10.3.1.17
Before accessing the configuration
According to the Official document configuration manual, the access mode is different than the previous version, need to run Kubectl proxy, open Localhsot 8001 port, and run in the foreground, here we run it in the background:
kubectl proxy --address=0.0.0.0 --port=8001 --accept-hosts=‘^.*‘ &
The access method given on the official document:
To access HTTPS endpoint of dashboard go to: http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/
After you open the page, in the authentication dialog box that pops up, skip directly.
Deployment of the Kubernetes dashboard1.8