1、安装dashboard

$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
(images地址记得改掉,因为墙,你懂得)

1.2, 配置ingress 映像域名xxx.dashboard.qing.cn(必须是https)

2 、创建admin token

#cat dashboard-adminuser.yaml

apiVersion: v1

kind: ServiceAccount

metadata:

  name: admin-user

  namespace: kube-system

---
apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRoleBinding

metadata:

  name: admin-user

roleRef:

  apiGroup: rbac.authorization.k8s.io

  kind: ClusterRole

  name: cluster-admin

subjects:

- kind: ServiceAccount

  name: admin-user

  namespace: kube-system

#kubectl apply -f dashboard-adminuser.yaml
#kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

复制 token登陆即可

3、增加只读帐号token

#cat read-user-sa-rbac.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
name: dashboard-read-user
namespace: kube-system

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: dashboard-read-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: dashboard-read-clusterrole
subjects:
- kind: ServiceAccount
name: dashboard-read-user
namespace: kube-system

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: dashboard-read-clusterrole
rules:
- apiGroups:
- ""
resources:
- configmaps
- endpoints
- persistentvolumeclaims
- pods
- replicationcontrollers
- replicationcontrollers/scale
- serviceaccounts
- services
- nodes
- persistentvolumeclaims
- persistentvolumes
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- bindings
- events
- limitranges
- namespaces/status
- pods/log
- pods/status
- replicationcontrollers/status
- resourcequotas
- resourcequotas/status
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- namespaces
verbs:
- get
- list
- watch
- apiGroups:
- apps
resources:
- daemonsets
- deployments
- deployments/scale
- replicasets
- replicasets/scale
- statefulsets
verbs:
- get
- list
- watch
- apiGroups:
- autoscaling
resources:
- horizontalpodautoscalers
verbs:
- get
- list
- watch
- apiGroups:
- batch
resources:
- cronjobs
- jobs
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- daemonsets
- deployments
- deployments/scale
- ingresses
- networkpolicies
- replicasets
- replicasets/scale
- replicationcontrollers/scale
verbs:
- get
- list
- watch
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- get
- list
- watch
- apiGroups:
- networking.k8s.io
resources:
- networkpolicies
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- storageclasses
- volumeattachments
verbs:
- get
- list
- watch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- clusterrolebindings
- clusterroles
- roles
- rolebindings
verbs:
- get
- list
- watch

 

最新文章

  1. 当master down掉后,pt-heartbeat不断重试会导致内存缓慢增长
  2. strlen 字符型数组和字符数组 sizeof和strlen的区别 cin.get(input,Arsize)
  3. 利用奇异值分解(SVD)简化数据
  4. 按后退键退出Android程序
  5. CentOS下使用cmake编译安装mysql
  6. 谈使用Eclipse与DDMS调试Android程序的方法
  7. 对 Azure Backup 的常见配置问题进行故障排除
  8. 今日成长笔记2016-11-18 - 关于java开发
  9. JavaScript Dispatch Event
  10. win7下设置 WiFi AP
  11. A shallow summary of oracle log miner
  12. java多线程(八)-死锁问题和java多线程总结
  13. SCNN车道线检测--(SCNN)Spatial As Deep: Spatial CNN for Traffic Scene Understanding(论文解读)
  14. [Swift]LeetCode312. 戳气球 | Burst Balloons
  15. 移动端无限滚动 TScroll.vue组件
  16. [LeetCode] K-th Smallest Prime Fraction 第K小的质分数
  17. mysql 用行号rownum更新顺序号字段
  18. 使用autohotkey修改方向键、回车和启动程序
  19. Java反射基础知识
  20. UE4杂记

热门文章

  1. css3的user-select属性设置文本内容能否被选择
  2. kali渗透综合靶机(十八)--FourAndSix2靶机
  3. WPF ItemsSource Order by Getter
  4. C#循环结构
  5. ASP.NET MVC IOC 之 Autofac 系列开篇
  6. Ext学习之路——Ext.application
  7. 奖金高达150万元的NEST即将上线,速来报名
  8. vue学习指南:第十篇(详细) - Vue的 动画
  9. 英文DIAMAUND钻石DIAMAUND词汇
  10. java stream 集合运算