集群结构：

以下操作都在k8s_master上执行：
一、镜像下载
[root@k8s_master ~]# docker pull docker.io/siriuszg/kubernetes-dashboard-amd64:v1.5.1
Trying to pull repository docker.io/siriuszg/kubernetes-dashboard-amd64 ...
sha256:d0aebe2567a6b11d090403746f63df9dccd32aec9192decfd3794b0cce528930: Pulling from docker.io/siriuszg/kubernetes-dashboard-amd64
9d25d3817204: Pull complete
Digest: sha256:d0aebe2567a6b11d090403746f63df9dccd32aec9192decfd3794b0cce528930
Status: Downloaded newer image for docker.io/siriuszg/kubernetes-dashboard-amd64:v1.5.1

[root@k8s_master ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure
Using default tag: latest
Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ...
Pulling repository registry.access.redhat.com/rhel7/pod-infrastructure
c99574180d51: Pull complete
1ada7c88ed3d: Pull complete
bcb4a96d0b39: Pull complete
Status: Downloaded newer image for registry.access.redhat.com/rhel7/pod-infrastructure:latest

二、配置kubernetes的dashboard
1、需要以下两个kubernetes-dashboard和dashboard-service配置文件。
kubernetes-dashboard.yaml
#需修改images和增加- --apiserver-host=http://192.168.3.216:8080

kind: Deployment
apiVersion: extensions/v1beta1
metadata:
labels:
app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: kubernetes-dashboard
template:
metadata:
labels:
app: kubernetes-dashboard

Comment the following annotation if Dashboard must not be deployed on master

 ?annotations: ???scheduler.alpha.kubernetes.io/tolerations: | ?????[ ???????{ ?????????"key": "dedicated", ?????????"operator": "Equal", ?????????"value": "master", ?????????"effect": "NoSchedule" ???????} ?????]spec: ?containers: ?- name: kubernetes-dashboard ???image: docker.io/siriuszg/kubernetes-dashboard-amd64:v1.5.1 ???imagePullPolicy: IfNotPresent ???ports: ???- containerPort: 9090 ?????protocol: TCP ???args: ?????# Uncomment the following line to manually specify Kubernetes API server Host ?????# If not specified, Dashboard will attempt to auto discover the API server and connect ?????# to it. Uncomment only if the default does not work. ???- --apiserver-host=http://192.168.3.216:8080 ???livenessProbe: ?????httpGet: ???????path: / ???????port: 9090 ?????initialDelaySeconds: 30 ?????timeoutSeconds: 30

dashboard-service.yaml
#不需要做修改
kind: Service
apiVersion: v1
metadata:
labels:
app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
type: NodePort
ports:

• port: 80
  targetPort: 9090
  selector:
  app: kubernetes-dashboard

2、执行启动，dashboard搭建完成。
[root@k8s_master ~]# kubectl create -f kubernetes-dashboard.yaml
deployment "kubernetes-dashboard" created
[root@k8s_master ~]# kubectl create -f dashboard-service.yaml
service "kubernetes-dashboard" created

3、验证：
执行以下命令
[root@k8s_master ~]# kubectl get deployment --all-namespaces
NAMESPACE ????NAME ??????????????????DESIRED ??CURRENT ??UP-TO-DATE ??AVAILABLE ??AGE
kube-system ??kubernetes-dashboard ??1 ????????1 ????????1 ???????????1 ??????????1m
[root@k8s_master ~]# kubectl get svc ?--all-namespaces
NAMESPACE ????NAME ??????????????????CLUSTER-IP ??????EXTERNAL-IP ??PORT(S) ???????AGE
default ??????kubernetes ????????????10.254.0.1 ??????<none> ???????443/TCP ???????5d
kube-system ??kubernetes-dashboard ??10.254.141.158 ??<nodes> ??????80:31633/TCP ??1m
[root@k8s_master ~]# kubectl get pod ?-o wide ?--all-namespaces
NAMESPACE ????NAME ???????????????????????????????????READY ????STATUS ???RESTARTS ??AGE ??????IP ?????????NODE
kube-system ??kubernetes-dashboard-1270457039-t1z15 ??1/1 ??????Running ??0 ?????????2m ???????10.8.43.2 ??192.168.3.219

4、界面查看，浏览器输入：http://192.168.3.216:8080/ui

5、删除应用
[root@k8s_master ~]# kubectl delete deployment kubernetes-dashboard --namespace=kube-system
deployment "kubernetes-dashboard" deleted
[root@k8s_master ~]# kubectl delete svc ?kubernetes-dashboard --namespace=kube-system
service "kubernetes-dashboard" deleted

报错解决:
1、无法拉取镜像registry.access.redhat.com/rhel7/pod-infrastructure:latest
[root@k8s_master ~]# docker pull registry.access.redhat.com/rhel7/pod-infrastructure:latest
Trying to pull repository registry.access.redhat.com/rhel7/pod-infrastructure ...
open /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt: no such file or directory
解决方法：
[root@registry ~]# yum install rhsm -y

2、浏览器打开ui界面报错
{
"kind": "Status",
"apiVersion": "v1",
"metadata": {},
"status": "Failure",
"message": "no endpoints available for service \"kubernetes-dashboard\"",
"reason": "ServiceUnavailable",
"code": 503
}
解决方法：
KUBE_ADMISSION_CONTROL配置中默认需要认证，编辑配置文件，在KUBE_ADMISSION_CONTROL中，去除SecurityContextDeny,ServiceAccount
[root@k8s_master ~]# vim /etc/kubernetes/apiserver
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,ResourceQuota"
重启服务，正常打开

kubernetes集群部署DashBoard

原文地址：http://blog.51cto.com/jonauil/2086931