kubernetes-dashboard安装yaml

# Copyright 2017 The Kubernetes Authors.## Licensed under the Apache License, Version 2.0 (the "License");# you may not use this file except in compliance with the License.# You may obtain a copy of the License at## ????http://www.apache.org/licenses/LICENSE-2.0## Unless required by applicable law or agreed to in writing, software# distributed under the License is distributed on an "AS IS" BASIS,# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.# See the License for the specific language governing permissions and# limitations under the License.# Configuration to deploy release version of the Dashboard UI compatible with# Kubernetes 1.8.## Example usage: kubectl create -f <this_file># ------------------- Dashboard Secret ------------------- #apiVersion: v1kind: Secretmetadata: ?labels: ???k8s-app: kubernetes-dashboard ?name: kubernetes-dashboard-certs ?namespace: kube-systemtype: Opaque---# ------------------- Dashboard Service Account ------------------- #apiVersion: v1kind: ServiceAccountmetadata: ?labels: ???k8s-app: kubernetes-dashboard ?name: kubernetes-dashboard ?namespace: kube-system---# ------------------- Dashboard Role & Role Binding ------------------- #kind: RoleapiVersion: rbac.authorization.k8s.io/v1metadata: ?name: kubernetes-dashboard-minimal ?namespace: kube-systemrules: ?# Allow Dashboard to create ‘kubernetes-dashboard-key-holder‘ secret.- apiGroups: [""] ?resources: ["secrets"] ?verbs: ["create"] ?# Allow Dashboard to create ‘kubernetes-dashboard-settings‘ config map.- apiGroups: [""] ?resources: ["configmaps"] ?verbs: ["create"] ?# Allow Dashboard to get, update and delete Dashboard exclusive secrets.- apiGroups: [""] ?resources: ["secrets"] ?resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs"] ?verbs: ["get", "update", "delete"] ?# Allow Dashboard to get and update ‘kubernetes-dashboard-settings‘ config map.- apiGroups: [""] ?resources: ["configmaps"] ?resourceNames: ["kubernetes-dashboard-settings"] ?verbs: ["get", "update"] ?# Allow Dashboard to get metrics from heapster.- apiGroups: [""] ?resources: ["services"] ?resourceNames: ["heapster"] ?verbs: ["proxy"]- apiGroups: [""] ?resources: ["services/proxy"] ?resourceNames: ["heapster", "http:heapster:", "https:heapster:"] ?verbs: ["get"]---apiVersion: rbac.authorization.k8s.io/v1kind: RoleBindingmetadata: ?name: kubernetes-dashboard-minimal ?namespace: kube-systemroleRef: ?apiGroup: rbac.authorization.k8s.io ?kind: Role ?name: kubernetes-dashboard-minimalsubjects:- kind: ServiceAccount ?name: kubernetes-dashboard ?namespace: kube-system---kind: ClusterRoleBindingapiVersion: rbac.authorization.k8s.io/v1beta1metadata: ?name: kubernetes-dashboardsubjects: ?- kind: ServiceAccount ???name: kubernetes-dashboard ???namespace: kube-systemroleRef: ?kind: ClusterRole ?name: cluster-admin ?apiGroup: rbac.authorization.k8s.io---# ------------------- Dashboard Deployment ------------------- #kind: DeploymentapiVersion: apps/v1beta2metadata: ?labels: ???k8s-app: kubernetes-dashboard ?name: kubernetes-dashboard ?namespace: kube-systemspec: ?replicas: 1 ?revisionHistoryLimit: 10 ?selector: ???matchLabels: ?????k8s-app: kubernetes-dashboard ?template: ???metadata: ?????labels: ???????k8s-app: kubernetes-dashboard ???spec: ?????serviceAccountName: kubernetes-dashboard-admin ?????containers: ?????- name: kubernetes-dashboard ???????image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.8.3 ???????ports: ???????- containerPort: 9090 ?????????protocol: TCP ???????args: ?????????#- --auto-generate-certificates ?????????# Uncomment the following line to manually specify Kubernetes API server Host ?????????# If not specified, Dashboard will attempt to auto discover the API server and connect ?????????# to it. Uncomment only if the default does not work. ?????????#- --apiserver-host=http://10.0.1.168:8080 ???????volumeMounts: ???????- name: kubernetes-dashboard-certs ?????????mountPath: /certs ?????????# Create on-disk volume to store exec logs ???????- mountPath: /tmp ?????????name: tmp-volume ???????livenessProbe: ?????????httpGet: ???????????scheme: HTTP ???????????path: / ???????????port: 9090 ?????????initialDelaySeconds: 30 ?????????timeoutSeconds: 30 ?????volumes: ?????- name: kubernetes-dashboard-certs ???????secret: ?????????secretName: kubernetes-dashboard-certs ?????- name: tmp-volume ???????emptyDir: {} ?????serviceAccountName: kubernetes-dashboard ?????# Comment the following tolerations if Dashboard must not be deployed on master ?????tolerations: ?????- key: node-role.kubernetes.io/master ???????effect: NoSchedule---# ------------------- Dashboard Service ------------------- #kind: ServiceapiVersion: v1metadata: ?labels: ???k8s-app: kubernetes-dashboard ?name: kubernetes-dashboard ?namespace: kube-systemspec: ?ports: ???- port: 9090 ?????targetPort: 9090 ?selector: ???k8s-app: kubernetes-dashboard# ------------------------------------------------------------kind: ServiceapiVersion: v1metadata: ?labels: ???k8s-app: kubernetes-dashboard ?name: kubernetes-dashboard-external ?namespace: kube-systemspec: ?ports: ???- port: 9090 ?????targetPort: 9090 ?????nodePort: 30090 ?type: NodePort ?selector: ???k8s-app: kubernetes-dashboard