环境说明
Node-1(Master): 10.0.0.1
Node-2: 10.0.0.2
Node-3: 10.0.0.3
集群使用二进制安装,并已部署flannel网络插件。
kube-DNS
在进行如下的操作时,你必须已经部署好了K8S的集群,如果你还没有这样的集群,请参考我之前的博文。
1、在官网找到对应的yaml文件,地址为:https://github.com/kubernetes/kubernetes/tree/2f011d01fa542633184cde4bba97d006b8d06309/cluster/addons/dns/coredns ?, 我们修改相关配置,主要是ClusterIP的配置信息和镜像路径:
apiVersion: v1kind: ServiceAccountmetadata: ?name: coredns ?namespace: kube-system ?labels: ?????kubernetes.io/cluster-service: "true" ?????addonmanager.kubernetes.io/mode: Reconcile---apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRolemetadata: ?labels: ???kubernetes.io/bootstrapping: rbac-defaults ???addonmanager.kubernetes.io/mode: Reconcile ?name: system:corednsrules:- apiGroups: ?- "" ?resources: ?- endpoints ?- services ?- pods ?- namespaces ?verbs: ?- list ?- watch---apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRoleBindingmetadata: ?annotations: ???rbac.authorization.kubernetes.io/autoupdate: "true" ?labels: ???kubernetes.io/bootstrapping: rbac-defaults ???addonmanager.kubernetes.io/mode: EnsureExists ?name: system:corednsroleRef: ?apiGroup: rbac.authorization.k8s.io ?kind: ClusterRole ?name: system:corednssubjects:- kind: ServiceAccount ?name: coredns ?namespace: kube-system---apiVersion: v1kind: ConfigMapmetadata: ?name: coredns ?namespace: kube-system ?labels: ?????addonmanager.kubernetes.io/mode: EnsureExistsdata: ?Corefile: | ???.:53 { ???????errors ???????health ???????kubernetes cluster.local. in-addr.arpa ip6.arpa { ???????????pods insecure ???????????upstream ???????????fallthrough in-addr.arpa ip6.arpa ???????} ???????prometheus :9153 ???????proxy . /etc/resolv.conf ???????cache 30 ???}---apiVersion: extensions/v1beta1kind: Deploymentmetadata: ?name: coredns ?namespace: kube-system ?labels: ???k8s-app: coredns ???kubernetes.io/cluster-service: "true" ???addonmanager.kubernetes.io/mode: Reconcile ???kubernetes.io/name: "CoreDNS"spec: ?replicas: 2 ?strategy: ???type: RollingUpdate ???rollingUpdate: ?????maxUnavailable: 1 ?selector: ???matchLabels: ?????k8s-app: coredns ?template: ???metadata: ?????labels: ???????k8s-app: coredns ???spec: ?????serviceAccountName: coredns ?????tolerations: ???????- key: node-role.kubernetes.io/master ?????????effect: NoSchedule ???????- key: "CriticalAddonsOnly" ?????????operator: "Exists" ?????containers: ?????- name: coredns ???????image: coredns/coredns:1.0.6 ???????imagePullPolicy: IfNotPresent ???????resources: ?????????limits: ???????????memory: 170Mi ?????????requests: ???????????cpu: 100m ???????????memory: 70Mi ???????args: [ "-conf", "/etc/coredns/Corefile" ] ???????volumeMounts: ???????- name: config-volume ?????????mountPath: /etc/coredns ???????ports: ???????- containerPort: 53 ?????????name: dns ?????????protocol: UDP ???????- containerPort: 53 ?????????name: dns-tcp ?????????protocol: TCP ???????livenessProbe: ?????????httpGet: ???????????path: /health ???????????port: 8080 ???????????scheme: HTTP ?????????initialDelaySeconds: 60 ?????????timeoutSeconds: 5 ?????????successThreshold: 1 ?????????failureThreshold: 5 ?????dnsPolicy: Default ?????volumes: ???????- name: config-volume ?????????configMap: ???????????name: coredns ???????????items: ???????????- key: Corefile ?????????????path: Corefile---apiVersion: v1kind: Servicemetadata: ?name: coredns ?namespace: kube-system ?labels: ???k8s-app: coredns ???kubernetes.io/cluster-service: "true" ???addonmanager.kubernetes.io/mode: Reconcile ???kubernetes.io/name: "CoreDNS"spec: ?selector: ???k8s-app: coredns ?clusterIP: 10.222.0.100 ?ports: ?- name: dns ???port: 53 ???protocol: UDP ?- name: dns-tcp ???port: 53 ???protocol: TCP执行此yaml文件:
kubectl ?create -f coredns.yaml查看文件状态:
[root@node-1 ~]# kubectl get pods -n kube-systemNAME ???????????????????????????????????READY ????STATUS ???RESTARTS ??AGEcoredns-77c989547b-2rg9h ???????????????1/1 ??????Running ??0 ?????????1hcoredns-77c989547b-cbj5h ???????????????1/1 ??????Running ??0 ?????????1h[root@node-1 ~]# kubectl get rs -n kube-systemNAME ?????????????????????????????DESIRED ??CURRENT ??READY ????AGEcoredns-77c989547b ???????????????2 ????????2 ????????2 ????????1h[root@node-1 ~]# kubectl get svc -n kube-systemNAME ??????????????????TYPE ???????CLUSTER-IP ??????EXTERNAL-IP ??PORT(S) ????????AGEcoredns ???????????????ClusterIP ??10.222.0.100 ????<none> ???????53/UDP,53/TCP ??1h配置Dashboard
下载官方的yaml文件,执行如下命令:
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml只有安装了dns服务才能使用dashboard,否则将无法找到dashboard的service。
当dashboard服务启动后查看服务是否正常:
[root@node-1 ~]# kubectl get pod -n kube-systemNAME ???????????????????????????????????READY ????STATUS ???RESTARTS ??AGEcoredns-77c989547b-2rg9h ???????????????1/1 ??????Running ??0 ?????????2hcoredns-77c989547b-cbj5h ???????????????1/1 ??????Running ??0 ?????????2hkubernetes-dashboard-7d5dcdb6d9-h66fs ??1/1 ??????Running ??0 ?????????1h[root@node-1 ~]# kubectl get svc -n kube-systemNAME ??????????????????TYPE ???????CLUSTER-IP ??????EXTERNAL-IP ??PORT(S) ????????AGEcoredns ???????????????ClusterIP ??10.222.0.100 ????<none> ???????53/UDP,53/TCP ??2hkubernetes-dashboard ??ClusterIP ??10.222.251.161 ??<none> ???????443/TCP ????????1h使用代理,执行如下命令:
[root@node-1 ~]# kubectl proxy ?--port=8001 --address=‘10.0.0.1‘ --accept-hosts=‘^.*‘Starting to serve on 10.0.0.1:8001在浏览器中输入地址:http://10.0.0.1:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/
如果不出意外,会看到如下界面:
按照此提示创建用户 https://github.com/kubernetes/dashboard/wiki/Creating-sample-user
之后获取token,使用token登录:
kubectl describe secret -n kube-system `kubectl get secret -n kube-system |grep admin-user |awk ‘{print $1}‘`也可以通过master节点登录,访问此地址:https://10.0.0.1:6443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/
登录成功后显示主界面:
Kubernetes Dashboard 与DNS部署
原文地址:http://blog.51cto.com/tryingstuff/2129037