在Mac上安装Docker并访问Kubernetes仪表盘的注意事项
为了应付,我在Mac上安装了Docker和Kubernetes。
由于我的技术水平很低,如果您发现了任何问题,请指正。
やること
我将在Mac上安装Docker和Kubernetes,并尝试访问Kubernetes Dashboard。
请参考我参考的那篇文章。
https://qiita.com/Ricordanza/items/8aa0b65f140d483feaa3 => 参考链接1: https://qiita.com/Ricordanza/items/8aa0b65f140d483feaa3
https://qiita.com/h-sakano/items/79bb15f7a0661e141c75 => 参考链接2: https://qiita.com/h-sakano/items/79bb15f7a0661e141c75
安装Docker
从这里开始安装Docker Desktop(Mac)
https://store.docker.com/editions/community/docker-ce-desktop-mac
在安装之前,需要进行注册。要我帮你注册吗…
一旦下载完成后,打开Docker.dmg并按照指示进行安装。
根据画面指示进行安装。
「安装完成了!」「成功了!太棒了!」
确认行动
接下来,我们会在终端进行操作确认。
首先进行启动确认。
$ kubectl config get-contexts
CURRENT NAME CLUSTER AUTHINFO NAMESPACE
* docker-for-desktop docker-for-desktop-cluster docker-for-desktop
接下来确认一下节点。
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
docker-for-desktop Ready master 20m v1.10.11
确认pod
$ kubectl get po --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
docker compose-74649b4db6-gk78h 1/1 Running 0 20m
docker compose-api-6ddbbd49bb-plkqd 1/1 Running 0 20m
kube-system etcd-docker-for-desktop 1/1 Running 0 20m
kube-system kube-apiserver-docker-for-desktop 1/1 Running 0 20m
kube-system kube-controller-manager-docker-for-desktop 1/1 Running 0 20m
kube-system kube-dns-86f4d74b45-6pk5f 3/3 Running 0 20m
kube-system kube-proxy-wxh6k 1/1 Running 0 20m
kube-system kube-scheduler-docker-for-desktop 1/1 Running 0 20m
嗯嗯
安装kubernetes-dashboard
让我们按照以下URL中的安装步骤安装,这样就可以使用最新的版本,保证安全可靠!
https://github.com/kubernetes/dashboard/releases
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
secret "kubernetes-dashboard-certs" created
serviceaccount "kubernetes-dashboard" created
role.rbac.authorization.k8s.io "kubernetes-dashboard-minimal" created
rolebinding.rbac.authorization.k8s.io "kubernetes-dashboard-minimal" created
deployment.apps "kubernetes-dashboard" created
service "kubernetes-dashboard" created
我们来确认一下是否在动。
$ kubectl get deployments,replicasets,pods,service --all-namespaces -o wide --selector=k8s-app=kubernetes-dashboard
让我们确认仪表板的状态是否为“Running”。
NAMESPACE NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
kube-system deployment.extensions/kubernetes-dashboard 1 1 1 1 23s kubernetes-dashboard k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1 k8s-app=kubernetes-dashboard
NAMESPACE NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
kube-system replicaset.extensions/kubernetes-dashboard-669f9bbd46 1 1 1 23s kubernetes-dashboard k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1 k8s-app=kubernetes-dashboard,pod-template-hash=2259566802
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE
kube-system pod/kubernetes-dashboard-669f9bbd46-skmj5 1/1 Running 0 23s 10.1.0.6 docker-for-desktop
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
kube-system service/kubernetes-dashboard ClusterIP 10.103.154.163 <none> 443/TCP 23s k8s-app=kubernetes-dashboard
嗯嗯
访问仪表盘
如果你能做到這一步,讓我們開始推出服務吧。
$ kubectl proxy
立ち上げたら以下のURLにアクセスしてみます・・・
http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/
$ kubectl -n kube-system get secret
NAME TYPE DATA AGE
attachdetach-controller-token-ccjnx kubernetes.io/service-account-token 3 1h
bootstrap-signer-token-7szpc kubernetes.io/service-account-token 3 1h
bootstrap-token-cawlk6 bootstrap.kubernetes.io/token 7 1h
certificate-controller-token-4gtmk kubernetes.io/service-account-token 3 1h
clusterrole-aggregation-controller-token-966np kubernetes.io/service-account-token 3 1h
cronjob-controller-token-6zxb9 kubernetes.io/service-account-token 3 1h
daemon-set-controller-token-9w9wg kubernetes.io/service-account-token 3 1h
default-token-6lkvx kubernetes.io/service-account-token 3 1h
deployment-controller-token-2hsb6 kubernetes.io/service-account-token 3 1h
disruption-controller-token-qk857 kubernetes.io/service-account-token 3 1h
endpoint-controller-token-lpjqd kubernetes.io/service-account-token 3 1h
generic-garbage-collector-token-vgpc4 kubernetes.io/service-account-token 3 1h
horizontal-pod-autoscaler-token-f6xst kubernetes.io/service-account-token 3 1h
job-controller-token-67xp9 kubernetes.io/service-account-token 3 1h
kube-dns-token-8w495 kubernetes.io/service-account-token 3 1h
kube-proxy-token-96lwg kubernetes.io/service-account-token 3 1h
kubernetes-dashboard-certs Opaque 0 4m
kubernetes-dashboard-key-holder Opaque 2 41m
kubernetes-dashboard-token-cxzth kubernetes.io/service-account-token 3 4m
namespace-controller-token-mr5rw kubernetes.io/service-account-token 3 1h
node-controller-token-h5h2x kubernetes.io/service-account-token 3 1h
persistent-volume-binder-token-vp7b5 kubernetes.io/service-account-token 3 1h
pod-garbage-collector-token-hgb7q kubernetes.io/service-account-token 3 1h
pv-protection-controller-token-hbrn9 kubernetes.io/service-account-token 3 1h
pvc-protection-controller-token-99fxc kubernetes.io/service-account-token 3 1h
replicaset-controller-token-brq4b kubernetes.io/service-account-token 3 1h
replication-controller-token-xrkvj kubernetes.io/service-account-token 3 1h
resourcequota-controller-token-q9ckn kubernetes.io/service-account-token 3 1h
service-account-controller-token-qs45v kubernetes.io/service-account-token 3 1h
service-controller-token-26llj kubernetes.io/service-account-token 3 1h
statefulset-controller-token-p26mt kubernetes.io/service-account-token 3 1h
token-cleaner-token-x4bm9 kubernetes.io/service-account-token 3 1h
ttl-controller-token-2jlcq kubernetes.io/service-account-token 3 1h
让我们使用部署控制器的权限进行登录试试。
#上記のリストからdeployment-controllerを探し出して指定する
$ kubectl -n kube-system describe secret deployment-controller-token-2hsb6
Name: deployment-controller-token-2hsb6
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name=deployment-controller
kubernetes.io/service-account.uid=7aae99f8-2b66-11e9-886e-025000000001
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1025 bytes
namespace: 11 bytes
token: #ここにtokenが現れる
今天就到这里吧!
