k8s二进制部署系列11-部署应用插件(coredns,dashboard,heapter)

1.1 部署coredns

1.1.1 编辑配置文件

cd /server/tools/kubernetes/cluster/addons/dns
cp coredns.yaml{.base,}
diff coredns.yaml.base coredns.yaml
61c61
<         kubernetes __PILLAR__DNS__DOMAIN__ in-addr.arpa ip6.arpa {
---
>         kubernetes cluster.local. in-addr.arpa ip6.arpa {
153c153
<   clusterIP: __PILLAR__DNS__SERVER__
---
>   clusterIP: 10.254.0.2

1.1.2 部署coredns

kubectl create -f coredns.yaml

1.2 部署dashboard

1.2.1 编辑配置文件

cd /server/tools/kubernetes/cluster/addons/dashboard/
cp dashboard-service.yaml{,.bak}
diff dashboard-service.yaml{.bak,}
15a16
>   type: NodePort

1.2.2 部署dashboard

kubectl create -f .

1.2.3 获取登陆dashboard的kubeconfig

cd /opt/kubernetes/cfg/

kubectl create sa dashboard-admin -n kube-system
kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kube-system:dashboard-admin
ADMIN_SECRET=$(kubectl get secrets -n kube-system | grep dashboard-admin | awk '{print $1}')
DASHBOARD_LOGIN_TOKEN=$(kubectl describe secret -n kube-system ${ADMIN_SECRET} | grep -E '^token' | awk '{print $2}')

kubectl config set-cluster kubernetes \
  --certificate-authority=/opt/kubernetes/ssl/ca.pem \
  --embed-certs=true \
  --server=https://192.168.10.160:8443 \      # 此处为master节点的VIP
  --kubeconfig=dashboard.kubeconfig

kubectl config set-credentials dashboard_user \
  --token=${DASHBOARD_LOGIN_TOKEN} \
  --kubeconfig=dashboard.kubeconfig

kubectl config set-context default \
  --cluster=kubernetes \
  --user=dashboard_user \
  --kubeconfig=dashboard.kubeconfig

kubectl config use-context default --kubeconfig=dashboard.kubeconfig

sz dashboard.kubeconfig

1.3 部署heapster

1.3.1 下载heapter程序

wget https://github.com/kubernetes/heapster/archive/v1.5.3.tar.gz
tar xf v1.5.3.tar.gz
cd heapster-1.5.3/deploy/kube-config/influxdb/

1.3.2 编辑配置文件

cp grafana.yaml{,.bak}
diff grafana.yaml{.bak,}
67c67
<   # type: NodePort
---
>   type: NodePort

cp heapster.yaml{,.bak}
diff heapster.yaml{.bak,}
27c27
<         - --source=kubernetes:https://kubernetes.default
---
>         - --source=kubernetes:https://kubernetes.default?kubeletHttps=true&kubeletPort=10250

1.3.3 部署heapter

kubectl create -f .

1.3.4 编辑heapter认证文件

cd ../rbac/
cp heapster-rbac.yaml{,.bak}
diff heapster-rbac.yaml{.bak,}
4c4
<   name: heapster
---
>   name: heapster-kubelet-api
8c8
<   name: system:heapster
---
>   name: system:kubelet-api-admin

• 说明：
• 将 serviceAccount kube-system:heapster 与 ClusterRole system:kubelet-api-admin 绑定，授予它调用 kubelet API 的权限

1.3.5 部署heapter认证程序

kubectl create -f heapster-rbac.yaml

2.1 查看镜像运行情况

[root@k8s-master ~]# kubectl get all --namespace kube-system
NAME                                        READY     STATUS    RESTARTS   AGE
pod/coredns-77c989547b-ldjgc                1/1       Running   1          1d
pod/coredns-77c989547b-ms5qp                1/1       Running   1          1d
pod/heapster-6f8c4596b-5hwrp                1/1       Running   1          1d
pod/kubernetes-dashboard-598d75cb96-8skx6   1/1       Running   1          1d
pod/monitoring-grafana-d8c8d486c-tn2sc      1/1       Running   1          1d
pod/monitoring-influxdb-54bd58b4c9-zww7x    1/1       Running   1          1d

NAME                           TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)         AGE
service/coredns                ClusterIP   10.254.0.2       <none>        53/UDP,53/TCP   1d
service/heapster               ClusterIP   10.254.213.141   <none>        80/TCP          1d
service/kubernetes-dashboard   NodePort    10.254.232.43    <none>        443:8974/TCP    1d
service/monitoring-grafana     NodePort    10.254.170.47    <none>        80:8805/TCP     1d
service/monitoring-influxdb    ClusterIP   10.254.68.236    <none>        8086/TCP        1d

NAME                                   DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/coredns                2         2         2            2           1d
deployment.apps/heapster               1         1         1            1           1d
deployment.apps/kubernetes-dashboard   1         1         1            1           1d
deployment.apps/monitoring-grafana     1         1         1            1           1d
deployment.apps/monitoring-influxdb    1         1         1            1           1d

NAME                                              DESIRED   CURRENT   READY     AGE
replicaset.apps/coredns-77c989547b                2         2         2         1d
replicaset.apps/heapster-6f8c4596b                1         1         1         1d
replicaset.apps/kubernetes-dashboard-598d75cb96   1         1         1         1d
replicaset.apps/monitoring-grafana-d8c8d486c      1         1         1         1d
replicaset.apps/monitoring-influxdb-54bd58b4c9    1         1         1         1d

2.2 访问dashboard

2.2.1 访问方式

1. 通过API进行访问：https://192.168.10.160:8443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy

提示：若无法访问可通过该方法导入浏览器证书：https://k8s-install.opsnull.com/A.%E6%B5%8F%E8%A7%88%E5%99%A8%E8%AE%BF%E9%97%AEkube-apiserver%E5%AE%89%E5%85%A8%E7%AB%AF%E5%8F%A3.html

2. 通过NodePort访问：https://192.168.10.163:8974

提示：若浏览器打开异常，请切换使用火狐浏览器打开。

2.2.2 使用kubeconfig访问

2.2.3 进入主界面