首页 > 其他分享 >Kubernetes Dashboard部署安装recommended.yaml

Kubernetes Dashboard部署安装recommended.yaml

时间:2024-05-11 17:33:19浏览次数:28  
标签:k8s name kubernetes app metrics yaml recommended dashboard Kubernetes

``` yml
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: v1
kind: Namespace
metadata:
name: kubernetes-dashboard

---

apiVersion: v1
kind: ServiceAccount
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard

---

kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
ports:
- port: 443
targetPort: 8443
selector:
k8s-app: kubernetes-dashboard
type: NodePort

---

apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-certs
namespace: kubernetes-dashboard
type: Opaque

---

apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-csrf
namespace: kubernetes-dashboard
type: Opaque
data:
csrf: ""

---

apiVersion: v1
kind: Secret
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-key-holder
namespace: kubernetes-dashboard
type: Opaque

---

kind: ConfigMap
apiVersion: v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard-settings
namespace: kubernetes-dashboard

---

kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
rules:
# Allow Dashboard to get, update and delete Dashboard exclusive secrets.
- apiGroups: [""]
resources: ["secrets"]
resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"]
verbs: ["get", "update", "delete"]
# Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
- apiGroups: [""]
resources: ["configmaps"]
resourceNames: ["kubernetes-dashboard-settings"]
verbs: ["get", "update"]
# Allow Dashboard to get metrics.
- apiGroups: [""]
resources: ["services"]
resourceNames: ["heapster", "dashboard-metrics-scraper"]
verbs: ["proxy"]
- apiGroups: [""]
resources: ["services/proxy"]
resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"]
verbs: ["get"]

---

kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
rules:
# Allow Metrics Scraper to get metrics from the Metrics server
- apiGroups: ["metrics.k8s.io"]
resources: ["pods", "nodes"]
verbs: ["get", "list", "watch"]

---

apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kubernetes-dashboard
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kubernetes-dashboard

---

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kubernetes-dashboard
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kubernetes-dashboard

---

kind: Deployment
apiVersion: apps/v1
metadata:
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kubernetes-dashboard
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: kubernetes-dashboard
template:
metadata:
labels:
k8s-app: kubernetes-dashboard
spec:
containers:
- name: kubernetes-dashboard
image: registry.cn-hangzhou.aliyuncs.com/k8sos/dashboard:v2.0.5
imagePullPolicy: Always
ports:
- containerPort: 8443
protocol: TCP
args:
- --auto-generate-certificates
- --namespace=kubernetes-dashboard
# Uncomment the following line to manually specify Kubernetes API server Host
# If not specified, Dashboard will attempt to auto discover the API server and connect
# to it. Uncomment only if the default does not work.
# - --apiserver-host=http://my-address:port
volumeMounts:
- name: kubernetes-dashboard-certs
mountPath: /certs
# Create on-disk volume to store exec logs
- mountPath: /tmp
name: tmp-volume
livenessProbe:
httpGet:
scheme: HTTPS
path: /
port: 8443
initialDelaySeconds: 30
timeoutSeconds: 30
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsUser: 1001
runAsGroup: 2001
volumes:
- name: kubernetes-dashboard-certs
secret:
secretName: kubernetes-dashboard-certs
- name: tmp-volume
emptyDir: {}
serviceAccountName: kubernetes-dashboard
nodeSelector:
"kubernetes.io/os": linux
# Comment the following tolerations if Dashboard must not be deployed on master
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule

---

kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: dashboard-metrics-scraper
name: dashboard-metrics-scraper
namespace: kubernetes-dashboard
spec:
ports:
- port: 8000
targetPort: 8000
selector:
k8s-app: dashboard-metrics-scraper

---

kind: Deployment
apiVersion: apps/v1
metadata:
labels:
k8s-app: dashboard-metrics-scraper
name: dashboard-metrics-scraper
namespace: kubernetes-dashboard
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: dashboard-metrics-scraper
template:
metadata:
labels:
k8s-app: dashboard-metrics-scraper
annotations:
seccomp.security.alpha.kubernetes.io/pod: 'runtime/default'
spec:
containers:
- name: dashboard-metrics-scraper
image: registry.cn-hangzhou.aliyuncs.com/k8sos/metrics-scraper:v1.0.6
ports:
- containerPort: 8000
protocol: TCP
livenessProbe:
httpGet:
scheme: HTTP
path: /
port: 8000
initialDelaySeconds: 30
timeoutSeconds: 30
volumeMounts:
- mountPath: /tmp
name: tmp-volume
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsUser: 1001
runAsGroup: 2001
serviceAccountName: kubernetes-dashboard
nodeSelector:
"kubernetes.io/os": linux
# Comment the following tolerations if Dashboard must not be deployed on master
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
volumes:
- name: tmp-volume
emptyDir: {}

```

标签:k8s,name,kubernetes,app,metrics,yaml,recommended,dashboard,Kubernetes
From: https://www.cnblogs.com/realeo/p/18186866

相关文章

  • dbt fromyaml 上下文方法简单说明
    fromyaml上下文方法可以用来加载yaml内容,属于一个工具类,比如automate-dv就使用了不少方法参考使用{%-setinfo-%}source_model:raw_staging:"raw_customer"derived_columns:SOURCE:"!1"LOAD_DATETIME:"CRM_DATA_INGESTION_TIME"E......
  • Spring Cloud 部署时如何使用 Kubernetes 作为注册中心和配置中心
    一、SpringCloud支持的常见注册中心和配置中心。SpringCloud自带的注册中心Eureka以及config配置中心Nacos,支持注册中心和配置中心等,可以参考:https://www.cnblogs.com/laoqing/p/17797759.htmlZookeeperConsulEtcdKubernetes,当SpringCloud服务都是通过Kubernetes部......
  • pytest + yaml 框架 -69.新增depend 关键字,导入其它yaml用例
    前言有小伙伴提到,test_a.yml中已经写了几个流程,test_b.yml中希望能接着test_a.yml去写用例,于是就需要先导入test_a.yml用例。为了满足此需求,v1.6.3版本在config中新增depend关键字。需求场景test_a.yml中已经写了一些用例config:variables:x:helloy:wo......
  • Springboot - [06] yaml语法讲解
    Yaml是一种标记语言,Yaml也不是一种标记语言。 一、yaml写法示例application.yaml#普通的key-valuename:harleyserver.port:8081#对象student:name:harleyage:25#对象的行内写法student:{name:harley,age:25}#数组pets:-cat-......
  • Kubernetes——K8s基础指令
    1、查看类命令#获取节点和服务版本信息kubectlgetnodes#获取节点和服务版本信息,并查看附加信息kubectlgetnodes-owide#获取pod信息,默认是default名称空间kubectlgetpod#获取pod信息,默认是default名称空间,并查看附加信息如:pod的IP及在哪个节点运行kubectlg......
  • Kubernetes脚本——检查K8S组件/服务/配置/POD
    #!/bin/bash#echo"运维账号是否有执行常用kubectl运维命令的权限,期望结果:输出/apps/bin/kubelet-----------------------------------------">k8s_check_result.txt#ansible-i./hostsk8s-mshell-a"foriin\`sudo-l\`;doecho\$i|grep-Eikubectl;done"&......
  • Kubernetes脚本——K8s日志检查
    #!/bin/bashecho"docker日志采用建议的syslog收集检查,期望结果:1---------------------------------------------------------------------">log_check_result.txtansible-i./hostsall-mshell-a'sudofind/apps/logs/docker/-namedockerd.log|wc-l'&......
  • Kubernetes脚本——检查K8s基础信息
    #!/bin/sh#version#node,master,slave#arch#kernelversion#dockerversion#image#cpu,memandusage#pod,podlimit#service,nodeport,lb#deploy,statefulset,deamonset#cm,secret#namespaces#set-xecho_left(){if["$2&q......
  • 代理 mitmproxy config.yaml 模板 使用笔记(二)
    代理mitmproxyconfig.yaml模板使用笔记(二)mitmproxyconfig.yaml模板使用mitmproxy可能需要用到config.yaml来批量配置参数目录config.yaml文件所在位置config.yaml配置模板文件位置配置文件默认读取路径:~/.mitmproxy/config.yaml,见配置项:confdir:'~/.mitmpro......
  • Kubernetes源码二次开发系列(一到三),玩转高阶K8s开发
    Kubernetes源码二次开发通常涉及以下步骤:环境准备:安装和配置Go环境,确保Go版本与Kubernetes项目兼容。获取源码:从GitHub克隆Kubernetes仓库到本地。设置工作环境:通过make命令设置编译环境。修改源码:根据需求修改Kubernetes源码。编译:使用makeall编译所有组......