无法从 hhtp url 登录到 kubernetes 仪表板,因为 master 的本地主机是一个虚拟机
Not able to login to kubernetes dashboard from hhtp url since local host of the master is a vm
我需要使用 kubectl 代理从我的仪表板创建 https url 仅生成 http url 如何创建 https url 我们应该使用什么命令 运行因为该令牌是 grtting 生成的,但不是登录仪表板保持静态,输入令牌时没有响应
您可以通过 NodePort.
公开您的 kubernetes-dashboard 服务
要实现这一点,最简单的方法是编辑当前的 kubernetes-dashboard 服务配置并将 ClusterIP 参数更改为 NodePort:
kubectl edit services kubernetes-dashboard -n kube-system
apiVersion: v1
kind: Service
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"k8s-app":"kubernetes-dashboard"}
,"name":"kubernetes-dashboard","namespace":"kube-system"},"spec":{"ports":[{"port":443,"targetPort":8443}],"select
or":{"k8s-app":"kubernetes-dashboard"}}}
creationTimestamp: null
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
selfLink: /api/v1/namespaces/kube-system/services/kubernetes-dashboard
spec:
externalTrafficPolicy: Cluster
ports:
- port: 443
protocol: TCP
targetPort: 8443
selector:
k8s-app: kubernetes-dashboard
sessionAffinity: None
type: NodePort
status:
loadBalancer: {}
Kubernetes 然后从范围 (30000-32767) 分配一些端口,每个节点应该将该端口代理到您的目标服务。
您现在可以检查 kubernetes-dashboard 并查找端口参考:
kubectl describe svc kubernetes-dashboard -n kube-system
Name: kubernetes-dashboard
Namespace: kube-system
Labels: k8s-app=kubernetes-dashboard
Annotations: kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","kind":"Service","me
tadata":{"annotations":{},"labels":{"k8s-app":"kubernetes-dashboard"},"name":"kubernetes-dashboard","namespace":..
.
Selector: k8s-app=kubernetes-dashboard
Type: NodePort
IP: XX.XX.XX.XX
Port: <unset> 443/TCP
TargetPort: 8443/TCP
NodePort: <unset> 31605/TCP
Endpoints: XX.XX.XX.XX:8443
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
最后,您可以检查 kubernetes-dashboard 是否可以访问:
curl -k https://localhost:31605
如果您考虑通过 Bearer token 确保与您的 Kubernetes 仪表板对话的安全方式,请查看此 guideline。
我需要使用 kubectl 代理从我的仪表板创建 https url 仅生成 http url 如何创建 https url 我们应该使用什么命令 运行因为该令牌是 grtting 生成的,但不是登录仪表板保持静态,输入令牌时没有响应
您可以通过 NodePort.
公开您的kubernetes-dashboard 服务
要实现这一点,最简单的方法是编辑当前的 kubernetes-dashboard 服务配置并将 ClusterIP 参数更改为 NodePort:
kubectl edit services kubernetes-dashboard -n kube-system
apiVersion: v1
kind: Service
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"k8s-app":"kubernetes-dashboard"}
,"name":"kubernetes-dashboard","namespace":"kube-system"},"spec":{"ports":[{"port":443,"targetPort":8443}],"select
or":{"k8s-app":"kubernetes-dashboard"}}}
creationTimestamp: null
labels:
k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
selfLink: /api/v1/namespaces/kube-system/services/kubernetes-dashboard
spec:
externalTrafficPolicy: Cluster
ports:
- port: 443
protocol: TCP
targetPort: 8443
selector:
k8s-app: kubernetes-dashboard
sessionAffinity: None
type: NodePort
status:
loadBalancer: {}
Kubernetes 然后从范围 (30000-32767) 分配一些端口,每个节点应该将该端口代理到您的目标服务。
您现在可以检查 kubernetes-dashboard 并查找端口参考:
kubectl describe svc kubernetes-dashboard -n kube-system
Name: kubernetes-dashboard
Namespace: kube-system
Labels: k8s-app=kubernetes-dashboard
Annotations: kubectl.kubernetes.io/last-applied-configuration={"apiVersion":"v1","kind":"Service","me
tadata":{"annotations":{},"labels":{"k8s-app":"kubernetes-dashboard"},"name":"kubernetes-dashboard","namespace":..
.
Selector: k8s-app=kubernetes-dashboard
Type: NodePort
IP: XX.XX.XX.XX
Port: <unset> 443/TCP
TargetPort: 8443/TCP
NodePort: <unset> 31605/TCP
Endpoints: XX.XX.XX.XX:8443
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
最后,您可以检查 kubernetes-dashboard 是否可以访问:
curl -k https://localhost:31605
如果您考虑通过 Bearer token 确保与您的 Kubernetes 仪表板对话的安全方式,请查看此 guideline。