dashboard site
kubectl get nodes -o wide
: version 확인 후 위의 사이트에서 yaml 코드로 다운kubectl get pod --all-namespaces
: pod running 확인dashboard 작업 과정
1) 권한 부여 -> RBAC (kubernetes security) -> CKS
2) 웹서비스 -> 데몬실행
[root@k8s-master ~]# mkdir dashboard_token
[root@k8s-master ~]# cd dashboard_token/
[root@k8s-master dashboard_token]# vi ClusterRoleBinding.yaml
# ClusterRoleBinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kubernetes-dashboard2
labels:
k8s-app: kubernetes-dashboard
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: kubernetes-dashboard
namespace: kubernetes-dashboard
[root@k8s-master dashboard_token]# kubectl -n kubernetes-dashboard get secret
# output
kubernetes-dashboard-token-gk8mx kubernetes.io/service-account-token 3 18m
# 위output의 첫번째 컬럼값 Ctr+C, Ctr+V
kubectl -n kubernetes-dashboard describe secrets kubernetes-dashboard-token-gk8mx
https://192.168.56.100:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
1) certi와 key값으로 인증서 생성
2) (Windows) certmgr에서 인증서 배포
3) Ctr+Shift+N (새시크릿창) 을 통해 시크릿 창에서 dashboard 생성