Kubernetes Dashboard v1.8.3部署

时间:2018-05-31 17:45:20

标签: kubernetes

我只是想在名为“test”的命名空间中部署kubernetes Dashboard。

https://raw.githubusercontent.com/kubernetes/dashboard/v1.8.3/src/deploy/recommended/kubernetes-dashboard.yaml

我只是将kube-system中的命名空间从上面的yaml文件替换为test并执行如下。

  

kubectl apply -f kubernetes-dashboard.yaml -n test

但是,它仍在尝试使用命名空间kube-system并获得以下错误。

图片: -

  

gcr.io/google_containers/kubernetes-dashboard-amd64:v1.8.3

错误: - 

action.payload.selectedBoardData.widgetList

我创建了Secret,Rolebinding,Serviceaccount,部署,服务& Ingress in namesapce“test”。从yaml文件中删除了命名空间,并在创建时通过-n“test”提供。

由于

1 个答案:

答案 0 :(得分:1)

之所以发生这种情况是因为您在不同的命名空间创建了ServiceAccount,即kube-system,但正如它所说,它需要部署在# ------------------- Dashboard Role & Role Binding ------------------- # kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: kubernetes-dashboard-minimal namespace: kube-system rules: # Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret. - apiGroups: [""] resources: ["secrets"] verbs: ["create"] # Allow Dashboard to create 'kubernetes-dashboard-settings' config map. - apiGroups: [""] resources: ["configmaps"] verbs: ["create"] # Allow Dashboard to get, update and delete Dashboard exclusive secrets. - apiGroups: [""] resources: ["secrets"] resourceNames: ["kubernetes-dashboard-key-holder"] verbs: ["get", "update", "delete"] # Allow Dashboard to get, update and delete Dashboard exclusive secrets. - apiGroups: [""] resources: ["secrets"] resourceNames: ["kubernetes-dashboard-key-holder"] verbs: ["get", "update", "delete"] # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map. - apiGroups: [""] resources: ["configmaps"] resourceNames: ["kubernetes-dashboard-settings"] verbs: ["get", "update"] # Allow Dashboard to get metrics from heapster. - apiGroups: [""] resources: ["services"] resourceNames: ["heapster"] verbs: ["proxy"] - apiGroups: [""] resources: ["services/proxy"] resourceNames: ["heapster", "http:heapster:", "https:heapster:"] verbs: ["get"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: kubernetes-dashboard-minimal namespace: kube-system roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: kubernetes-dashboard-minimal subjects: - kind: ServiceAccount name: kubernetes-dashboard namespace: test --- 中才能运行。

您可以找到一个很好的演练,可能还有一些说明here

但是,如果您仍希望部署在不同的命名空间上,则必须将以下角色和角色绑定添加到群集中:

layout_width = "match_parent"

我担心没有别的办法,你必须允许服务帐户在kube-system名称空间中创建秘密。

相关问题
最新问题