欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

kubernetes dashboard 支持http (不推荐)

程序员文章站 2022-07-14 10:28:02
...
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
 name: dashboard
 namespace: kube-system
 annotations:
   kubernetes.io/ingress.class: traefik
   #ingress.kubernetes.io/ssl-passthrough: "true"
spec:
 rules:
 - host: dashboard.digitalgd.com
   http:
     paths:
     - backend:
         serviceName: kubernetes-dashboard
         servicePort: 9090       #ingress 指向http端口
       path: /
---
kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
    kubernetes.io/cluster-service: "true"
  name: kubernetes-dashboard
  namespace: kube-system
spec:
  ports:
    - port: 443
      targetPort: 8443
      name: ssl
     #service 增加http配置 
    - port: 9090  
      name: http
      targetPort: 9090
  selector:
    k8s-app: kubernetes-dashboard
#  type: NodePort
  type: ClusterIP

---
kind: Deployment
apiVersion: apps/v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kube-system
spec:
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      k8s-app: kubernetes-dashboard
  template:
    metadata:
      labels:
        k8s-app: kubernetes-dashboard
    spec:
      containers:
        - name: kubernetes-dashboard
          image: kubernetesui/dashboard:v2.0.0-rc3

          ports:
            - containerPort: 8443
              protocol: TCP
            #增加http端口  
            - containerPort: 9090
              protocol: TCP
          args:
            #- --auto-generate-certificates
            - --namespace=kube-system
            #增加以下三行配置,使支持http
            - --enable-insecure-login
            - --insecure-port=9090
            - --enable-skip-login
            # Uncomment the following line to manually specify Kubernetes API server Host
            # If not specified, Dashboard will attempt to auto discover the API server and connect
            # to it. Uncomment only if the default does not work.
            # - --apiserver-host=http://my-address:port
          volumeMounts:
            - name: kubernetes-dashboard-certs
              mountPath: /certs
              # Create on-disk volume to store exec logs
            - mountPath: /tmp
              name: tmp-volume
          livenessProbe:
            httpGet:
              scheme: HTTPS
              path: /
              port: 8443
            #增加http的healthcheck  
            httpGet:
              scheme: HTTP
              port: 9090
            initialDelaySeconds: 30
            timeoutSeconds: 30
          securityContext:
            allowPrivilegeEscalation: false
            readOnlyRootFilesystem: true
            runAsUser: 1001
            runAsGroup: 2001
      volumes:
        - name: kubernetes-dashboard-certs
          secret:
            secretName: kubernetes-dashboard-certs
        - name: tmp-volume
          emptyDir: {}
      serviceAccountName: kubernetes-dashboard
      nodeSelector:
        "beta.kubernetes.io/os": linux
      # Comment the following tolerations if Dashboard must not be deployed on master
      tolerations:
        - key: node-role.kubernetes.io/master
          effect: NoSchedule
相关标签: 容器化

上一篇: Dockerfile 多段构建

下一篇: k8s 部署nfs storeclass

推荐阅读