k8s-dashboard-metrics-yaml_k8s资源-CSDN文库

共4个文件

yaml：3个

tar：1个

版权申诉

174 浏览量 2022-09-25 01:46:04 上传评论收藏 15.26MB ZIP 举报

Kubernetes（简称k8s）是Google开源的一种容器编排系统，用于自动化容器化应用的部署、扩展和管理。本主题将深入探讨如何使用yaml文件创建Kubernetes Dashboard并集成metrics服务，以便更好地监控和管理集群。在Kubernetes中，YAML（Yet Another Markup Language）是一种常用的语言，用于定义资源对象，如Pod、Service、Deployment等。`k8s-dashboard-metrics-yaml_k8s`可能包含了一系列yaml文件，这些文件描述了如何部署Kubernetes Dashboard以及相关的metrics服务，如Heapster或Prometheus。 1. **Kubernetes Dashboard**: Kubernetes Dashboard是官方提供的一个Web UI，它提供了图形化的界面，允许用户查看和管理集群的状态、部署应用程序、查看日志和资源使用情况。要部署Dashboard，你需要一个yaml文件（例如：`dashboard.yaml`），这个文件通常会定义一个Deployment和一个Service。Deployment负责创建和管理Pod，而Service则提供了一个稳定的网络接口来访问Dashboard。 2. **创建Dashboard Deployment**: 在`dashboard.yaml`中，`apiVersion`、`kind`、`metadata`和`spec`字段定义了Dashboard的部署配置。`spec.template.spec`部分包含了Pod的详细信息，如镜像（通常为`kubernetesui/dashboard:vX.Y.Z`）、端口映射、环境变量等。 3. **创建Dashboard Service**: 配置Service是为了让集群内的其他组件能够通过DNS名访问Dashboard。Service可以是ClusterIP（集群内部访问）、NodePort（通过节点端口访问）或LoadBalancer（公有云上通过负载均衡器访问）。在`dashboard.yaml`中，Service的配置会包括选择器（selector），确保Service指向Dashboard的Pod。 4. **Metrics集成**: Kubernetes Dashboard能够展示资源利用率、Pod状态等，但需要对接metrics服务。Heapster曾是默认的metrics收集器，但现在已被废弃。通常，我们会使用Prometheus或kube-state-metrics等替代方案。为此，你可能需要额外的yaml文件（如`metrics-server.yaml`）来部署metrics服务。 5. **Metrics Server**: Metrics Server是Kubernetes的一个组件，负责收集和聚合各个Pod的资源使用数据。部署Metrics Server的yaml文件会包含一个Deployment和一个Service，类似于Dashboard的部署方式。配置时，需确保Metrics Server能够正确地向apiserver报告metrics。 6. **安全考虑**: 为了安全起见，直接暴露Dashboard并不推荐。一般会通过设置RBAC（Role-Based Access Control）规则和使用ServiceAccount来限制访问权限。此外，还可以使用`kubectl proxy`或Ingress来提供安全的访问通道。 7. **应用yaml文件**: 要将这些yaml文件应用到集群，可以使用`kubectl apply -f 文件名.yaml`命令。这将创建或更新集群中的对应资源。 `k8s-dashboard-metrics-yaml_k8s`中的文件是部署和配置Kubernetes Dashboard以及metrics服务的关键。理解这些yaml文件的结构和内容对于有效地管理和监控Kubernetes集群至关重要。在实际操作中，务必遵循最佳实践，确保安全性，并根据需求调整配置。

资源详情

资源评论

资源推荐

收起资源包目录

k8s-dashboard-metrics-yaml.zip （4个子文件）

dashboard

recommended-rc1.yaml 7KB

recommended-bate4.yaml 7KB

metrics-scraper_v1.0.1.tar 38.27MB

dashboard-admin.yaml 515B

# Copyright 2017 The Kubernetes Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: v1 kind: Namespace metadata: name: kubernetes-dashboard --- apiVersion: v1 kind: ServiceAccount metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kubernetes-dashboard --- kind: Service apiVersion: v1 metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kubernetes-dashboard spec: type: NodePort ports: - port: 443 targetPort: 8443 nodePort: 30480 selector: k8s-app: kubernetes-dashboard --- apiVersion: v1 kind: Secret metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard-certs namespace: kubernetes-dashboard type: Opaque --- apiVersion: v1 kind: Secret metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard-csrf namespace: kubernetes-dashboard type: Opaque data: csrf: "" --- apiVersion: v1 kind: Secret metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard-key-holder namespace: kubernetes-dashboard type: Opaque --- kind: ConfigMap apiVersion: v1 metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard-settings namespace: kubernetes-dashboard --- kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kubernetes-dashboard rules: # Allow Dashboard to get, update and delete Dashboard exclusive secrets. - apiGroups: [""] resources: ["secrets"] resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"] verbs: ["get", "update", "delete"] # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map. - apiGroups: [""] resources: ["configmaps"] resourceNames: ["kubernetes-dashboard-settings"] verbs: ["get", "update"] # Allow Dashboard to get metrics. - apiGroups: [""] resources: ["services"] resourceNames: ["heapster", "dashboard-metrics-scraper"] verbs: ["proxy"] - apiGroups: [""] resources: ["services/proxy"] resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"] verbs: ["get"] --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard rules: # Allow Metrics Scraper to get metrics from the Metrics server - apiGroups: ["metrics.k8s.io"] resources: ["pods", "nodes"] verbs: ["get", "list", "watch"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kubernetes-dashboard roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: kubernetes-dashboard subjects: - kind: ServiceAccount name: kubernetes-dashboard namespace: kubernetes-dashboard --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: kubernetes-dashboard roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: kubernetes-dashboard subjects: - kind: ServiceAccount name: kubernetes-dashboard namespace: kubernetes-dashboard --- kind: Deployment apiVersion: apps/v1 metadata: labels: k8s-app: kubernetes-dashboard name: kubernetes-dashboard namespace: kubernetes-dashboard spec: replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: k8s-app: kubernetes-dashboard template: metadata: labels: k8s-app: kubernetes-dashboard spec: containers: - name: kubernetes-dashboard image: kubernetesui/dashboard:v2.0.0-rc1 imagePullPolicy: Always ports: - containerPort: 8443 protocol: TCP args: - --auto-generate-certificates - --namespace=kubernetes-dashboard - --token-ttl=43200 # Uncomment the following line to manually specify Kubernetes API server Host # If not specified, Dashboard will attempt to auto discover the API server and connect # to it. Uncomment only if the default does not work. # - --apiserver-host=http://my-address:port volumeMounts: - name: kubernetes-dashboard-certs mountPath: /certs # Create on-disk volume to store exec logs - mountPath: /tmp name: tmp-volume livenessProbe: httpGet: scheme: HTTPS path: / port: 8443 initialDelaySeconds: 30 timeoutSeconds: 30 securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true runAsUser: 1001 runAsGroup: 2001 volumes: - name: kubernetes-dashboard-certs hostPath: path: /home/weirong/model/data/certs-dashboard/ type: Directory - name: tmp-volume emptyDir: {} serviceAccountName: kubernetes-dashboard nodeSelector: "beta.kubernetes.io/os": linux # Comment the following tolerations if Dashboard must not be deployed on master tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule --- kind: Service apiVersion: v1 metadata: labels: k8s-app: dashboard-metrics-scraper name: dashboard-metrics-scraper namespace: kubernetes-dashboard spec: ports: - port: 8000 targetPort: 8000 selector: k8s-app: dashboard-metrics-scraper --- kind: Deployment apiVersion: apps/v1 metadata: labels: k8s-app: dashboard-metrics-scraper name: dashboard-metrics-scraper namespace: kubernetes-dashboard spec: replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: k8s-app: dashboard-metrics-scraper template: metadata: labels: k8s-app: dashboard-metrics-scraper annotations: seccomp.security.alpha.kubernetes.io/pod: 'runtime/default' spec: containers: - name: dashboard-metrics-scraper image: kubernetesui/metrics-scraper:v1.0.1 ports: - containerPort: 8000 protocol: TCP livenessProbe: httpGet: scheme: HTTP path: / port: 8000 initialDelaySeconds: 30 timeoutSeconds: 30 volumeMounts: - mountPath: /tmp name: tmp-volume securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true runAsUser: 1001 runAsGroup: 2001 serviceAccountName: kubernetes-dashboard nodeSelector: "beta.kubernetes.io/os": linux # Comment the following tolerations if Dashboard must not be deployed on master tolerations: - key: node-role.kubernetes.io/master effect: NoSchedule volumes: - name: tmp-volume emptyDir: {}