格式调整
This commit is contained in:
huanqing.shao
@ -1,193 +0,0 @@
|
||||
# 安装 Kuboard
|
||||
|
||||
## 前提
|
||||
|
||||
安装 Kuboard 时,假设您已经有一个 Kubernetes 集群
|
||||
|
||||
如果没有 Kubernetes 集群:
|
||||
|
||||
* 初学者, 请参考 [安装 Kubernetes 单Master节点](install-k8s)
|
||||
* 用于生产,请参考 [安装 Kubernetes 高可用](install-kubernetes)
|
||||
|
||||
碰到问题? **在线提问**
|
||||
|
||||
|
||||
|
||||
## 兼容性
|
||||
|
||||
|
||||
| Kubernetes 版本 | Kuboard 版本 | 兼容性 | 说明 |
|
||||
| --------------- | -------------- | ------ | ------------------------------------------------------------ |
|
||||
| v1.15 | v1.0.0-beta.13 | <span style="font-size: 24px;">😄</span> | 已验证 |
|
||||
| v1.14 | v1.0.0-beta.13 | <span style="font-size: 24px;">😄</span> | 已验证 |
|
||||
| v1.13 | v1.0.0-beta.13 | <span style="font-size: 24px;">😄</span> | 已验证 |
|
||||
| v1.12 | v1.0.0-beta.13 | <span style="font-size: 24px;">😐</span> | Kubernetes Api v1.12 尚不支持 dryRun,<br />忽略Kuboard在执行命令时的参数校验错误,可正常工作 |
|
||||
| v1.11 | v1.0.0-beta.13 | <span style="font-size: 24px;">😐</span> | 同上 |
|
||||
|
||||
|
||||
|
||||
## 安装
|
||||
|
||||
**获取并修改yaml文件**
|
||||
|
||||
```bash
|
||||
wget https://raw.githubusercontent.com/eip-work/eip-monitor-repository/master/dashboard/kuboard.yaml
|
||||
```
|
||||
|
||||
修改文件 Kuboard.yaml 中 Ingress 的 host 为 kuboard.yourclustername.yourdomain.com
|
||||
|
||||
**执行安装**
|
||||
|
||||
```bash
|
||||
kubectl apply -f kuboard.yaml
|
||||
```
|
||||
|
||||
## 获取 Token
|
||||
|
||||
您可以获得管理员用户、只读用户的Token
|
||||
|
||||
:::: tabs type:border-card
|
||||
|
||||
::: tab 管理员用户 lazy
|
||||
|
||||
**拥有的权限**
|
||||
|
||||
* 此Token拥有 ClusterAdmin 的权限,可以执行所有操作
|
||||
|
||||
**执行命令**
|
||||
|
||||
```bash
|
||||
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep kuboard-user | awk '{print $1}')
|
||||
```
|
||||
|
||||
**输出**
|
||||
|
||||
取输出信息中 token 字段
|
||||
```{13}
|
||||
Name: admin-user-token-g8hxb
|
||||
Namespace: kube-system
|
||||
Labels: <none>
|
||||
Annotations: [kubernetes.io/service-account.name](http://kubernetes.io/service-account.name): Kuboard-user
|
||||
[kubernetes.io/service-account.uid](http://kubernetes.io/service-account.uid): 948bb5e6-8cdc-11e9-b67e-fa163e5f7a0f
|
||||
|
||||
Type: [kubernetes.io/service-account-token](http://kubernetes.io/service-account-token)
|
||||
|
||||
Data
|
||||
====
|
||||
ca.crt: 1025 bytes
|
||||
namespace: 11 bytes
|
||||
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLWc4aHhiIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiI5NDhiYjVlNi04Y2RjLTExZTktYjY3ZS1mYTE2M2U1ZjdhMGYiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.DZ6dMTr8GExo5IH_vCWdB_MDfQaNognjfZKl0E5VW8vUFMVvALwo0BS-6Qsqpfxrlz87oE9yGVCpBYV0D00811bLhHIg-IR_MiBneadcqdQ_TGm_a0Pz0RbIzqJlRPiyMSxk1eXhmayfPn01upPdVCQj6D3vAY77dpcGplu3p5wE6vsNWAvrQ2d_V1KhR03IB1jJZkYwrI8FHCq_5YuzkPfHsgZ9MBQgH-jqqNXs6r8aoUZIbLsYcMHkin2vzRsMy_tjMCI9yXGiOqI-E5efTb-_KbDVwV5cbdqEIegdtYZ2J3mlrFQlmPGYTwFI8Ba9LleSYbCi4o0k74568KcN_w
|
||||
```
|
||||
|
||||
:::
|
||||
|
||||
|
||||
::: tab 只读用户 lazy
|
||||
|
||||
**拥有的权限**
|
||||
|
||||
- view 可查看名称空间的内容
|
||||
- system:node 可查看节点信息
|
||||
- system:persistent-volume-provisioner 可查看存储类和存储卷声明的信息
|
||||
|
||||
**适用场景**
|
||||
|
||||
只读用户不能对集群的配置执行修改操作,非常适用于将开发环境中的 Kuboard 只读权限分发给开发者,以便开发者可以便捷地诊断问题
|
||||
|
||||
**执行命令**
|
||||
|
||||
执行如下命令可以获得 <span style="color: #F56C6C; font-weight: 500;">只读用户</span> 的 Token
|
||||
|
||||
```bash
|
||||
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep kuboard-viewer | awk '{print $1}')
|
||||
```
|
||||
|
||||
**输出**
|
||||
|
||||
取输出信息中 token 字段
|
||||
```{13}
|
||||
Name: admin-user-token-g8hxb
|
||||
Namespace: kube-system
|
||||
Labels: <none>
|
||||
Annotations: [kubernetes.io/service-account.name](http://kubernetes.io/service-account.name): Kuboard-viewer
|
||||
[kubernetes.io/service-account.uid](http://kubernetes.io/service-account.uid): 948bb5e6-8cdc-11e9-b67e-fa163e5f7a0f
|
||||
|
||||
Type: [kubernetes.io/service-account-token](http://kubernetes.io/service-account-token)
|
||||
|
||||
Data
|
||||
====
|
||||
ca.crt: 1025 bytes
|
||||
namespace: 11 bytes
|
||||
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbi11c2VyLXRva2VuLWc4aHhiIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImFkbWluLXVzZXIiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiI5NDhiYjVlNi04Y2RjLTExZTktYjY3ZS1mYTE2M2U1ZjdhMGYiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06YWRtaW4tdXNlciJ9.DZ6dMTr8GExo5IH_vCWdB_MDfQaNognjfZKl0E5VW8vUFMVvALwo0BS-6Qsqpfxrlz87oE9yGVCpBYV0D00811bLhHIg-IR_MiBneadcqdQ_TGm_a0Pz0RbIzqJlRPiyMSxk1eXhmayfPn01upPdVCQj6D3vAY77dpcGplu3p5wE6vsNWAvrQ2d_V1KhR03IB1jJZkYwrI8FHCq_5YuzkPfHsgZ9MBQgH-jqqNXs6r8aoUZIbLsYcMHkin2vzRsMy_tjMCI9yXGiOqI-E5efTb-_KbDVwV5cbdqEIegdtYZ2J3mlrFQlmPGYTwFI8Ba9LleSYbCi4o0k74568KcN_w
|
||||
```
|
||||
|
||||
:::
|
||||
::::
|
||||
|
||||
|
||||
## 访问 Kuboard
|
||||
|
||||
您可以通过NodePort、port-forward、域名三种方式当中的任意一种访问 Kuboard
|
||||
|
||||
:::: tabs type:border-card
|
||||
|
||||
::: tab 通过NodePort访问 lazy
|
||||
|
||||
Kuboard Service 使用了 NodePort 的方式暴露服务,NodePort 为 32567;您可以按如下方式访问 Kuboard。(可以使用集群中任意节点的 IP 地址)
|
||||
|
||||
`
|
||||
http://any-of-your-node-ip:32567/
|
||||
`
|
||||
|
||||
输入前一步骤中获得的 token,可进入 **Kuboard 集群概览页**
|
||||
|
||||
::: tip
|
||||
您也可以修改 Kuboard.yaml 文件,使用自己定义的 NodePort 端口号
|
||||
|
||||
|
||||
:::
|
||||
|
||||
::: tab 通过port-forward访问 lazy
|
||||
|
||||
在您的客户端电脑中执行如下命令
|
||||
|
||||
```sh
|
||||
kubectl port-forward service/Kuboard 8080:80 -n kube-system
|
||||
```
|
||||
|
||||
在浏览器打开链接 (请使用 kubectl 所在机器的IP地址)
|
||||
|
||||
`http://localhost:8080`
|
||||
|
||||
输入前一步骤中获得的 token,可进入 **Kuboard 集群概览页**
|
||||
|
||||
::: tip
|
||||
需要您先完成 [从客户端电脑远程管理 Kubernetes](install-kubectl) 的配置
|
||||
|
||||
|
||||
:::
|
||||
|
||||
::: tab 通过域名访问 lazy
|
||||
|
||||
在浏览器打开链接 (请使用前面安装 Kuboard 时已修改的域名)
|
||||
|
||||
`http://kuboard.yourclustername.yourdomain.com`
|
||||
|
||||
|
||||
输入前一步骤中获得的 token,可进入 **Kuboard 集群概览页**
|
||||
|
||||
::: tip
|
||||
需要您
|
||||
* 正确安装 Ingress Controller
|
||||
* 将您所使用的域名指向 Kubernetes 中的一个 Worker 节点(或者Ingress Controller所在机器的IP,不同类型的Ingress Controller配置不同)
|
||||
|
||||
:::
|
||||
|
||||
::::
|
||||
|
||||
|
||||
**下一步**
|
||||
|
||||
- 使用 Kuboard 工作负载编辑器 [创建 busybox](/guide/example/busybox) (10分钟)
|
||||
|
||||
- 尝试 Kuboard 设计的其他 example [使用 Kuboard](/guide/index)
|
||||
@ -1,60 +0,0 @@
|
||||
# 安装 Kuboard 失败时如何诊断
|
||||
|
||||
少数情况下,您可能会碰到安装 Kuboard 失败的情况,请按照如下步骤进行诊断
|
||||
|
||||
## 诊断步骤
|
||||
|
||||
**检查 Kuboard 容器组状态**
|
||||
|
||||
执行命令
|
||||
|
||||
```sh
|
||||
kubectl get pods -n kube-system
|
||||
```
|
||||
|
||||
输出结果如下所示:
|
||||
|
||||
```sh
|
||||
NAME READY STATUS RESTARTS AGE
|
||||
calico-kube-controllers-7c4d64d599-67hkh 1/1 Running 0 13h
|
||||
calico-node-9sf77 1/1 Running 3 8d
|
||||
calico-node-p8sxb 1/1 Running 2 8d
|
||||
calico-node-w472g 1/1 Running 3 8d
|
||||
coredns-5c98db65d4-9hwnj 1/1 Running 3 8d
|
||||
coredns-5c98db65d4-dr86j 1/1 Running 3 8d
|
||||
etcd-demo-master-a-1 1/1 Running 3 8d
|
||||
kube-apiserver-demo-master-a-1 1/1 Running 3 8d
|
||||
kube-controller-manager-demo-master-a-1 1/1 Running 3 8d
|
||||
kube-proxy-4tfrx 1/1 Running 2 8d
|
||||
kube-proxy-ps676 1/1 Running 2 8d
|
||||
kube-proxy-x8v4p 1/1 Running 3 8d
|
||||
kube-scheduler-demo-master-a-1 1/1 Running 3 8d
|
||||
kuboard-7bb8d57995-nkqzw 1/1 Running 0 2d20h
|
||||
```
|
||||
|
||||
::: tip
|
||||
|
||||
根据 Kubernetes 安装方式不同、节点数量不同,您得到的输出结果会与样例结果有差异
|
||||
|
||||
请对结果做如下检查:
|
||||
|
||||
* kuboard-xxxxxxxxxx-xxxxx 的 STATUS 是否为 Runnning
|
||||
|
||||
:::
|
||||
|
||||
**检查 Kuboard 容器组日志**
|
||||
|
||||
执行命令,请使用实际 kuboard 容器组的名称替换命令中的 kuboard-xxxxxxxxxx-xxxxx
|
||||
|
||||
```sh
|
||||
kubectl logs -f kuboard-xxxxxxxxxx-xxxxx -n kube-system
|
||||
```
|
||||
|
||||
如果您得到如下错误信息: host not found in resolver "kube-dns.kube-system.svc.cluster.local"
|
||||
|
||||
```
|
||||
2019/07/26 23:09:33 [emerg] 1#1: host not found in resolver "kube-dns.kube-system.svc.cluster.local" in /etc/nginx/conf.d/nginx.80.conf:36
|
||||
nginx: [emerg] host not found in resolver "kube-dns.kube-system.svc.cluster.local" in /etc/nginx/conf.d/nginx.80.conf:36
|
||||
```
|
||||
|
||||
请 [创建 kube-dns Service](install-dashboard-diagonize-kube-dns)
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
## 文档特点
|
||||
|
||||
网上那么多 K8S 安装文档,为什么这篇文档更有参考价值?
|
||||
**网上那么多 Kubernetes 安装文档,为什么这篇文档更有参考价值?**
|
||||
|
||||
* **众多网友验证,并在线提出修改意见**
|
||||
|
||||
@ -437,17 +437,21 @@ kubectl apply -f https://raw.githubusercontent.com/eip-work/eip-monitor-reposito
|
||||
|
||||
将域名 *.demo.yourdomain.com 解析到 demo-worker-a-2 的 IP 地址 z.z.z.z (也可以是 demo-worker-a-1 的地址 y.y.y.y)
|
||||
|
||||
**验证配置**
|
||||
|
||||
在浏览器访问 a.demo.yourdomain.com,将得到 404 NotFound 错误页面
|
||||
|
||||
::: tip
|
||||
由于需要申请域名,过程会比较繁琐,有如下两种替代方案:
|
||||
|
||||
* 在您的客户端机器(访问部署在K8S上的 web 应用的浏览器所在的机器)设置 hosts 配置;
|
||||
* 暂时放弃域名的配置,临时使用 NodePort 或者 `kubectl port-forward` 的方式访问部署在 K8S 上的 web 应用
|
||||
* 如果您打算将您安装的 Kubernetes 用于生产环境,请参考此文档 [Installing Ingress Controller](https://github.com/nginxinc/kubernetes-ingress/blob/v1.5.2/docs/installation.md),完善 Ingress 的配置
|
||||
|
||||
:::
|
||||
|
||||
**验证配置**
|
||||
|
||||
在浏览器访问 a.demo.yourdomain.com,将得到 404 NotFound 错误页面
|
||||
::: warning
|
||||
如果您打算将您安装的 Kubernetes 用于生产环境,请参考此文档 [Installing Ingress Controller](https://github.com/nginxinc/kubernetes-ingress/blob/v1.5.2/docs/installation.md),完善 Ingress 的配置
|
||||
:::
|
||||
|
||||
|
||||
## 下一步
|
||||
|
||||
Reference in New Issue
Block a user