diff --git a/.vuepress/components/AdSenseLeftTop.vue b/.vuepress/components/AdSenseLeftTop.vue
index 529daf3..fab34b1 100644
--- a/.vuepress/components/AdSenseLeftTop.vue
+++ b/.vuepress/components/AdSenseLeftTop.vue
@@ -10,6 +10,11 @@
+
diff --git a/.vuepress/components/ad-list.js b/.vuepress/components/ad-list.js
index 58daafb..2eef796 100644
--- a/.vuepress/components/ad-list.js
+++ b/.vuepress/components/ad-list.js
@@ -5,7 +5,7 @@ module.exports = [
strong: '一键离线安装',
action: '去看看',
url: 'https://github.com/fanux/sealos',
- weight: 10
+ weight: 60
},
// {
// name: '阳明的博客',
@@ -23,14 +23,14 @@ module.exports = [
// url: 'https://time.geekbang.org/column/intro/100036601?code=0Totv3yN%2FohiumTclUF4ky4qRYs9Ecq6ZK4IdgNf88M%3D',
// weight: 1
// },
- {
- name: '腾讯云',
- description: '腾讯云双十二活动,',
- strong: '百款云产品一折起',
- action: '去抢',
- url: 'https://cloud.tencent.com/act/cps/redirect?redirect=1052&cps_key=2ee6baa049659f4713ddc55a51314372&from=console',
- weight: 60
- },
+ // {
+ // name: '腾讯云',
+ // description: '腾讯云双十二活动,',
+ // strong: '百款云产品一折起',
+ // action: '去抢',
+ // url: 'https://cloud.tencent.com/act/cps/redirect?redirect=1052&cps_key=2ee6baa049659f4713ddc55a51314372&from=console',
+ // weight: 60
+ // },
// {
// name: '阿里云',
// description: '双十二,主会场,',
@@ -41,14 +41,14 @@ module.exports = [
// },
{
name: 'Kubetrain',
- description: 'K8S在线直播培训,首次开班优惠',
+ description: 'K8S在线直播培训,内推机会',
strong: '不满意可无条件退款',
action: '现在就去',
url: 'https://kubetrain.cn/?from=kuboard-ads',
weight: 60
},
{
- name: '10元直播课',
+ name: '12元直播课',
description: 'Kubernetes集群安装详解,安装脚本定制',
strong: '入门起点',
action: '捧个场',
diff --git a/.vuepress/config-sidebar.js b/.vuepress/config-sidebar.js
index 3e8aee3..302c27e 100644
--- a/.vuepress/config-sidebar.js
+++ b/.vuepress/config-sidebar.js
@@ -48,8 +48,15 @@ module.exports = {
'install-dashboard',
'install-dashboard-offline',
'install-dashboard-upgrade',
- 'install-kubectl',
- 'config-kubectl',
+ {
+ title: 'kubectl',
+ collapsable: true,
+ children: [
+ 'install-kubectl',
+ 'config-kubectl',
+ 'install-kubectl-sa',
+ ]
+ },
'install-k8s-dashboard',
]
},
@@ -398,6 +405,7 @@ module.exports = {
collapsable: true,
children: [
'k8s-advanced/sec/sa-admin',
+ 'k8s-advanced/sec/kuboard',
'k8s-advanced/sec/rbac/api',
'k8s-advanced/sec/rbac/default',
'k8s-advanced/sec/rbac/escalation',
diff --git a/.vuepress/config.js b/.vuepress/config.js
index 600e6a5..e01eafd 100644
--- a/.vuepress/config.js
+++ b/.vuepress/config.js
@@ -159,7 +159,7 @@ module.exports = {
{ text: '支持', link: '/support/' },
{ text: '培训', link: 'https://kubetrain.cn/?from=kuboard', target: '_blank' },
// { text: '博客', link: 'http://k8s.kubetrain.cn/' },
- { text: '论坛', link: 'http://bbs.kuboard.cn/', target: '_blank' },
+ // { text: '论坛', link: 'http://bbs.kuboard.cn/', target: '_blank' },
// { text: 'DevOps', link: '/devops/' }
],
displayAllHeaders: false,
diff --git a/.vuepress/public/images/ads/tencent-cloud.jpg b/.vuepress/public/images/ads/tencent-cloud.jpg
new file mode 100644
index 0000000..86ad02e
Binary files /dev/null and b/.vuepress/public/images/ads/tencent-cloud.jpg differ
diff --git a/.vuepress/public/install-script/kuboard-beta.yaml b/.vuepress/public/install-script/kuboard-beta.yaml
new file mode 100644
index 0000000..1afbb3b
--- /dev/null
+++ b/.vuepress/public/install-script/kuboard-beta.yaml
@@ -0,0 +1,112 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: kuboard
+ namespace: kube-system
+ annotations:
+ k8s.eip.work/displayName: kuboard
+ k8s.eip.work/ingress: "true"
+ k8s.eip.work/service: NodePort
+ k8s.eip.work/workload: kuboard
+ labels:
+ k8s.eip.work/layer: monitor
+ k8s.eip.work/name: kuboard
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ k8s.eip.work/layer: monitor
+ k8s.eip.work/name: kuboard
+ template:
+ metadata:
+ labels:
+ k8s.eip.work/layer: monitor
+ k8s.eip.work/name: kuboard
+ spec:
+ containers:
+ - name: kuboard
+ image: eipwork/kuboard:beta
+ imagePullPolicy: Always
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ effect: NoSchedule
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: kuboard
+ namespace: kube-system
+spec:
+ type: NodePort
+ ports:
+ - name: http
+ port: 80
+ targetPort: 80
+ nodePort: 32567
+ selector:
+ k8s.eip.work/layer: monitor
+ k8s.eip.work/name: kuboard
+
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: kuboard-user
+ namespace: kube-system
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: kuboard-user
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+- kind: ServiceAccount
+ name: kuboard-user
+ namespace: kube-system
+
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: kuboard-viewer
+ namespace: kube-system
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: kuboard-viewer
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: view
+subjects:
+- kind: ServiceAccount
+ name: kuboard-viewer
+ namespace: kube-system
+
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: kuboard
+ namespace: kube-system
+ annotations:
+ k8s.eip.work/displayName: kuboard
+ k8s.eip.work/workload: kuboard
+ nginx.org/websocket-services: "kuboard"
+ nginx.com/sticky-cookie-services: "serviceName=kuboard srv_id expires=1h path=/"
+spec:
+ rules:
+ - host: kuboard.yourdomain.com
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: kuboard
+ servicePort: http
diff --git a/.vuepress/public/install-script/kuboard-offline.yaml b/.vuepress/public/install-script/kuboard-offline.yaml
index 222b333..7447ecb 100644
--- a/.vuepress/public/install-script/kuboard-offline.yaml
+++ b/.vuepress/public/install-script/kuboard-offline.yaml
@@ -95,26 +95,26 @@ subjects:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
- name: kuboard-viewer-node
+ name: kuboard-viewer:kuboard-minimum-role
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
- name: system:node
+ name: kuboard-minimum-role
subjects:
-- kind: ServiceAccount
- name: kuboard-viewer
- namespace: kube-system
+ - kind: ServiceAccount
+ name: kuboard-viewer
+ namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
+kind: ClusterRole
metadata:
- name: kuboard-viewer-pvp
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: system:persistent-volume-provisioner
-subjects:
-- kind: ServiceAccount
- name: kuboard-viewer
- namespace: kube-system
+ name: kuboard-minimum-role
+rules:
+ - apiGroups:
+ - ''
+ resources:
+ - 'namespaces'
+ - 'nodes'
+ verbs:
+ - 'list'
diff --git a/.vuepress/public/install-script/kuboard.yaml b/.vuepress/public/install-script/kuboard.yaml
index 140a64e..8a77157 100644
--- a/.vuepress/public/install-script/kuboard.yaml
+++ b/.vuepress/public/install-script/kuboard.yaml
@@ -94,29 +94,29 @@ subjects:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
- name: kuboard-viewer-node
+ name: kuboard-viewer:kuboard-minimum-role
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
- name: system:node
+ name: kuboard-minimum-role
subjects:
-- kind: ServiceAccount
- name: kuboard-viewer
- namespace: kube-system
+ - kind: ServiceAccount
+ name: kuboard-viewer
+ namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
+kind: ClusterRole
metadata:
- name: kuboard-viewer-pvp
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: system:persistent-volume-provisioner
-subjects:
-- kind: ServiceAccount
- name: kuboard-viewer
- namespace: kube-system
+ name: kuboard-minimum-role
+rules:
+ - apiGroups:
+ - ''
+ resources:
+ - 'namespaces'
+ - 'nodes'
+ verbs:
+ - 'list'
---
apiVersion: extensions/v1beta1
diff --git a/.vuepress/public/install-script/refine-kuboard-role.yaml b/.vuepress/public/install-script/refine-kuboard-role.yaml
new file mode 100644
index 0000000..4c3c992
--- /dev/null
+++ b/.vuepress/public/install-script/refine-kuboard-role.yaml
@@ -0,0 +1,34 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: kuboard-viewer:kuboard-minimum-role
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: kuboard-minimum-role
+subjects:
+ - apiGroup: rbac.authorization.k8s.io
+ kind: Group
+ name: system:serviceaccounts
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ name: kuboard-minimum-role
+rules:
+ - apiGroups:
+ - 'rbac.authorization.k8s.io'
+ resources:
+ - 'clusterrolebindings'
+ - 'rolebindings'
+ verbs:
+ - 'list'
+ - apiGroups:
+ - 'rbac.authorization.k8s.io'
+ resources:
+ - 'clusterroles'
+ - 'roles'
+ verbs:
+ - 'get'
diff --git a/.vuepress/theme/components/Sidebar.vue b/.vuepress/theme/components/Sidebar.vue
index d0e359c..d9c696d 100644
--- a/.vuepress/theme/components/Sidebar.vue
+++ b/.vuepress/theme/components/Sidebar.vue
@@ -26,9 +26,9 @@
-
+
diff --git a/install/install-dashboard.md b/install/install-dashboard.md
index b525c4c..e092350 100644
--- a/install/install-dashboard.md
+++ b/install/install-dashboard.md
@@ -47,16 +47,29 @@ Kuboard 是 Kubernetes 的一款图形化管理界面。
-
+
安装 Kuboard。
> 如果您参考 https://kuboard.cn 网站上提供的 Kubernetes 安装文档,可在 master 节点上执行以下命令。
+
+
+
``` sh
kubectl apply -f https://kuboard.cn/install-script/kuboard.yaml
```
+
+
+
+``` sh
+kubectl apply -f https://kuboard.cn/install-script/kuboard-beta.yaml
+```
+
+
+
+
查看 Kuboard 运行状态:
``` sh
@@ -70,8 +83,8 @@ kuboard-54c9c4f6cb-6lf88 1/1 Running 0 45s
```
> 如果您一直不能看到 kuboard 处于 Running 状态,可参考 [诊断应用程序](/learning/k8s-advanced/ts/application.html),查找原因。如不能解决,请到本文页尾加群,联系群主解决。
-
-
+
+
卸载 Kuboard
@@ -79,7 +92,7 @@ kuboard-54c9c4f6cb-6lf88 1/1 Running 0 45s
kubectl delete -f https://kuboard.cn/install-script/kuboard.yaml
```
-
+
@@ -87,7 +100,8 @@ kubectl delete -f https://kuboard.cn/install-script/kuboard.yaml
您可以获得管理员用户、只读用户的Token。
-> Kuboard 有计划开发权限设置的功能,在这之前,如果您需要更细粒度的权限控制,请参考 [RBAC Example](/learning/k8s-advanced/sec/rbac/example.html)
+> * 如果您需要更细粒度的权限控制,请参考 [RBAC Example](/learning/k8s-advanced/sec/rbac/example.html)
+> * Kuboard beta 版已经开始支持 RBAC,请参考 [使用Kuboard管理ServiceAccount及RBAC](/learning/k8s-advanced/sec/kuboard.html)
diff --git a/install/install-k8s.md b/install/install-k8s.md
index f1a9a6a..4d652e5 100644
--- a/install/install-k8s.md
+++ b/install/install-k8s.md
@@ -25,7 +25,7 @@ meta:
* 了解何规划自己的集群,并可以结合自己的实际情况对安装脚本做客户化定制
* 了解快速落地 K8S 的最佳学习路径
-[报名直播课程-详细讲解此安装过程](https://ke.qq.com/course/477593?flowToken=1016935)
+[报名12元直播课程-详细讲解此安装过程](https://ke.qq.com/course/477593?flowToken=1016935)
也可以在此 [提出对直播课的要求](http://bbs.kuboard.cn/forum.php?mod=viewthread&tid=10)
@@ -117,9 +117,9 @@ lscpu
| 7.7 | 😄 | 已验证 |
| 7.6 | 😄 | 已验证 |
| 7.5 | 😞 | 已证实会出现 kubelet 无法启动的问题 |
-| 7.4 | 😞 | 同上 |
-| 7.3 | 😞 | 同上 |
-| 7.2 | 😞 | 同上 |
+| 7.4 | 😞 | 已证实会出现 kubelet 无法启动的问题 |
+| 7.3 | 😞 | 已证实会出现 kubelet 无法启动的问题 |
+| 7.2 | 😞 | 已证实会出现 kubelet 无法启动的问题 |
@@ -516,7 +516,7 @@ kubectl delete -f https://kuboard.cn/install-script/v1.17.x/nginx-ingress.yaml
您已经完成了 Kubernetes 集群的安装,下一步请:
-[报名直播课程-详细讲解此安装过程](https://ke.qq.com/course/477593?flowToken=1016934) 也可以在此 [提出对直播课的要求](http://bbs.kuboard.cn/forum.php?mod=viewthread&tid=10)
+[报名12元直播课程-详细讲解此安装过程](https://ke.qq.com/course/477593?flowToken=1016934) 也可以在此 [提出对直播课的要求](http://bbs.kuboard.cn/forum.php?mod=viewthread&tid=10)
点击此处,给个GitHub Star
支持一下吧,这么多人都 star 了呢,怎么能少得了您呢?
diff --git a/install/install-kubectl-sa.md b/install/install-kubectl-sa.md
new file mode 100644
index 0000000..1255043
--- /dev/null
+++ b/install/install-kubectl-sa.md
@@ -0,0 +1,19 @@
+---
+vssueId: 18
+titlePrefix: 从客户端电脑远程管理Kubernetes
+description: Kubernete安装文档_日常工作中您可能需要在自己的笔记本电脑上执行kubectl命令以管理远程Linux服务器上的Kubernetes集群_本文档介绍了如何从Kuboard中获取kubectl的配置文件
+meta:
+ - name: keywords
+ content: kubectl,kubectl安装,远程管理Kubernetes,远程管理K8S
+---
+
+# 使用ServiceAccount登录kubectl
+
+
+
+## 创建 ServiceAccount 并分配权限
+
+请参考 [使用Kuboard管理ServiceAccount及RBAC](/learning/k8s-advanced/sec/kuboard.html)
+
+
+## 在kubectl中使用ServiceAccount管理集群
diff --git a/install/install-kubernetes.md b/install/install-kubernetes.md
index d0423fd..e84066f 100644
--- a/install/install-kubernetes.md
+++ b/install/install-kubernetes.md
@@ -63,8 +63,8 @@ kubernetes 安装有多种选择,本文档描述的集群安装具备如下特
* **在线答疑**
也可以扫描二维码加群
-
- 
+
+
+kubernetes支持多种Ingress Controllers (traefic / Kong / Istio / Nginx 等),本文推荐使用 https://github.com/nginxinc/kubernetes-ingress
diff --git a/learning/k8s-advanced/sec/kuboard.assets/image-20200107220752697.png b/learning/k8s-advanced/sec/kuboard.assets/image-20200107220752697.png
new file mode 100644
index 0000000..11ed3cb
Binary files /dev/null and b/learning/k8s-advanced/sec/kuboard.assets/image-20200107220752697.png differ
diff --git a/learning/k8s-advanced/sec/kuboard.assets/image-20200107220900840.png b/learning/k8s-advanced/sec/kuboard.assets/image-20200107220900840.png
new file mode 100644
index 0000000..c66886f
Binary files /dev/null and b/learning/k8s-advanced/sec/kuboard.assets/image-20200107220900840.png differ
diff --git a/learning/k8s-advanced/sec/kuboard.assets/image-20200107221016367.png b/learning/k8s-advanced/sec/kuboard.assets/image-20200107221016367.png
new file mode 100644
index 0000000..9d39b04
Binary files /dev/null and b/learning/k8s-advanced/sec/kuboard.assets/image-20200107221016367.png differ
diff --git a/learning/k8s-advanced/sec/kuboard.assets/image-20200107221157156.png b/learning/k8s-advanced/sec/kuboard.assets/image-20200107221157156.png
new file mode 100644
index 0000000..92eab98
Binary files /dev/null and b/learning/k8s-advanced/sec/kuboard.assets/image-20200107221157156.png differ
diff --git a/learning/k8s-advanced/sec/kuboard.assets/image-20200107221411054.png b/learning/k8s-advanced/sec/kuboard.assets/image-20200107221411054.png
new file mode 100644
index 0000000..49810de
Binary files /dev/null and b/learning/k8s-advanced/sec/kuboard.assets/image-20200107221411054.png differ
diff --git a/learning/k8s-advanced/sec/kuboard.assets/image-20200107221703581.png b/learning/k8s-advanced/sec/kuboard.assets/image-20200107221703581.png
new file mode 100644
index 0000000..b82e41b
Binary files /dev/null and b/learning/k8s-advanced/sec/kuboard.assets/image-20200107221703581.png differ
diff --git a/learning/k8s-advanced/sec/kuboard.assets/image-20200107221910036.png b/learning/k8s-advanced/sec/kuboard.assets/image-20200107221910036.png
new file mode 100644
index 0000000..6d910e1
Binary files /dev/null and b/learning/k8s-advanced/sec/kuboard.assets/image-20200107221910036.png differ
diff --git a/learning/k8s-advanced/sec/kuboard.md b/learning/k8s-advanced/sec/kuboard.md
new file mode 100644
index 0000000..edebe50
--- /dev/null
+++ b/learning/k8s-advanced/sec/kuboard.md
@@ -0,0 +1,75 @@
+---
+vssueId: 175
+layout: LearningLayout
+sharingTitle: Kubernetes的RBAC授权从未如此简单
+description: Kubernetes教程_Role-based_access_control_(RBAC)基于角色的访问控制_是Kubernetes中支持的一种授权方式。本文描述了如何使用Kuboard管理RBAC授权规则
+meta:
+ - name: keywords
+ content: Kubernetes 教程,Kubernetes 授权,Kubernetes RBAC,Kubernetes权限,Service Account Permissions
+
+---
+
+# 使用Kuboard管理ServiceAccount及RBAC
+
+
+
+
+
+首先,确保您已经 [安装了 Kuboard](/install/install-dashboard-upgrade.html) Kuboard v1.0.6-beta.3,并且使用 [管理员用户](/install/install-dashboard.html#获取token)) 登录Kuboard
+
+
+
+## 为名称空间创建管理员用户
+
+::: tip 用户名密码?
+* 当前只支持 [ServiceAccount](/learning/k8s-advanced/sec/sa-admin.html#user-accounts-vs-service-accounts)
+* 用户名密码(OpenID Connect)的登录方式将在2020年2月提供
+:::
+
+按照下面的步骤,可以快速为 Kubernetes 中的某个名称空间创建管理用户
+
+* 进入 Kuboard 名称空间页面,如下图所示:
+
+ 
+
+* 点击上图中的 ***ServiceAccount*** 按钮,进入 ServiceAccount 列表页面,如下图所示:
+
+ 
+
+* 点击上图中的 ***创建ServiceAccount*** 按钮,如下图所示:
+
+ 填写 **名称** 后,保存 *ServiceAccount*
+
+ 
+
+* 完成创建后,将自动进入 ServiceAccount 详情页,如下图所示:
+
+ 图中,可以看到 Kubernetes 默认为 ServiceAccount 授予的 ***集群级别权限***
+
+ 
+
+* 点击上图中 ***RoleBinding*** 后的 ***添加*** 按钮,如下图所示:
+
+ 并在 ***关联的 ClusterRole/Role*** 选择:
+
+ * kind : ClusterRole
+ * name : admin
+
+ 
+
+* 点击上图中的 ***保存*** 按钮,完成后如下图所示:
+
+ 可以观察到已经为 *admin-user* 这个 *ServiceAccount* 授予了名称空间内部的 *admin* 角色,对应的权限可以在 ***名称空间级别权限*** 中查看
+
+ 
+
+* 点击上图中的 ***查看Token*** 按钮,如下图所示:
+
+ **此 Token 可以用来登录 Kuboard 界面**
+
+ 
+
+
+## 下一步
+
+[在 kubectl 中使用 ServiceAccount 的 Token 管理 Kubernetes 集群](/install/install-kubectl-sa.html)
diff --git a/learning/k8s-advanced/sec/rbac/default.md b/learning/k8s-advanced/sec/rbac/default.md
index 11db3c6..3a09484 100644
--- a/learning/k8s-advanced/sec/rbac/default.md
+++ b/learning/k8s-advanced/sec/rbac/default.md
@@ -52,7 +52,7 @@ kubectl get clusterroles system:discovery -o yaml
* 可通过 ClusterRoleBinding 绑定的集群级别的角色(`cluster-status`)
* 可通过 RoleBinding 绑定到特定名称空间的角色(`admin`、`edit`、`view`)
-从 Kubernetes 1.9 开始,user-facing roles 使用 [ClusterRole Aggregation](./api.html#aggregated-clusterroles) 以使管理员在其中包含 Custom Resource 的授权规则。想 `admin`、`edit`、`view` 等角色添加授权规则时,可创建一个 ClusterRole,包含一个或多个下述标签即可:
+从 Kubernetes 1.9 开始,user-facing roles 使用 [ClusterRole Aggregation](./api.html#aggregated-clusterroles) 以使管理员在其中包含 Custom Resource 的授权规则。向 `admin`、`edit`、`view` 等角色添加授权规则时,可创建一个 ClusterRole,包含一个或多个下述标签即可:
``` yaml
metadata:
@@ -124,4 +124,4 @@ metadata:
- system:controller:service-account-controller
- system:controller:service-controller
- system:controller:statefulset-controller
-- system:controller:ttl-controller
\ No newline at end of file
+- system:controller:ttl-controller
diff --git a/support/change-log/change-log-on-the-way.md b/support/change-log/change-log-on-the-way.md
index 9822161..b37fff9 100644
--- a/support/change-log/change-log-on-the-way.md
+++ b/support/change-log/change-log-on-the-way.md
@@ -1,13 +1,22 @@
Kuboard v1.0.x 的更新说明
-
-## v1.0.6-beta.1
-
+## v1.0.6-beta.5
**新特性**
+* ServiceAccount详情页 --> 使用 ServiceAccount 的 Token 访问 kubectl
-* 工作负载编辑器 --> 容器信息 --> 挂载点 --> 支持subPathExpr
+**优化**
+* ServiceAccount列表页 --> 按名称、标签搜索
+* ServiceAccount详情页 --> 删除ServiceAccount时,同时删除关联的 RoleBinding/ClusterRoleBinding
+**Bug修复**
+* Secret对话框 --> 创建Secret时,不显示内容区
+* 名称空间页 --> StatefulSet如果没有 annotations 时,不能在名称空间页上显示
+ * 此问题的具体表现:部分使用 helm 创建的工作负载不能在Kuboard上显示,原因是Deployment、StatefulSet或DaemonSet中没有 annotations 信息
+
+------------------
+
+* 安装文档中,去除 IngressController 的链接
* 日志界面支持 ctrl + F
* 更新版本时,可以通过下拉列表选择仓库中的版本号
diff --git a/support/change-log/v1.0.x.md b/support/change-log/v1.0.x.md
index 9259380..495f156 100644
--- a/support/change-log/v1.0.x.md
+++ b/support/change-log/v1.0.x.md
@@ -9,10 +9,71 @@ description: 本文描述了Kuboard_v1.0.x的版本变更说明
了解如何 [升级Kuboard](/install/install-dashboard-upgrade.html)
-eipwork/kuboard:latest 当前对应的版本是 kuboard v1.0.5.4
+* eipwork/kuboard:latest 当前对应的版本是 kuboard v1.0.5.4
+* eipwork/kuboard:beta 当前对应的版本是 kuboard v1.0.6-beta.3
Kuboard v1.0.x 的更新说明
+## v1.0.6-beta.4
+
+**新特性**
+* 按条件查询ClusterRole列表
+* 创建ClusterRole
+
+**优化**
+* 根据当前用户的权限决定是否显示创建ClusterRoleBinding
+
+**Bug修复**
+* 删除对象窗口 --> 部分情况下,确认按钮不能点击
+* 集群概览页 --> 在部分情况下布局不正常
+
+## v1.0.6-beta.3
+
+**发布日期**
+
+2020年1月7日
+
+**新特性**
+* 查看当前登录用户的信息及权限
+
+**优化**
+* 登录界面 --> 如果用户不能查看名称空间列表,则跳过集群概览页面直接进入其所在的名称空间
+* 登录界面 --> 校验 Token 时使用 selfsubjectaccessreviews 接口,而不是 nodes 接口,以符合最小授权原则
+* ServiceAccount列表页及详情页 --> 根据当前登录用户的访问规则显示对应的操作按钮
+
+## v1.0.6-beta.2
+
+**发布日期**
+
+2020年1月6日
+
+**新特性**
+
+* 可以创建 ServiceAccount,并为其分配 ClusterRole/Role
+ * ServiceAccount --> 创建/删除 ServiceAccount
+ * ServiceAccount --> ClusterRoleBinding --> 绑定到ClusterRole/Role
+ * ClusterRole 详细信息 --> ClusterRoleBinding/RoleBinding --> 绑定到 ServiceAccount
+ * Role 详细信息 --> RoleBinding --> 绑定到 ServiceAccount
+* 可以使用自建的 ServiceAccount 登陆 Kuboard
+ * 登陆界面 --> 输入Token后,显示 ServiceAccountName
+ * 页头 --> 显示当前登陆用户名
+
+## v1.0.6-beta.1
+
+**发布日期**
+
+2020年1月5日
+
+**新特性**
+
+* 工作负载编辑器 --> 容器信息 --> 挂载点 --> 支持subPathExpr
+* 名称空间 --> ServiceAccount --> 列表
+* 名称空间 --> ServiceAccount --> 查看详情及修改 ClusterRoleBinding/RoleBinding
+
+**BUG修复**
+
+* 删除对象 --> 再次打开删除对象的对话框时,确认对象名称的输入框包含了上次删除的对象的名称
+
## v1.0.5.4
**发布日期**