1、生成访问证书
grep 'client-certificate-data' ~/.kube/config | head -n 1 | awk '{print $2}' | base64 -d >> kubecfg.crt
grep 'client-key-data' ~/.kube/config | head -n 1 | awk '{print $2}' | base64 -d >> kubecfg.key
openssl pkcs12 -export -clcerts -inkey kubecfg.key -in kubecfg.crt -out kubecfg.p12 -name "kubernetes-client"将生成的kubecfg.p12证书导入到Windows中,直接双击打开,下一步导入即可。
注意:导入完成后需重启浏览器。
2、生成访问Token
新建文件admin-user.yaml:
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kube-system创建角色及绑定账号
kubectl create -f admin-user.yaml
获取Token
kubectl describe secret admin-user --namespace=kube-system此次先记录下生成的Token
3、部署kubernetes-dashboard
curl -o kubernetes-dashboard.yaml https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended/kubernetes-dashboard.yaml
vi kubernetes-dashboard.yaml
修改image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1为:
image: mirrorgooglecontainers/kubernetes-dashboard-amd64:v1.10.1
kubectl apply -f kubernetes-dashboard.yaml4、访问
https://192.170.38.92:6443/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/
192.170.38.92为MasterIP,6443为apiserver-port
然后在登录选项中选择令牌登录,复制进刚刚生成的令牌即可。