こんにちは。
株式会社クラスアクト インフラストラクチャ事業部の大塚です。
この記事ではmicrok8sにあるk8sのdashboardの使い方を備忘録的な感じでメモレベルで書いていきたいと思います。
事前確認
dashboardがenableになっていることを確認します。
もしdisableとなっている場合はmicrok8s enable dashboardでOKです。
root@k8s-master:~# microk8s status
microk8s is running
high-availability: no
datastore master nodes: 192.168.2.30:19001
datastore standby nodes: none
addons:
enabled:
dashboard # (core) The Kubernetes dashboard
dns # (core) CoreDNS
ha-cluster # (core) Configure high availability on the current node
helm # (core) Helm - the package manager for Kubernetes
helm3 # (core) Helm 3 - the package manager for Kubernetes
metallb # (core) Loadbalancer for your Kubernetes cluster
metrics-server # (core) K8s Metrics Server for API access to service metrics
disabled:
cert-manager # (core) Cloud native certificate management
community # (core) The community addons repository
gpu # (core) Automatic enablement of Nvidia CUDA
host-access # (core) Allow Pods connecting to Host services smoothly
hostpath-storage # (core) Storage class; allocates storage from host directory
ingress # (core) Ingress controller for external access
kube-ovn # (core) An advanced network fabric for Kubernetes
mayastor # (core) OpenEBS MayaStor
minio # (core) MinIO object storage
observability # (core) A lightweight observability stack for logs, traces and metrics
prometheus # (core) Prometheus operator for monitoring and logging
rbac # (core) Role-Based Access Control for authorisation
registry # (core) Private image registry exposed on localhost:32000
storage # (core) Alias to hostpath-storage add-on, deprecated
次にどのnode上でk8s dashboardが動いているかを確認します。
kubectl get all -o wide --all-namespaceとかを打つと全部出てきます。
出力結果を見ますと、k8s-master node上で動いていますね。
root@k8s-master:~# kubectl get all -o wide --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kube-system pod/dashboard-metrics-scraper-7bc864c59-c7zjh 1/1 Running 1 (20h ago) 27h 10.1.235.203 k8s-master <none> <none>
kube-system pod/kubernetes-dashboard-dc96f9fc-h486l 1/1 Running 2 (11h ago) 27h 10.1.235.199 k8s-master <none> <none>
kube-system pod/calico-node-9vb8t 1/1 Running 0 11h 192.168.2.31 k8s-worker01 <none> <none>
kube-system pod/calico-node-nvh6v 1/1 Running 0 11h 192.168.2.32 k8s-worker02 <none> <none>
default pod/nginx-httpd-deployment-759b9b5f-vq8rp 2/2 Running 0 3h31m 10.1.235.209 k8s-master <none> <none>
default pod/nginx-httpd-deployment-759b9b5f-rsp86 2/2 Running 0 3h31m 10.1.79.68 k8s-worker01 <none> <none>
default pod/nginx-httpd-deployment-759b9b5f-h8k67 2/2 Running 0 3h31m 10.1.69.197 k8s-worker02 <none> <none>
metallb-system pod/controller-9556c586f-dsps6 1/1 Running 0 3h13m 10.1.69.198 k8s-worker02 <none> <none>
metallb-system pod/speaker-s859c 1/1 Running 0 3h13m 192.168.2.31 k8s-worker01 <none> <none>
metallb-system pod/speaker-wb5dg 1/1 Running 0 3h13m 192.168.2.32 k8s-worker02 <none> <none>
kube-system pod/calico-node-5j876 1/1 Running 0 11h 192.168.2.30 k8s-master <none> <none>
metallb-system pod/speaker-q4lns 1/1 Running 0 3h13m 192.168.2.30 k8s-master <none> <none>
kube-system pod/calico-kube-controllers-79568db7f8-9rkm6 1/1 Running 1 (20h ago) 27h 10.1.235.201 k8s-master <none> <none>
kube-system pod/metrics-server-6f754f88d-q6s4f 1/1 Running 1 (20h ago) 27h 10.1.235.200 k8s-master <none> <none>
kube-system pod/coredns-6f5f9b5d74-fjjwn 1/1 Running 1 (20h ago) 27h 10.1.235.204 k8s-master <none> <none>
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
default service/kubernetes ClusterIP 10.152.183.1 <none> 443/TCP 27h <none>
kube-system service/metrics-server ClusterIP 10.152.183.218 <none> 443/TCP 27h k8s-app=metrics-server
kube-system service/kubernetes-dashboard ClusterIP 10.152.183.222 <none> 443/TCP 27h k8s-app=kubernetes-dashboard
kube-system service/dashboard-metrics-scraper ClusterIP 10.152.183.173 <none> 8000/TCP 27h k8s-app=dashboard-metrics-scraper
kube-system service/kube-dns ClusterIP 10.152.183.10 <none> 53/UDP,53/TCP,9153/TCP 27h k8s-app=kube-dns
metallb-system service/webhook-service ClusterIP 10.152.183.76 <none> 443/TCP 3h13m component=controller
default service/lb-service-httpd-nginx LoadBalancer 10.152.183.197 192.168.2.35 8080:30080/TCP,9090:30090/TCP 3h14m app=web-app
NAMESPACE NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE CONTAINERS IMAGES SELECTOR
kube-system daemonset.apps/calico-node 3 3 3 3 3 kubernetes.io/os=linux 27h calico-node docker.io/calico/node:v3.23.5 k8s-app=calico-node
metallb-system daemonset.apps/speaker 3 3 3 3 3 kubernetes.io/os=linux 3h13m speaker quay.io/metallb/speaker:v0.13.3 app=metallb,component=speaker
NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
kube-system deployment.apps/kubernetes-dashboard 1/1 1 1 27h kubernetes-dashboard kubernetesui/dashboard:v2.7.0 k8s-app=kubernetes-dashboard
kube-system deployment.apps/dashboard-metrics-scraper 1/1 1 1 27h dashboard-metrics-scraper kubernetesui/metrics-scraper:v1.0.8 k8s-app=dashboard-metrics-scraper
kube-system deployment.apps/coredns 1/1 1 1 27h coredns coredns/coredns:1.9.3 k8s-app=kube-dns
kube-system deployment.apps/metrics-server 1/1 1 1 27h metrics-server registry.k8s.io/metrics-server/metrics-server:v0.5.2 k8s-app=metrics-server
kube-system deployment.apps/calico-kube-controllers 1/1 1 1 27h calico-kube-controllers docker.io/calico/kube-controllers:v3.23.5 k8s-app=calico-kube-controllers
default deployment.apps/nginx-httpd-deployment 3/3 3 3 3h31m web-httpd,web-nginx shotaohtsuka/my-httpd-image,nginx app=web-app
metallb-system deployment.apps/controller 1/1 1 1 3h13m controller quay.io/metallb/controller:v0.13.3 app=metallb,component=controller
NAMESPACE NAME DESIRED CURRENT READY AGE CONTAINERS IMAGES SELECTOR
kube-system replicaset.apps/kubernetes-dashboard-dc96f9fc 1 1 1 27h kubernetes-dashboard kubernetesui/dashboard:v2.7.0 k8s-app=kubernetes-dashboard,pod-template-hash=dc96f9fc
kube-system replicaset.apps/dashboard-metrics-scraper-7bc864c59 1 1 1 27h dashboard-metrics-scraper kubernetesui/metrics-scraper:v1.0.8 k8s-app=dashboard-metrics-scraper,pod-template-hash=7bc864c59
kube-system replicaset.apps/coredns-6f5f9b5d74 1 1 1 27h coredns coredns/coredns:1.9.3 k8s-app=kube-dns,pod-template-hash=6f5f9b5d74
kube-system replicaset.apps/metrics-server-6f754f88d 1 1 1 27h metrics-server registry.k8s.io/metrics-server/metrics-server:v0.5.2 k8s-app=metrics-server,pod-template-hash=6f754f88d
kube-system replicaset.apps/calico-kube-controllers-79568db7f8 1 1 1 27h calico-kube-controllers docker.io/calico/kube-controllers:v3.23.5 k8s-app=calico-kube-controllers,pod-template-hash=79568db7f8
default replicaset.apps/nginx-httpd-deployment-759b9b5f 3 3 3 3h31m web-httpd,web-nginx shotaohtsuka/my-httpd-image,nginx app=web-app,pod-template-hash=759b9b5f
metallb-system replicaset.apps/controller-9556c586f 1 1 1 3h13m controller quay.io/metallb/controller:v0.13.3
dashboardを外部公開し、Webブラウザで繋ぐ
dashboardのpodがあったnode上、今回の倍k8s-master nodeでmicrok8s dashboard-proxyコマンドを実行するだけでOKです。
出力結果として"Dashboard will be available at https://127.0.0.1:10443"とIPアドレスが違いますが、各自のnodeに設定しているIPアドレスに読み替えてください。
私の場合、k8s-master nodeは192.168.2.30なのでhttps://192.168.2.30:10443になります。
root@k8s-master:~# microk8s dashboard-proxy
Checking if Dashboard is running.
Infer repository core for addon dashboard
Waiting for Dashboard to come up.
Trying to get token from microk8s-dashboard-token
Waiting for secret token (attempt 0)
Dashboard will be available at https://127.0.0.1:10443
Use the following token to login:
eyJhbGciOiJSUzI1NiIsImtpZCI6InVGU204Qkt4bVQ5MTg5ZGxoODNPQTc0NlhyOVluVmdNUFJOT0pNODA1SGsifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJtaWNyb2s4cy1kYXNoYm9hcmQtdG9rZW4iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVmYXVsdCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjU4ZWQzMWFhLTA0MWMtNDg4ZC05NmIzLTM2ZWM2MThiMTdlNyIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTpkZWZhdWx0In0.UleT2ra73ppjnYZv6WE-vlCs9Qz6wXMByncbqyikqdvOtgVcvVmDryq-TIidY-7iXR9N79X3fPSY8s6dY_97YzQZb2-O86Fvxr6iHjQhGdd2FhgrVMKqvAf_Y5i_VdaCcxYR_HM-pWt4h6PAA8HYfYSCKFkuNC5gO7lTzQ764imTWGR6rRAosYZdDeOVqxWiVaMkKKgf4P9uCZlAMtQZynkBN6L5pFcV3d4TqDZfSSyyvY5r6wfaisgeQIhxYe_PlFrgDTIVvUKjnHXdfqxcFOFs8pjF_ZVwPM80aL2HDF7fDvMJK6-R5iRR4CWKINp_edLvnb0hkbbXDej-zhpPUg
適当なwebブラウザを開き、先程のURLを入力します。
以下の様な警告が出ますが気にしないでください。
警告を無視して接続を続けると以下の様な画面になります。
ここで聞かれているトークンというのはmicrok8s dashboard-proxyコマンド実行時に出力された"Use the following token to login:"以下の文字列全量です。
これをコピーして貼り付けてください。
これで完了です。
WebUIはあると便利ですが、一方でこれはエンジニアあるあるだと思うのですが『慣れるとGUIよりCUIの方が楽』的な事がまかり通るので、実際に使うかは不明です。
適当にyamlを突っ込んでデプロイして『おーっ!』って2,3回言ってGUIは終わりな気がします(笑)
