Chrome 不能打开 kubernetes Dashboard 解决方法

Posted by sysin on 2019-08-15
Estimated Reading Time 1 Minutes
Words 314 In Total
Viewed Times

作者:gc(at)sysin.org,主页:www.sysin.org

步骤:

1
2
3
4
5
6
7
8
9
10
11
12
13
mkdir key && cd key
#生成证书
openssl genrsa -out dashboard.key 2048
openssl req -new -out dashboard.csr -key dashboard.key -subj '/CN=kubernetes-dashboard-certs'
openssl x509 -req -in dashboard.csr -signkey dashboard.key -out dashboard.crt
#删除原有的证书secret
kubectl delete secret kubernetes-dashboard-certs -n kube-system
#创建新的证书secret
kubectl create secret generic kubernetes-dashboard-certs --from-file=dashboard.key --from-file=dashboard.crt -n kube-system
#查看dashboard pod,v2.0是 -n kubernetes-dashboard
kubectl get pod -n kube-system
#重启dashboard pod,v2.0是 -n kubernetes-dashboard
kubectl delete pod <pod name> -n kube-system

在部署 Dashboard 时手动创建证书

  • 修改配置文件

    vi dashboard.yaml

1
2
3
4
5
6
7
8
9
10
11
12
---
#因为自动生成的证书很多浏览器无法使用,所以我们自己创建,注释掉kubernetes-dashboard-certs对象声明
#apiVersion: v1
#kind: Secret
#metadata:
# labels:
# k8s-app: kubernetes-dashboard
# name: kubernetes-dashboard-certs
# namespace: kubernetes-dashboard
#type: Opaque

---
  • 创建证书
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
mkdir dashboard-certs

cd dashboard-certs/

#创建命名空间
kubectl create namespace kubernetes-dashboard

# 创建key文件
openssl genrsa -out dashboard.key 2048

#证书请求,CN=可修改为实际IP或者域名
openssl req -days 36000 -new -out dashboard.csr -key dashboard.key -subj '/CN=kubernetes-dashboard-certs'

#自签证书
openssl x509 -req -in dashboard.csr -signkey dashboard.key -out dashboard.crt

#创建kubernetes-dashboard-certs对象
kubectl create secret generic kubernetes-dashboard-certs --from-file=dashboard.key --from-file=dashboard.crt -n kubernetes-dashboard

备注:dashboard v2.0 namespace 是 kubernetes-dashboard




如果文章中使用的内容和图片侵犯了您的版权,请联系作者删除。如果您喜欢这篇文章或者觉得它对您有用,欢迎您发表评论,也欢迎您分享这个网站,或者赞赏一下作者,谢谢!


支付宝打赏 微信打赏

赞赏一下