一、部署Kuboard¶
参考链接:https://kuboard.cn/install/v3/install-in-k8s.html#%E6%96%B9%E6%B3%95%E4%BA%8C-%E4%BD%BF%E7%94%A8-storageclass-%E6%8F%90%E4%BE%9B%E6%8C%81%E4%B9%85%E5%8C%96
1、在master01节点上创建存储目录
[root@master01 ~]# mkdir 11
[root@master01 ~]# cd 11
2、在master01节点上修改kuboard-v3.yaml文件
[root@master01 11]# vim kuboard-v3.yaml
#修改第16行内容
KUBOARD_ENDPOINT: 'http://<kuboard-endpoint>:30080'
#修改第111行内容
storageClassName: nfs-storage
#第122行内容下面新增namespace配置信息
namespace: kuboard
#修改第125行内容
storageClassName: nfs-storage
#完整配置文件
[root@master01 11]# egrep -v "#|^$" kuboard-v3.yaml
---
apiVersion: v1
kind: Namespace
metadata:
name: kuboard
---
apiVersion: v1
kind: ConfigMap
metadata:
name: kuboard-v3-config
namespace: kuboard
data:
KUBOARD_ENDPOINT: 'http://<kuboard-endpoint>:30080'
KUBOARD_AGENT_SERVER_UDP_PORT: '30081'
KUBOARD_AGENT_SERVER_TCP_PORT: '30081'
KUBOARD_AGENT_KEY: <your-agent-key>
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: kuboard-etcd
namespace: kuboard
labels:
app: kuboard-etcd
spec:
serviceName: kuboard-etcd
replicas: 3
selector:
matchLabels:
app: kuboard-etcd
template:
metadata:
name: kuboard-etcd
labels:
app: kuboard-etcd
spec:
containers:
- name: kuboard-etcd
image: swr.cn-east-2.myhuaweicloud.com/kuboard/etcd:v3.4.14
ports:
- containerPort: 2379
name: client
- containerPort: 2380
name: peer
env:
- name: KUBOARD_ETCD_ENDPOINTS
value: >-
kuboard-etcd-0.kuboard-etcd:2379,kuboard-etcd-1.kuboard-etcd:2379,kuboard-etcd-2.kuboard-etcd:2379
volumeMounts:
- name: data
mountPath: /data
command:
- /bin/sh
- -c
- |
PEERS="kuboard-etcd-0=http://kuboard-etcd-0.kuboard-etcd:2380,kuboard-etcd-1=http://kuboard-etcd-1.kuboard-etcd:2380,kuboard-etcd-2=http://kuboard-etcd-2.kuboard-etcd:2380"
exec etcd --name ${HOSTNAME} \
--listen-peer-urls http://0.0.0.0:2380 \
--listen-client-urls http://0.0.0.0:2379 \
--advertise-client-urls http://${HOSTNAME}.kuboard-etcd:2379 \
--initial-advertise-peer-urls http://${HOSTNAME}:2380 \
--initial-cluster-token kuboard-etcd-cluster-1 \
--initial-cluster ${PEERS} \
--initial-cluster-state new \
--data-dir /data/kuboard.etcd
volumeClaimTemplates:
- metadata:
name: data
spec:
storageClassName: nfs-storage
accessModes: [ "ReadWriteMany" ]
resources:
requests:
storage: 5Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kuboard-data-pvc
namespace: kuboard
spec:
storageClassName: nfs-storage
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: Service
metadata:
name: kuboard-etcd
namespace: kuboard
spec:
type: ClusterIP
ports:
- port: 2379
name: client
- port: 2380
name: peer
selector:
app: kuboard-etcd
---
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: '9'
k8s.kuboard.cn/ingress: 'false'
k8s.kuboard.cn/service: NodePort
k8s.kuboard.cn/workload: kuboard-v3
labels:
k8s.kuboard.cn/name: kuboard-v3
name: kuboard-v3
namespace: kuboard
spec:
replicas: 1
selector:
matchLabels:
k8s.kuboard.cn/name: kuboard-v3
template:
metadata:
labels:
k8s.kuboard.cn/name: kuboard-v3
spec:
containers:
- env:
- name: KUBOARD_ETCD_ENDPOINTS
value: >-
kuboard-etcd-0.kuboard-etcd:2379,kuboard-etcd-1.kuboard-etcd:2379,kuboard-etcd-2.kuboard-etcd:2379
- name: KUBOARD_INSECURE
value: "true"
envFrom:
- configMapRef:
name: kuboard-v3-config
image: 'swr.cn-east-2.myhuaweicloud.com/kuboard/kuboard:v3'
imagePullPolicy: Always
name: kuboard
volumeMounts:
- mountPath: "/data"
name: kuboard-data
volumes:
- name: kuboard-data
persistentVolumeClaim:
claimName: kuboard-data-pvc
---
apiVersion: v1
kind: Service
metadata:
annotations:
k8s.kuboard.cn/workload: kuboard-v3
labels:
k8s.kuboard.cn/name: kuboard-v3
name: kuboard-v3
namespace: kuboard
spec:
ports:
- name: webui
nodePort: 30080
port: 80
protocol: TCP
targetPort: 80
- name: agentservertcp
nodePort: 30081
port: 10081
protocol: TCP
targetPort: 10081
- name: agentserverudp
nodePort: 30081
port: 10081
protocol: UDP
targetPort: 10081
selector:
k8s.kuboard.cn/name: kuboard-v3
sessionAffinity: None
type: NodePort
3、在master01节点上应用kuboard-v3.yaml文件
[root@master01 11]# kubectl apply -f kuboard-v3.yaml
验证
[root@master01 11]# kubectl get -f kuboard-v3.yaml
NAME STATUS AGE
namespace/kuboard Active 25s
NAME DATA AGE
configmap/kuboard-v3-config 5 25s
NAME READY AGE
statefulset.apps/kuboard-etcd 3/3 25s
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
persistentvolumeclaim/kuboard-data-pvc Bound pvc-8fee67a8-395a-4ed2-bc36-8101ab5ae2fa 10Gi RWO nfs-storage 25s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kuboard-etcd ClusterIP 192.168.27.254 <none> 2379/TCP,2380/TCP 25s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/kuboard-v3 1/1 1 1 25s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kuboard-v3 NodePort 192.168.115.105 <none> 80:30080/TCP,10081:30081/TCP,10081:30081/UDP 25s
4、浏览器输入http://10.0.0.60:30080/进行访问,账号密码为admin/Kuboard123
5、添加集群
点击【添加集群】
定义集群信息
-
名称:dev-k8s
-
描述:k8s测试集群
-
kubeconfig
yaml
[root@master01 11]# cat /root/.kube/config
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: <redacted-ca-data>
server: https://<master-real-ip>:16443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubernetes-admin
name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes
kind: Config
preferences: {}
users:
- name: kubernetes-admin
user:
client-certificate-data: <redacted-client-certificate-data>
client-key-data: <redacted-client-key-data>
-
Context:通过kubeconfig自动生成
-
ApiServer地址:https://<master-real-ip>:16443
6、请选择访问集群时所用的身份
- 使用ServiceAccount kuboard-admin
二、部署遇到的问题¶
2.1 问题信息¶
K8s接入Kuboard-v3提示如下信息:
【Kuboard 不能连接 APIServer】 Post "https://<master-real-ip>:16443/apis/authorization.k8s.io/v1/selfsubjectrulesreviews": x509: certificate signed by unknown authority【您可以尝试在此处使用 Master 节点的真实 IP】
2.2 问题处理¶
修改kuboard-v3.yaml文件,添加如下配置信息
- name: KUBOARD_INSECURE
value: "true"
完整配置文件
[root@master01 11]# egrep -v "#|^$" kuboard-v3.yaml
---
apiVersion: v1
kind: Namespace
metadata:
name: kuboard
---
apiVersion: v1
kind: ConfigMap
metadata:
name: kuboard-v3-config
namespace: kuboard
data:
KUBOARD_ENDPOINT: 'http://<kuboard-endpoint>:30080'
KUBOARD_AGENT_SERVER_UDP_PORT: '30081'
KUBOARD_AGENT_SERVER_TCP_PORT: '30081'
KUBOARD_AGENT_KEY: <your-agent-key>
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: kuboard-etcd
namespace: kuboard
labels:
app: kuboard-etcd
spec:
serviceName: kuboard-etcd
replicas: 3
selector:
matchLabels:
app: kuboard-etcd
template:
metadata:
name: kuboard-etcd
labels:
app: kuboard-etcd
spec:
containers:
- name: kuboard-etcd
image: swr.cn-east-2.myhuaweicloud.com/kuboard/etcd:v3.4.14
ports:
- containerPort: 2379
name: client
- containerPort: 2380
name: peer
env:
- name: KUBOARD_ETCD_ENDPOINTS
value: >-
kuboard-etcd-0.kuboard-etcd:2379,kuboard-etcd-1.kuboard-etcd:2379,kuboard-etcd-2.kuboard-etcd:2379
volumeMounts:
- name: data
mountPath: /data
command:
- /bin/sh
- -c
- |
PEERS="kuboard-etcd-0=http://kuboard-etcd-0.kuboard-etcd:2380,kuboard-etcd-1=http://kuboard-etcd-1.kuboard-etcd:2380,kuboard-etcd-2=http://kuboard-etcd-2.kuboard-etcd:2380"
exec etcd --name ${HOSTNAME} \
--listen-peer-urls http://0.0.0.0:2380 \
--listen-client-urls http://0.0.0.0:2379 \
--advertise-client-urls http://${HOSTNAME}.kuboard-etcd:2379 \
--initial-advertise-peer-urls http://${HOSTNAME}:2380 \
--initial-cluster-token kuboard-etcd-cluster-1 \
--initial-cluster ${PEERS} \
--initial-cluster-state new \
--data-dir /data/kuboard.etcd
volumeClaimTemplates:
- metadata:
name: data
spec:
storageClassName: nfs-storage
accessModes: [ "ReadWriteMany" ]
resources:
requests:
storage: 5Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kuboard-data-pvc
namespace: kuboard
spec:
storageClassName: nfs-storage
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: Service
metadata:
name: kuboard-etcd
namespace: kuboard
spec:
type: ClusterIP
ports:
- port: 2379
name: client
- port: 2380
name: peer
selector:
app: kuboard-etcd
---
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: '9'
k8s.kuboard.cn/ingress: 'false'
k8s.kuboard.cn/service: NodePort
k8s.kuboard.cn/workload: kuboard-v3
labels:
k8s.kuboard.cn/name: kuboard-v3
name: kuboard-v3
namespace: kuboard
spec:
replicas: 1
selector:
matchLabels:
k8s.kuboard.cn/name: kuboard-v3
template:
metadata:
labels:
k8s.kuboard.cn/name: kuboard-v3
spec:
containers:
- env:
- name: KUBOARD_ETCD_ENDPOINTS
value: >-
kuboard-etcd-0.kuboard-etcd:2379,kuboard-etcd-1.kuboard-etcd:2379,kuboard-etcd-2.kuboard-etcd:2379
- name: KUBOARD_INSECURE
value: "true"
envFrom:
- configMapRef:
name: kuboard-v3-config
image: 'swr.cn-east-2.myhuaweicloud.com/kuboard/kuboard:v3'
imagePullPolicy: Always
name: kuboard
volumeMounts:
- mountPath: "/data"
name: kuboard-data
volumes:
- name: kuboard-data
persistentVolumeClaim:
claimName: kuboard-data-pvc
---
apiVersion: v1
kind: Service
metadata:
annotations:
k8s.kuboard.cn/workload: kuboard-v3
labels:
k8s.kuboard.cn/name: kuboard-v3
name: kuboard-v3
namespace: kuboard
spec:
ports:
- name: webui
nodePort: 30080
port: 80
protocol: TCP
targetPort: 80
- name: agentservertcp
nodePort: 30081
port: 10081
protocol: TCP
targetPort: 10081
- name: agentserverudp
nodePort: 30081
port: 10081
protocol: UDP
targetPort: 10081
selector:
k8s.kuboard.cn/name: kuboard-v3
sessionAffinity: None
type: NodePort
重新应用
[root@master01 11]#k delete -f kuboard-v3.yaml
[root@master01 11]#kaf kuboard-v3.yaml