# Dashboard 作为Kubernetes的Web用户界面,用户可以通过Dashboard在Kubernetes集群中部署容器化的应用,对应用进行问题处理和管理,并对集群本身进行管理。通过Dashboard,用户可以查看集群中应用的运行情况,同时也能够基于Dashboard创建或修改部署、任务、服务等Kubernetes的资源。通过部署向导,用户能够对部署进行扩缩容,进行滚动更新、重启Pod和部署新应用。当然,通过Dashboard也能够查看Kubernetes资源的状态。 ```shell 1.下载Dashboard(https://github.com/kubernetes/dashboard) 官方yaml文件 $ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml # vim ServiceAccount.yaml apiVersion: v1 kind: ServiceAccount metadata: name: admin-user namespace: kube-system # vim rbac.yaml apiVersion: v1 kind: ServiceAccount metadata: name: kubernetes-dashboard namespace: kube-system --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: kubernetes-dashboard subjects: - kind: ServiceAccount name: kubernetes-dashboard namespace: kube-system roleRef: kind: ClusterRole name: cluster-admin apiGroup: rbac.authorization.k8s.io # vim k8s-admin.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: admin-user roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: admin-user namespace: kube-system ``` **# 在上面我创建basic_auth.csv文件时,直接给了admin用户一个system:masters组,这个组拥有超级管理员权限,如果创建用户的时候没有授权,也可以通过rbac进行授权如下**: ``` #kubectl create clusterrolebinding login-on-dashboard-with-cluster-admin --clusterrole=cluster-admin --user=admin clusterrolebinding "login-on-dashboard-with-cluster-admin" created #kubectl get clusterrolebinding/login-on-dashboard-with-cluster-admin -o yaml apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: creationTimestamp: 2017-07-20T08:57:07Z name: login-on-dashboard-with-cluster-admin resourceVersion: "5363564" selfLink: /apis/rbac.authorization.k8s.io/v1beta1/clusterrolebindingslogin-on-dashboard-with-cluster-admin uid: 686a3f36-6d29-11e7-8f69-00163e1001d7 roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - apiGroup: rbac.authorization.k8s.io kubectl create -f . ``` 访问UI页面:https://localhost:port # DashboardUI页面: ![](https://box.kancloud.cn/adeaa9c44654af68b382c0f452dd08f2_2808x1412.png)