安装方法参考的文档见本文末尾，个人感觉一步一步安装一下还是挺有意思的~~

1.安装dashboard：

wget -O kubernetes-dashboard.yaml sed -i "s/k8s\.gcr\.io/hati/g" kubernetes-dashboard.yaml

kubectl apply -f kubernetes-dashboard.yamlkubectl get pods -n kube-system

2.创建服务账户，绑定集群角色：

service_account.yaml

1 apiVersion: v12  kind: ServiceAccount3  metadata:4    name: admin-user5    namespace: kube-system

clusterrolebinding.yaml

1 apiVersion: rbac.authorization.k8s.io/v1 2  kind: ClusterRoleBinding 3  metadata: 4    name: admin-user 5  roleRef: 6    apiGroup: rbac.authorization.k8s.io 7    kind: ClusterRole 8    name: cluster-admin 9  subjects:10  - kind: ServiceAccount11    name: admin-user12    namespace: kube-system

kubectl apply -f service_account.yaml kubectl apply -f clusterrolebinding.yaml#Bearer Tokenkubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

备注：copy生成的token，用于登录dashboad。

3.生成用户证书

过程中会要求输入导出证书时用到的密钥，请务必记住。

grep 'client-certificate-data' ~/.kube/config | head -n 1 | awk '{print $2}' | base64 -d >> kubecfg.crtgrep 'client-key-data' ~/.kube/config | head -n 1 | awk '{print $2}' | base64 -d >> kubecfg.keyopenssl pkcs12 -export -clcerts -inkey kubecfg.key -in kubecfg.crt -out kubecfg.p12 -name "kubernetes-client"echo "Please install the kubecfg.p12 certificate in your browser, and then restart browser."

4.安装图形化插件heapster

wget -O grafana.yaml wget -O heapster.yaml wget -O influxdb.yaml wget -O heapster-rbac.yaml  ​# Set port ype as "NodePort" for test environmentsed -i "s/\# type: NodePort/type: NodePort/g" grafana.yaml# Set only use API server proxy to access grafanased -i "s/value: \//\#value: \//g" grafana.yamlsed -i "s/\# \#value: \/api/value: \/api/g" grafana.yamlsed -i "s/name: ca-certificates/name: ca-certs/g" grafana.yaml sed -i "s/heapster-grafana-amd64:v5\.0\.4/heapster-grafana-amd:v4\.4\.3/g" grafana.yaml sed -i "s/https:\/\/kubernetes\.default/https:\/\/kubernetes\.default:443?useServiceAccount=true\&kubeletHttps=true\&kubeletPort=10250\&insecure=true/g" heapster.yaml sed -i "s/name: system:heapster/name: cluster-admin/g" heapster-rbac.yaml ​ #Replace k8s.gcr.io image with hati sed -i "s/k8s\.gcr\.io/hati/g" grafana.yaml sed -i "s/k8s\.gcr\.io/hati/g" heapster.yaml sed -i "s/k8s\.gcr\.io/hati/g" influxdb.yaml

kubectl apply -f grafana.yamlkubectl apply -f heapster.yamlkubectl apply -f influxdb.yamlkubectl apply -f heapster-rbac.yamlkubectl get pods -n kube-systemkubectl cluster-info

 将生成的用户证书kubecfg.p12导入到浏览器中(以Chrome为例，设置->高级->管理证书->导入)，然后访问地址(ip和port做相应的更改)：

 https://<master-ip>:<apiserver-port>/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/

在令牌处输入保存的token登录dashboard：

 

 

 

 参考文档：