Kubernetes 1.22.9 build and deploy dashboard visual UI


Reference blog: https://blog.csdn.net/qq_41632602/article/details/115366909
Reference blog:
Based on the two articles, a series of changes have been made according to their own environment and needs

Cluster planning

  1. Overall planning
host nameIP addressrole
node 1192.168.56.4node 1
node 2192.168.56.5node 2
  1. Using components: docker, kubelet, kubedm, kubectl

  2. Note: the IP address needs to be changed according to its own virtual machine IP address

Installation of kubernetes

Set the host name (this article uses the root user, and non root users can join the sudo command)
All three hosts need to do

hostnamectl set-hostname master
hostnamectl set-hostname node1
hostnamectl set-hostname node2

Modify the / etc/hostname file and add the corresponding relationship between host name and IP

vi /etc/hosts matser node1 node2

Turn off the firewall

systemctl stop firewalld 
systemctl disable firewalld

Ignore swap partitions and prevent booting
If the swap partition is enabled, kebelet will fail to start, so each machine should close the swap partition

swapoff -a
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

Close SELinux and modify the configuration file to take effect permanently
Otherwise, an error Permission denied may be reported when the subsequent K8S mounts the directory:

setenforce 0
vi /etc/selinux/config (modify SELINUX=disabled)

Configure kernel parameters

cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
sysctl --system

Install docker
Remove the original docker

yum remove docker \
                  docker-client \
                  docker-client-latest \
                  docker-common \
                  docker-latest \
                  docker-latest-logrotate \
                  docker-logrotate \

If the deletion is successful or there is no file, it means success

Install some necessary system tools

yum install -y yum-utils device-mapper-persistent-data lvm2

Add software source information

yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

Update and install docker CE

yum makecache fast

Start installing docker

yum -y install docker-ce

Start docker

yum -y install docker-ce

View dockers status

systemctl status docker

If active:active(running) indicates that docker is running normally
If there is a problem, enter journalctl -xe or check the system log (vim /var/log/message) to see the reason
Use accelerator

mkdir -p /etc/docker
tee /etc/docker/daemon.json <<- 'EOF'
	"registry-mirrors: ["https://s2q9fn53.mirror.aliyuncs.com"]
systemctl daemon-reload && sudo systemctl restart docker

Add kubernetes alicloud source

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg

Install kubelet kubedmn kubectl

yum install -y kubectl-1.22.9 && yum install -y kubelet-1.22.9 && yum install -y kubeadm-1.22.9
systemctl enable kubelet && systemctl start kubelet

Initialize k8s cluster

kubeadm init --kubernetes-version=1.22.9 --apiserver-advertise-address= --image-repository registry.aliyuncs.com/google_containers --service-cidr= --pod-network-cidr=

If initialization error is reported, check the kubelet status

systemctl status kubelet

If it fails, the solution is as follows:
Execute the command to view the docker's Cgroup:

docker info |grep Cgroup

Modify the daemon of docker JSON configuration

vi /etc/docker/daemon.json
  "registry-mirrors": ["https://lhx5mss7.mirror.aliyuncs.com"], 
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  "storage-driver": "overlay2",
  "storage-opts": [

Update installation systemd

yum update systemd

Restart docker

systemctl daemon-reload&&systemctl restart docker

Reset kubedm

kubeadm reset -f


kubeadm init --kubernetes-version=1.22.9 --apiserver-advertise-address= --image-repository registry.aliyuncs.com/google_containers --service-cidr= --pod-network-cidr=

Your kubernetes control plane has initialized successfully! Indicates successful installation

In addition: check the following contents, which will be used later

kubeadm join --token ys4kum.voz9oqs2048ljfdp --discovery-token-ca-cert-hash sha256:35d21aef13298edef1bcade1202da8b3871ac41e325becdba200ecc48b5a97b0

Then execute the following commands according to the pop-up prompt:

mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

According to the above steps, after the kube of the other two nodes is also completed, enter the following command in the other two nodes:
vi /etc/docker/daemon.json # enter the following:

  "registry-mirrors": ["https://lhx5mss7.mirror.aliyuncs.com"], 
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  "storage-driver": "overlay2",
  "storage-opts": [

Execute the following command

yum update systemd
systemctl daemon-reload
systemctl restart docker
kubeadm reset -f

Then you can join the cluster:

kubeadm reset
kubeadm join --token ys4kum.voz9oqs2048ljfdp --discovery-token-ca-cert-hash sha256:35d21aef13298edef1bcade1202da8b3871ac41e325becdba200ecc48b5a97b0

After the other two nodes join the cluster successfully, you can see the following:
This node has joined the cluster:

  • Certificate signing request was sent to apiserver and a response was received.
  • The Kubelet was informed of the new secure connection details.
    Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

Command to view the token: [the following commands are executed on the master node]

kubeadm token list

If the token expires in the future, you can create a new permanent token:

kubeadm token create --ttl 0 

# Get the hash value of ca certificate sha256 encoding
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
The following values are obtained:

When the node exits the cluster (excluding), the following commands are executed on the master node

kubectl cordon node1
kubectl cordon node2

Then expel the pod on the adjustment point

kubectl drain node1
kubectl drain node2

If there is a problem with the node and the instruction cannot be executed, the method of forced expulsion can be adopted to delete a running pod, for example:

kubectl delete pods -n kube-system nginx-6qz6s

This is mainly to perform this: eliminate or exit nodes from the cluster

kubectl delete node node1
kubectl delete node node2

The node node is used when rejoining the cluster. [the following commands are executed on nodes slave1 and slave2]

kubeadm reset
kubeadm join --token d4offl.d3mufkukeb0b6y27 --discovery-token-ca-cert-hash sha256:35d21aef13298edef1bcade1202da8b3871ac41e325becdba200ecc48b5a97b0

Check whether the node is joined [the following commands are executed on the master node]

kubectl get nodes
NAME     STATUS     ROLES                            AGE   VERSION
master   NotReady   control-plane,master    56m   v1.22.9
node1    NotReady   <none>                         62s     v1.22.9
node2    NotReady   <none>                         20s     v1.22.9

Install network plug-in: - flannel
Obtain the yml file content of flannel at the following address:


Store the contents in Kube flannel under the current root user's home directory ~ In YML file

kubectl apply -f kube-flannel.yml	

Wait a moment and check the following commands:

kubectl get pods -n kube-system

Results obtained:

NAME                             READY   STATUS    RESTARTS   AGE
coredns-7f6cbbb7b8-jcgsx         1/1     Running   0          17m
coredns-7f6cbbb7b8-wgknx         1/1     Running   0          17m
etcd-master                      1/1     Running   3          18m
kube-apiserver-master            1/1     Running   0          18m
kube-controller-manager-master   1/1     Running   0          18m
kube-flannel-ds-kmkqx            1/1     Running   0          3m26s
kube-flannel-ds-qp48p            1/1     Running   0          3m26s
kube-flannel-ds-zp2zl            1/1     Running   0          3m26s
kube-proxy-2ftbn                 1/1     Running   0          17m
kube-proxy-btckv                 1/1     Running   0          11m
kube-proxy-sz9cf                 1/1     Running   0          11m
kube-scheduler-master            1/1     Running   3          18m

Add a roles role label to other nodes

kubectl label node node1 node-role.kubernetes.io/slave=
kubectl label node node2 node-role.kubernetes.io/slave=

As can be seen from the above, Kube flannel's pod has been running. Re execute the view node command:

kubectl get nodes 

The results are as follows:

master   Ready    control-plane,master   36m   v1.22.9
node1   Ready    slave                  30m   v1.22.9
node2   Ready    slave                  29m   v1.22.9

The construction of k8s has been completed.

Installation of dash board visual UI

View the specific corresponding version

Open with vpn
Copy page information

cd  /home
vi recommended.yaml
#Write the copied page information to
#Create pod
kubectl apply -f recommended.yaml

View, successfully created

[root@master1 ~]# kubectl get pods --all-namespaces
NAMESPACE              NAME                                         READY   STATUS    RESTARTS   AGE
default                nginx-5578584966-ch9x4                       1/1     Running   1          8h
kube-system            coredns-9d85f5447-qghnb                      1/1     Running   38         6d13h
kube-system            coredns-9d85f5447-xqsl2                      1/1     Running   37         6d13h
kube-system            etcd-master1                                 1/1     Running   8          6d13h
kube-system            kube-apiserver-master1                       1/1     Running   9          6d13h
kube-system            kube-controller-manager-master1              1/1     Running   8          6d13h
kube-system            kube-flannel-ds-amd64-h2f4w                  1/1     Running   5          6d10h
kube-system            kube-flannel-ds-amd64-z57qk                  1/1     Running   1          10h
kube-system            kube-proxy-4j8pj                             1/1     Running   1          10h
kube-system            kube-proxy-xk7gq                             1/1     Running   7          6d13h
kube-system            kube-scheduler-master1                       1/1     Running   9          6d13h
kubernetes-dashboard   dashboard-metrics-scraper-7b8b58dc8b-5r22j   1/1     Running   0          15m
kubernetes-dashboard   kubernetes-dashboard-866f987876-gv2qw        1/1     Running   0          15m

Delete the existing dashboard service. The namespace of the dashboard service is kubernetes dashboard, but the service type is ClusterIP, which is not convenient for us to access through the browser. Therefore, it needs to be changed to NodePort

# View existing services
[root@master1 ~]# kubectl get svc --all-namespaces
NAMESPACE              NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                  AGE
default                kubernetes                  ClusterIP        <none>        443/TCP                  6d13h
default                nginx                       NodePort   <none>        80:31863/TCP             8h
kube-system            kube-dns                    ClusterIP       <none>        53/UDP,53/TCP,9153/TCP   6d13h
kubernetes-dashboard   dashboard-metrics-scraper   ClusterIP   <none>        8000/TCP                 61s
kubernetes-dashboard   kubernetes-dashboard        ClusterIP    <none>        443/TCP                  61s


kubectl delete service kubernetes-dashboard --namespace=kubernetes-dashboard

create profile

vi dashboard-svc.yaml
kind: Service
apiVersion: v1
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
  type: NodePort
    - port: 443
      targetPort: 8443
    k8s-app: kubernetes-dashboard


kubectl apply -f dashboard-svc.yaml

Check the service again, success

kubectl get svc --all-namespaces
NAMESPACE              NAME                        TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                  AGE
default                kubernetes                  ClusterIP        <none>        443/TCP                  6d13h
default                nginx                       NodePort   <none>        80:31863/TCP             8h
kube-system            kube-dns                    ClusterIP       <none>        53/UDP,53/TCP,9153/TCP   6d13h
kubernetes-dashboard   dashboard-metrics-scraper   ClusterIP   <none>        8000/TCP                 4m32s
kubernetes-dashboard   kubernetes-dashboard        NodePort    <none>        443:30432/TCP            10s

If you want to access the dashboard service, you must have access rights and create the kubernetes dashboard administrator role

vi dashboard-svc-account.yaml
# result
apiVersion: v1
kind: ServiceAccount
  name: dashboard-admin
  namespace: kube-system
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
  name: dashboard-admin
  - kind: ServiceAccount
    name: dashboard-admin
    namespace: kube-system
  kind: ClusterRole
  name: cluster-admin
  apiGroup: rbac.authorization.k8s.io
# implement
kubectl apply -f dashboard-svc-account.yaml

Get token

kubectl get secret -n kube-system |grep admin|awk '{print $1}'
#A string will be generated. Copy this string and use it below
kubectl describe secret dashboard-admin-token-bwgjv -n kube-system|grep '^token'|awk '{print $2}'

Visit the page, and the virtual machine ip is masterIP
The port is the port viewed by kubectl get SVC -- all namespaces 30142

Paste the above token into the token, and then enter the page

Tags: Linux Docker Kubernetes

Posted by dudejma on Sun, 22 May 2022 06:21:54 +0300