如何在外部IP地址上安装Kubernetes仪表板?
[英]How to install Kubernetes dashboard on external IP address?
问题描述
How to install Kubernetes dashboard on external IP address? 
如何在外部IP地址上安装Kubernetes仪表板? Is there any tutorial for this? 有为此的任何教程吗?
1 个解决方案
解决方案1
1 已采纳 2018-04-17 08:19:54
You can expose services and pods in several ways: 您可以通过几种方式公开服务和Pod:
- expose the internal ClusterIP service through Ingress, if you have that set up. 如果已设置,则通过Ingress公开内部ClusterIP服务。
- change the service type to use 'type: LoadBalancer', which will try to create an external load balancer. 将服务类型更改为使用“类型:LoadBalancer”,它将尝试创建外部负载平衡器。
If you have external IP addresses on your kubernetes nodes, you can also expose the ports directly on the node hosts; 如果kubernetes节点上具有外部IP地址,则还可以直接在节点主机上公开端口; however, I would avoid these unless it's a small, test cluster. 但是,除非是小型的测试集群,否则我会避免使用它们。
- change the service type to 'type: NodePort', which will utilize a port above 30000 on all cluster machines. 将服务类型更改为“类型:NodePort”,这将在所有群集计算机上使用30000以上的端口。
- expose the pod directly using 'type: HostPort' in the pod spec. 使用Pod规范中的“ type:HostPort”直接暴露Pod。
Depending on your cluster type (Kops-created, GKE, EKS, AKS and so on), different variants may not be setup. 根据您的集群类型(创建的Kops,GKE,EKS,AKS等),可能不会设置不同的变体。 Hosted clusters typically support and recommend LoadBalancers, which they charge for, but may or may not have support for NodePort/HostPort. 托管群集通常支持并推荐LoadBalancers,由它们负责,但可能不支持NodePort / HostPort。
Another, more important note is that you must ensure you protect the dashboard. 另一个更重要的注意事项是,您必须确保保护仪表板。 Running an unprotected dashboard is a sure way of getting your cluster compromised; 运行不受保护的仪表板是确保群集受到破坏的可靠方法。 this recently happened to Tesla . 这最近发生在特斯拉 。 A decent writeup on various way to protect yourself was written by Jo Beda of Heptio Heptio的Jo Beda写了一篇有关各种保护自己的体面文章
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.