如何使用 AWS EKS 中的 static DNS 向我的 vpc 中的所有用户公开 kubernetes 仪表板?
[英]How to expose kubernetes dashboard to all users within my vpc using a static DNS in AWS EKS?
问题描述
I want to expose kubernetes dashboard to multiple users who have access to my vpc, i've seen some examples using internal load balancer with external DNS but i just want to know if there are more suggestions.
我想向可以访问我的 vpc 的多个用户公开 kubernetes 仪表板,我已经看到了一些使用内部负载均衡器和外部 DNS 的示例,但我只想知道是否有更多建议。
1 个解决方案
解决方案1
1 2020-04-22 10:50:20
When you install the dashboard, the service is set as ClusterIP .安装仪表板时,该服务设置为ClusterIP 。 To let users from the same VPC access it you need to change the service to NodePort .要让来自同一 VPC 的用户访问它,您需要将服务更改为NodePort 。
$ kubectl get service kubernetes-dashboard -n kube-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes-dashboard ClusterIP 10.0.184.227 <none> 80/TCP 15m
To change it you have to edit the service:要更改它,您必须编辑服务:
kubectl edit service kubernetes-dashboard -n kube-system
And change the .spec.type from ClusterIP to NodePort .并将.spec.type从ClusterIP更改为NodePort 。
Another option is to patch the service with the following command:另一种选择是使用以下命令修补服务:
$ kubectl patch service -n kube-system kubernetes-dashboard --patch '{"spec": {"type": "NodePort"}}'
After you edit or patch it your service is ready to be acceded as you need.在您编辑或修补它之后,您的服务就可以根据需要加入。
$ kubectl get service kubernetes-dashboard -n kube-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes-dashboard NodePort 10.0.184.227 <none> 80:30334/TCP 18m
...
Now to connect to the dashboard you have to point your browser to http://master-node-ip:nodePort现在要连接到仪表板,您必须将浏览器指向http://master-node-ip:nodePort
$ kubectl describe service kubernetes-dashboard -n kube-system
...
NodePort: <unset> 30334/TCP
...
$ kubectl get node -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
aks-agentpool-20139558-vmss000000 Ready agent 16m v1.15.10 10.240.0.5 <none> Ubuntu 16.04.6 LTS 4.15.0-1071-azure docker://3.0.10+azure
...
So based on this example it looks like: http://10.240.0.5:30334所以基于这个例子,它看起来像: http://10.240.0.5:30334
And it can be accessed from anyone in the same network as your master node.并且可以从与您的主节点相同的网络中的任何人访问它。
$ curl http://10.240.0.5:30334
<!doctype html> <html ng-app="kubernetesDashboard"> <head> <meta charset="utf-8"> <title ng-controller="kdTitle as $ctrl" ng-bind="$ctrl.title()"></title> <link rel="icon" type="image/png" href="assets/images/kubernetes-logo.png"> <meta name="viewport" content="width=device-width"> <link rel="stylesheet" href="static/vendor.93db0a0d.css"> <link rel="stylesheet" href="static/app.ddd3b5ec.css"> </head> <body ng-controller="kdMain as $ctrl"> <!--[if lt IE 10]>
<p class="browsehappy">You are using an <strong>outdated</strong> browser.
Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your
experience.</p>
<![endif]--> <kd-login layout="column" layout-fill ng-if="$ctrl.isLoginState()"> </kd-login> <kd-chrome layout="column" layout-fill ng-if="!$ctrl.isLoginState()"> </kd-chrome> <script src="static/vendor.bd425c26.js"></script> <script src="api/appConfig.json"></script> <script src="static/app.91a96542.js"></script> </body> </html>
To know more about the different between all Kubernetes services type, check the following links:要详细了解所有 Kubernetes 服务类型之间的区别,请查看以下链接:
Publishing Services (ServiceTypes) Kubernetes – Service Publishing 发布服务 (ServiceTypes) Kubernetes – 服务发布
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.