How to deploy k8s-dashborad-Token login method 04/09 Update SLTechnology News&Howtos

How to deploy k8s-dashborad-Token login method

2025-04-09 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/01 Report--

How to deploy k8s-dashborad-Token login mode, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain for you in detail, people with this need can come to learn, I hope you can gain something.

1 deploy dashboard

Kubectl apply-f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml

2 modify dashborad to access by nodeport

Kubectl patch svc kubernetes-dashboard-p'{"spec": {"type": "NodePort"}'- n kube-system

3 create a serviceaccount that belongs to dashboard

Kubectl create serviceaccount dashboard-admin-n kube-system View serviceaccountkubectl get serviceaccount-n kube-system | grep dashboard-admin

4 create clusterrolebinding

Create clusterrolebinding binding clusterrole to use serviceaccount authentication

Kubectl create clusterrolebinding dashboard-cluster-admin-- clusterrole=cluster-admin-- serviceaccount=kube-system:dashboard-admin We use clusterrolebinding to bind clusterrole and basically have all the permissions of a cluster resource. If you need to specify the namespace with rolebinding binding clusterrole if you refine the authorization

5 View the generated token

View the generated token# kubectl get secret-n kube-system | grep dashboard-admin* dashboard-admin-token-97wz7 kubernetes.io/service-account-token 3 19h

6 View token

Kubectl describe secret dashboard-admin-token-97wz7-n kube-systemName: dashboard-admin-token-97wz7Namespace: kube-systemLabels: Annotations: kubernetes.io/service-account.name: dashboard-admin kubernetes.io/service-account.uid: 7e681606-684b-11e9-b76a-000c29980aeeType: kubernetes.io/service-account-tokenData====ca.crt: 1025 bytesnamespace: 11 bytestoken: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9yZC1hZG1pbi10b2tlbi05N3d6NyIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJkYXNoYm9yZC1hZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjdlNjgxNjA2LTY4NGItMTFlOS1iNzZhLTAwMGMyOTk4MGFlZSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTpkYXNoYm9yZC1hZG1pbiJ9.b67GEYZEK_KZC9decv6KeXGhp9PFCrew9xQTWQ_HkGaerjlEkSX2JE3OVRpPGF84hcbYgfBjvCrAIVNmJmjprMIZCsLeCx3-EXJ93zka4tv1huFaywWDsi4wF3TF9tfYfculHSRuZyAKFenN4UiLPVGK954zUZpM_Rpq3SBpiaw8-HM2CRz0ws8ELpRk5UGRRCAboRB _ 2hkHbtv36p6qyYbrdSG7gjj-xdw_ncAq6H-Vvdx2j3A6q7cgt9erYvGXwnPdfXePcxPr7BfVwFxm4w2tkb4k-fNxWfQYe6wiJiV907tMpwooX_nx_WQ-dIGtiDEDVJU0sOP85Fy1XI4yxw

6 View nodeport port

Kubectl get svc-n kube-systemNAME TYPE CLUSTER-IP EXTERNAL-IP PORT (S) AGEkube-dns ClusterIP 10.96.0.10 53 443:31559/TCP 19h

7 Log in to dashboard with a token

Https://10.10.25.150:31559

8 what if you only give permission to the default namespace?

1) create a serviceaccountkubectl create serviceaccount default-admin2 of default) use rolebinding to bind clusterrolekubectl create rolebinding default-admin--clusterrole=admin-- serviceaccount=default:default-admin3) get secret kubectl get secret | grep default-admin*NAME TYPE DATA AGEdefault-admin-token-476jp kubernetes.io/service-account-token 3 3m2s4) View the token value kubectl describe secret default-admin-token-476jpName: Default-admin-token-476jpNamespace: defaultLabels: Annotations: kubernetes.io/service-account.name: default-admin kubernetes.io/service-account.uid: 609fe45a-68da-11e9-b76a-000c29980aeeType: kubernetes.io/service-account-tokenData====ca.crt: 1025 bytesnamespace: 7 bytestoken: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImRlZmF1bHQtYWRtaW4tdG9rZW4tNDc2anAiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVmYXVsdC1hZG1pbiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjYwOWZlNDVhLTY4ZGEtMTFlOS1iNzZhLTAwMGMyOTk4MGFlZSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0OmRlZmF1bHQtYWRtaW4ifQ.D-0fw1cqEsp1xu98hBMv9fNyuF_lu2BGMWEUhvcEiC55po55Kml0p8D92tCe88RMeuh8no_a-WN2hX44DWibMUioxUFIEtiSVztGBlhDMWEQkFjQDkLtRX5_AefYXkVTk6vS-3KyUCieExPtmNKH87oScIOKmVmulK0qT3gZ1mNsuiwPo_w6muZ4n90PUT1oK-QhH7gms1J5kwU5y0TYVzcqTcck9OSVMcD5CQ3QhfrK_gU_vEYk7P1G5oqaYYKMZMlxg3aH-Q15mfMzyvLDTnNepGIJHXlZv7IZDScmAJgfbT3w5var86LimNXQ92cMemBmbRAywSMm8Gimizd6Jg5) Log in using token Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.