一 创建secret 秘钥,指定证书
kubectl create secret generic kubernetes-dashboard-certs --from-file=/opt/yaml/dashboard/hc360key/hc360.com.crt --from-file=/opt/yaml/dashboard/hc360key/hc360.com.key -n kube-system
二 删除现在的dashboard
kubectl delete -f kubernetes-dashboard.yaml
三 更改dashboard yaml配置
vim kubernetes-dashboard.yaml
注解掉secretd创建
##apiVersion: v1
##kind: Secret
##metadata:
## labels:
## k8s-app: kubernetes-dashboard
## name: kubernetes-dashboard-certs
## namespace: kube-system
##type: Opaque
四 创建 dashboard
kubectl create -f kubernetes-dashboard.yaml
五 配置nginx反向代理
vim /usr/local/nginx/conf/vhosts/k8sdashboard.conf
upstream k8sdash\_poll {
server 192.168.76.30:32766;
server 192.168.76.31:32766;
server 192.168.76.32:32766;
check interval=3000 rise=2 fall=5 timeout=1000 type=http;
}
server {
listen 80;
server\_name portainer.org.hc360.com;
rewrite ^\(.\*\)$ https://$host$1 permanent;
}
server {
listen 443;
server\_name portainer.org.hc360.com;
\#charset koi8-r;
access\_log logs/k8s.access.log main;
location / {
proxy\_pass https://k8sdash\_poll;
proxy\_redirect off;
proxy\_set\_header Host $host;
proxy\_set\_header X-Real-IP $remote\_addr;
proxy\_set\_header X-Forwarded-For $proxy\_add\_x\_forwarded\_for;
proxy\_buffer\_size 4k;
proxy\_buffering on;
proxy\_buffers 4 4k;
proxy\_busy\_buffers\_size 8k;
proxy\_max\_temp\_file\_size 1024m;
}
error\_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location /favicon.ico {
root html;
}
}
访问: