43 lines
1.0 KiB
Markdown
43 lines
1.0 KiB
Markdown
### 1. docker部署 kubepi
|
||
|
||
```bash
|
||
docker run --privileged -d --name kubepi --network=internal -v /root/data/kubepi:/var/lib/kubepi -p 8180:80 --restart=unless-stopped 1panel/kubepi
|
||
```
|
||
|
||
### 2. 创建用户,绑定集群管理员角色
|
||
|
||
```bash
|
||
kubectl create sa kubepi-user -n kube-system
|
||
kubectl create clusterrolebinding kubepi-user --clusterrole=cluster-admin --serviceaccount=kube-system:kubepi-user
|
||
```
|
||
|
||
### 3. 获得token
|
||
|
||
- k8s小于1.27版本自动创建secret
|
||
|
||
```bash
|
||
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep kubepi-user | awk '{print $1}') | grep token: | awk '{print $2}'
|
||
```
|
||
|
||
- k8s大于等于1.27版本取消自动创建token,需要手动创建
|
||
|
||
```yaml
|
||
apiVersion: v1
|
||
kind: Secret
|
||
metadata:
|
||
name: secret-kubepi-user
|
||
namespace: kube-system
|
||
annotations:
|
||
kubernetes.io/service-account.name: kubepi-user
|
||
type: kubernetes.io/service-account-token
|
||
```
|
||
|
||
- 创建secret后获取token
|
||
|
||
```bash
|
||
kubectl describe secret secret-kubepi-user -n kube-system | grep token: | awk '{ print $2}'
|
||
```
|
||
|
||
|
||
|