K8S UI 之 Kubesphere

发表于 分类于 置顶 精品
阅读次数: 本文字数: 985 阅读时长 ≈ 4 分钟

摘要

Kubesphere 简介

  • KubeSphere 是一个基于 Kubernetes 构建的 企业级多租户容器管理平台,提供了一套完整的容器平台解决方案,让用户以图形化方式轻松使用 Kubernetes 和 DevOps 能力,不需要深入理解复杂的底层架构。

  • 与 K8S 的 Dashboard 相比具有如下优势:

功能 / 特性 Kubernetes Dashboard KubeSphere
✅ 基础资源管理 ✅ 支持 ✅ 更丰富,支持更多细粒度控制
👥 多租户支持 ❌ 无 ✅ 内建企业级多租户、空间(Workspace)隔离
🔐 身份认证与权限控制 ⚠️ 需手动整合 RBAC ✅ 内建用户管理、角色、团队、企业组织架构
🌐 多集群支持 ❌ 不支持 ✅ 支持跨区域多集群统一管理
🚀 DevOps(CI/CD 流水线) ❌ 无 ✅ 内置图形化流水线(Jenkins 驱动)
📊 监控与指标(Prometheus) ❌ 手动安装 ✅ 内置,图形化展示 Pod/Node/服务等监控数据
📁 日志查询与分析(EFK) ❌ 无 ✅ 内建 Fluent Bit + Elasticsearch + Kibana
💡 微服务治理(Istio) ❌ 无 ✅ 可选启用,支持服务拓扑、灰度发布、流量治理等
🧰 应用商店(Helm 可视化部署) ❌ 无 ✅ 支持 Helm 应用市场,点击即可安装常见中间件
🔌 插件架构 ❌ 无 ✅ 支持模块按需启用/关闭
🧪 容器镜像仓库(Harbor) ❌ 无 ✅ 可集成或内建 Harbor 容器仓库
📦 安装复杂度 ✅ 简单 ⚠️ 略复杂,但可按需启用模块

部署 Kubesphere

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# 如果无法访问 charts.kubesphere.io, 可将 charts.kubesphere.io 替换为 charts.kubesphere.com.cn
helm upgrade --install -n kubesphere-system --create-namespace ks-core https://charts.kubesphere.io/main/ks-core-1.1.4.tgz --debug --wait
## 安装成功后会输出如下信息:
NOTES:
Thank you for choosing KubeSphere Helm Chart.

Please be patient and wait for several seconds for the KubeSphere deployment to complete.

1. Wait for Deployment Completion

    Confirm that all KubeSphere components are running by executing the following command:

    kubectl get pods -n kubesphere-system
2. Access the KubeSphere Console

    Once the deployment is complete, you can access the KubeSphere console using the following URL:

    http://10.211.55.11:30880

3. Login to KubeSphere Console

    Use the following credentials to log in:

    Account: admin
    Password: P@88w0rd

NOTE: It is highly recommended to change the default password immediately after the first login.
For additional information and details, please visit https://kubesphere.io.

# 查看所有组件
$ kubectl get pod,deploy,svc -n kubesphere-system
NAME                                         READY   STATUS    RESTARTS       AGE
pod/extensions-museum-ffd8bd9d8-fvcw4        1/1     Running   1 (28m ago)    5h5m
pod/ks-apiserver-7b4479d5f5-2k4c9            1/1     Running   2 (27m ago)    5h5m
pod/ks-console-6bd9b9f5d9-xqlzs              1/1     Running   0              26m
pod/ks-controller-manager-547f9fc8c9-5b88z   1/1     Running   10 (27m ago)   5h5m

NAME                                    READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/extensions-museum       1/1     1            1           5h14m
deployment.apps/ks-apiserver            1/1     1            1           5h14m
deployment.apps/ks-console              1/1     1            1           5h14m
deployment.apps/ks-controller-manager   1/1     1            1           5h14m

NAME                            TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)        AGE
service/extensions-museum       ClusterIP   10.96.95.71    <none>        443/TCP        5h14m
service/ks-apiserver            ClusterIP   10.96.12.106   <none>        80/TCP         5h14m
service/ks-console              NodePort    10.96.55.165   <none>        80:30880/TCP   5h14m
service/ks-controller-manager   ClusterIP   10.96.13.243   <none>        443/TCP        5h14m

配置 ingress

  • 创建证书

1
2
3
4
kubectl create secret tls nginx-tls \
    --key=nginx_ssl/nginx.hanqunfeng.com.key \
    --cert=nginx_ssl/nginx.hanqunfeng.com.pem \
    -n kubesphere-system

  • 创建 ingress

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# kubesphere-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: kubesphere-nginx
  namespace: kubesphere-system
  annotations:
    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
  ingressClassName: nginx
  tls:
  - hosts:
    - kubesphere.hanqunfeng.com
    secretName: nginx-tls
  rules:
  - host: kubesphere.hanqunfeng.com
    http:
      paths:
      - pathType: Prefix
        path: /
        backend:
          service:
            name: ks-console
            port:
              number: 80

卸载 Kubesphere

1
2
helm uninstall ks-core -n kubesphere-system
kubectl delete namespace kubesphere-system