:: AsciiDoc

1. Helm Packaging
2. CSI Driver
3. Dashboard

1. Helm Packaging

在安装有kubectl的节点上，此处选择master
https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
chmod 700 helm3.sh && ./helm3.sh

curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3

chmod 700 get_helm.sh && ./get_helm.sh

helm search hub wordpress

2. CSI Driver

Container Storage Interface Driver，OpenEBS

helm repo add openebs https://openebs.github.io/charts

kubectl create namespace openebs

helm --namespace=openebs install openebs openebs/openebs

3. Dashboard

https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml
image: kubernetesui/dashboard:v2.7.0 修改为：
image: registry.aliyuncs.com/google_containers/dashboard:v2.7.0
image: kubernetesui/metrics-scraper:v1.0.8 修改为：
image: registry.aliyuncs.com/google_containers/metrics-scraper:v1.0.8

kind: Service
apiVersion: v1
metadata:
  labels:
    k8s-app: kubernetes-dashboard
  name: kubernetes-dashboard
  namespace: kubernetes-dashboard
spec:
  type: NodePort	(1)
  ports:
    - port: 443
      targetPort: 8443
      nodePort: 30001	(2)
  selector:
    k8s-app: kubernetes-dashboard

1	第40行添加：`type: NodePort`，
2	第44行添加：`nodePort: 30001`，端口范围：30000 ~ 32767 kubectl apply -f kubernetes-dashboard.yaml 执行后的第一行会给出命名空间 kubectl get pods -n kubernetes-dashboard 生成Token：

# 建立sa：service account，dashboard-admin是用户名
kubectl create sa dashboard-admin -n kube-system

# 建立角色绑定关系
kubectl create clusterrolebinding dashboard-admin \
	--clusterrole=cluster-admin \
	--serviceaccount=kube-system:dashboard-admin

# 生成token，有效期1小时，此处指定一年
kubectl create token dashboard-admin -n kube-system

# kubectl create token --help
# --duration=0s，--duration=31536000s:

eyJhbGciOiJSUzI1NiIsImtpZCI6InYwYm9LZVpSYTZHRHRNUlktZEp5aTBDU3BIQmQ0WldnX0pScWJ6d0U4OTgifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNzIzNDY3MTc2LCJpYXQiOjE2OTE5MzExNzYsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJkYXNoYm9hcmQtYWRtaW4iLCJ1aWQiOiJjOWYxZWE1OS03OTExLTQ1NTAtYWE3Yy0zNmM5Y2JmZTI1NWQifX0sIm5iZiI6MTY5MTkzMTE3Niwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.RqO0IR2pNuSARh0C1cRzLYWmSaj37COgyuPtTTK_2mRIxnLh56bV7MtN_Lbwkf8zoJXCV7EWYgfygL5FBQeIxwEq4T5JFvoU4m9EwZsCJYbpyXY71nIbaXQ3b81S9fotGntSrfUFa-q9HfS8_B2c_KKemYp8BErIYSHmytJFLL6C3O78JjJKqcn5aNQeAjK3VQG_IUTdeWXqkWE-CspaUYEZdPfxOavj4Hn2yPFaTlPN46f3aDnwaqejSrWyVU2D2HHbVolFe7AB3V-uALI3O3Z2UIyB4CC_OGo-OxGYB-bDa0HJ4kMgQS_pWv4EpKcgN9sS18P_kLyOkpsWvmR96A

# 先解除用户绑定，然后删除用户
kubectl delete clusterrolebinding dashboard-admin -n kube-system && \
	kubectl delete sa dashboard-admin -n kube-system

# 查询用户
kubectl get sa -n kube-system

# 用户详情
kubectl describe sa dashboard-admin -n kube-system

https://192.168.1.121:30001