简介
之前一直使用lens,很不错,但是如果你的集群要被别人使用,比如开发,而且开发是不会k8s,并且开发也不会安装lens,你还担心开发操作了k8s,那么kubepi的确是一个很好的选择
操作
首先直接在k8s里面安装一个kubepi,下面是我的yaml给大家参考下
apiVersion: v1
kind: ServiceAccount
metadata:
name: kubepi-user
namespace: kubepi
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kubepi-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: kubepi-user
namespace: kubepi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kubepi-pv-claim
namespace: kubepi
labels:
app.kubernetes.io/name: kubepi
spec:
storageClassName: managed-nfs-storage
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: Service
metadata:
name: kubepi
namespace: kubepi
spec:
type: LoadBalancer
loadBalancerIP: 10.10.100.78
ports:
- name: http
port: 80
targetPort: 80
protocol: TCP
selector:
app.kubernetes.io/name: kubepi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: kubepi
namespace: kubepi
labels:
app.kubernetes.io/name: kubepi
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: kubepi
template:
metadata:
labels:
app.kubernetes.io/name: kubepi
spec:
imagePullSecrets:
- name: regcred
containers:
- name: kubepi
image: registry.bboysoul.cn/kubeoperator/kubepi-server:v1.3.0
imagePullPolicy: Always
ports:
- containerPort: 80
protocol: TCP
securityContext:
privileged: true
volumeMounts:
- name: kubepi-persistent-storage
mountPath: /var/lib/kubepi
volumes:
- name: kubepi-persistent-storage
persistentVolumeClaim:
claimName: kubepi-pv-claim
apply之后就好了,其他的也没啥好说的感觉,之后就给开发创建一个只读帐号吧。
说一下感受
首先相比于lens,界面肯定稍微有点卡,毕竟是web,我创建了lb之后,service里面竟然不显示lb的ip,只有看yaml才可以看到lb的ip
多集群管理可以赞一下
最好和lens一样可以支持prometheus监控。
导入集群的时候kubeconfig file能不能给个文本输入框,目前只支持文件导入
其他的中规中矩,但是这个我会和lens一样长期使用。
欢迎关注我的博客www.bboy.app
Have Fun