System Architecture Design
쿠버네티스 대시보드 운영

Kubernetes Dashboard & 계정관리

설치

아래 dashboard를 설치하면 kube-system에 추가된다.

microk8s enable dashboard

Ingress 생성

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: intra-kubernetes.도메인
  namespace: kube-system
  annotations:
    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" // 아래 port가 443이면 https 80이면 http로 설정한다.
 
spec:
  tls:
  - hosts:
    - intra-kubernetes.도메인
    secretName: intra-kubernetes.도메인-tls
 
  rules:
  - host: intra-kubernetes.도메인
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: kubernetes-dashboard
            port:
              number: 443

Admin계정 등록

apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kube-system
 
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system
 
---
apiVersion: v1
kind: Secret
metadata:
  name: admin-user-token
  namespace: kube-system
  annotations:
    kubernetes.io/service-account.name: admin-user
type: kubernetes.io/service-account-token
쿠버네티스 설치 & 운영ArgoCD 설치