From 6490293934cad5efffa6b3d383b7939ab10f81d3 Mon Sep 17 00:00:00 2001 From: Thomas Schweizer-Bolzonello Date: Sat, 25 Aug 2018 14:27:19 +0300 Subject: [PATCH 1/2] Updating addon.yml for kubernetes/dashboard 1.10.0 Signed-off-by: Thomas Schweizer-Bolzonello --- addons/kubernetes-dashboard/addon.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/addons/kubernetes-dashboard/addon.yaml b/addons/kubernetes-dashboard/addon.yaml index 1cf7f71753..e3a40e48f5 100644 --- a/addons/kubernetes-dashboard/addon.yaml +++ b/addons/kubernetes-dashboard/addon.yaml @@ -45,4 +45,9 @@ spec: kubernetesVersion: ">=1.8.0" selector: k8s-addon: kubernetes-dashboard.addons.k8s.io - manifest: v1.8.3.yaml \ No newline at end of file + manifest: v1.8.3.yaml + - version: 1.10.0 + kubernetesVersion: ">=1.10.0" + selector: + k8s-addon: kubernetes-dashboard.addons.k8s.io + manifest: v1.10.0.yaml From d3bfd399e92504af4108cef0a862a43d4859e6db Mon Sep 17 00:00:00 2001 From: Thomas Schweizer-Bolzonello Date: Sat, 25 Aug 2018 14:30:58 +0300 Subject: [PATCH 2/2] Adding v1.10.0.yaml for kubernetes/dashboard 1.10.0 deployment Signed-off-by: Thomas Schweizer-Bolzonello --- addons/kubernetes-dashboard/v1.10.0.yaml | 167 +++++++++++++++++++++++ 1 file changed, 167 insertions(+) create mode 100644 addons/kubernetes-dashboard/v1.10.0.yaml diff --git a/addons/kubernetes-dashboard/v1.10.0.yaml b/addons/kubernetes-dashboard/v1.10.0.yaml new file mode 100644 index 0000000000..f79097b855 --- /dev/null +++ b/addons/kubernetes-dashboard/v1.10.0.yaml @@ -0,0 +1,167 @@ +# Copyright 2017 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Configuration to deploy release version of the Dashboard UI compatible with +# Kubernetes 1.10. +# +# Example usage: kubectl create -f + +# ------------------- Dashboard Secret ------------------- # + +apiVersion: v1 +kind: Secret +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard-certs + namespace: kube-system +type: Opaque + +--- +# ------------------- Dashboard Service Account ------------------- # + +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard + namespace: kube-system + +--- +# ------------------- Dashboard Role & Role Binding ------------------- # + +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: kubernetes-dashboard-minimal + namespace: kube-system +rules: + # Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret. +- apiGroups: [""] + resources: ["secrets"] + verbs: ["create"] + # Allow Dashboard to create 'kubernetes-dashboard-settings' config map. +- apiGroups: [""] + resources: ["configmaps"] + verbs: ["create"] + # Allow Dashboard to get, update and delete Dashboard exclusive secrets. +- apiGroups: [""] + resources: ["secrets"] + resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs"] + verbs: ["get", "update", "delete"] + # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map. +- apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["kubernetes-dashboard-settings"] + verbs: ["get", "update"] + # Allow Dashboard to get metrics from heapster. +- apiGroups: [""] + resources: ["services"] + resourceNames: ["heapster"] + verbs: ["proxy"] +- apiGroups: [""] + resources: ["services/proxy"] + resourceNames: ["heapster", "http:heapster:", "https:heapster:"] + verbs: ["get"] + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: kubernetes-dashboard-minimal + namespace: kube-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: kubernetes-dashboard-minimal +subjects: +- kind: ServiceAccount + name: kubernetes-dashboard + namespace: kube-system + +--- +# ------------------- Dashboard Deployment ------------------- # + +kind: Deployment +apiVersion: apps/v1beta2 +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard + namespace: kube-system +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + k8s-app: kubernetes-dashboard + template: + metadata: + labels: + k8s-app: kubernetes-dashboard + spec: + containers: + - name: kubernetes-dashboard + image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.0 + ports: + - containerPort: 8443 + protocol: TCP + args: + - --auto-generate-certificates + # Uncomment the following line to manually specify Kubernetes API server Host + # If not specified, Dashboard will attempt to auto discover the API server and connect + # to it. Uncomment only if the default does not work. + # - --apiserver-host=http://my-address:port + volumeMounts: + - name: kubernetes-dashboard-certs + mountPath: /certs + # Create on-disk volume to store exec logs + - mountPath: /tmp + name: tmp-volume + livenessProbe: + httpGet: + scheme: HTTPS + path: / + port: 8443 + initialDelaySeconds: 30 + timeoutSeconds: 30 + volumes: + - name: kubernetes-dashboard-certs + secret: + secretName: kubernetes-dashboard-certs + - name: tmp-volume + emptyDir: {} + serviceAccountName: kubernetes-dashboard + # Comment the following tolerations if Dashboard must not be deployed on master + tolerations: + - key: node-role.kubernetes.io/master + effect: NoSchedule + +--- +# ------------------- Dashboard Service ------------------- # + +kind: Service +apiVersion: v1 +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard + namespace: kube-system +spec: + ports: + - port: 443 + targetPort: 8443 + selector: + k8s-app: kubernetes-dashboard