# 安装 Kuboard v2（离线）

许多公司处于安全的考虑，需要将 Kuboard 离线安装到内网环境。本文描述了如何完成 Kuboard 的离线安装。请确保您已经熟悉了安装Kuboard，本文只描述离线安装时，与正常安装的过程的差异部分。

# 准备Kuboard镜像

# 获取Kuboard镜像

在可以上网的机器上抓取 kuboard 镜像
```
docker pull eipwork/kuboard:latest
```
1

查看 kuboard 镜像的 ID

docker images | grep kuboard

输出结果如下所示：

eipwork/kuboard           latest                0146965e6475        3 weeks ago         133MB

将 Kuboard 镜像导出到文件
```
docker save 86eaead8421e > kuboard.tar
```
1
ImageID

请使用上一个步骤中查询到的 image ID
将 kuboard.tar 传输到 Kubernetes 集群的某一个节点上

# 加载Kuboard镜像

在 Kubernetes 集群的某一个节点上执行
```
docker load < kuboard.tar
```
1
为镜像重新添加标签
```
docker tag 0146965e6475 eipwork/kuboard:latest
```
1
ImageID

请使用上一个步骤中查询到的 image ID

# 准备kuboard.yaml文件

安装Kuboard的yaml文件如下，将其保存到 kuboard-offline.yaml

必要的修改

修改该文件中第 26 行的节点名称为上一个步骤中，已经加载了 kuboard 镜像的节点，参考将容器组调度到指定节点
与在线安装不同，此处 ImagePullPolicy=IfNotPresent （第30行），参考容器镜像

apiVersion: apps/v1
kind: Deployment
metadata:
  name: kuboard
  namespace: kube-system
  annotations:
    k8s.kuboard.cn/displayName: kuboard
    k8s.kuboard.cn/ingress: "true"
    k8s.kuboard.cn/service: NodePort
    k8s.kuboard.cn/workload: kuboard
  labels:
    k8s.kuboard.cn/layer: monitor
    k8s.kuboard.cn/name: kuboard
spec:
  replicas: 1
  selector:
    matchLabels:
      k8s.kuboard.cn/layer: monitor
      k8s.kuboard.cn/name: kuboard
  template:
    metadata:
      labels:
        k8s.kuboard.cn/layer: monitor
        k8s.kuboard.cn/name: kuboard
    spec:
      nodeName: your-node-name
      containers:
      - name: kuboard
        image: eipwork/kuboard:latest
        imagePullPolicy: IfNotPresent
      tolerations:
      - key: node-role.kubernetes.io/master
        effect: NoSchedule

---
apiVersion: v1
kind: Service
metadata:
  name: kuboard
  namespace: kube-system
spec:
  type: NodePort
  ports:
  - name: http
    port: 80
    targetPort: 80
    nodePort: 32567
  selector:
    k8s.kuboard.cn/layer: monitor
    k8s.kuboard.cn/name: kuboard

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: kuboard-user
  namespace: kube-system

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: kuboard-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: kuboard-user
  namespace: kube-system

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: kuboard-viewer
  namespace: kube-system

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: kuboard-viewer
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: view
subjects:
- kind: ServiceAccount
  name: kuboard-viewer
  namespace: kube-system

# ---
# apiVersion: extensions/v1beta1
# kind: Ingress
# metadata:
#   name: kuboard
#   namespace: kube-system
#   annotations:
#     k8s.kuboard.cn/displayName: kuboard
#     k8s.kuboard.cn/workload: kuboard
#     nginx.org/websocket-services: "kuboard"
#     nginx.com/sticky-cookie-services: "serviceName=kuboard srv_id expires=1h path=/"
# spec:
#   rules:
#   - host: kuboard.yourdomain.com
#     http:
#       paths:
#       - path: /
#         backend:
#           serviceName: kuboard
#           servicePort: http

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113

执行命令
```
kubectl apply -f kuboard-offline.yaml
```
1

# 登录Kuboard

免费答疑

QQ群

Kubernetes教程：QQ群在线答疑

微信群

微信扫码进群发广告者死全家...

赞赏

微信扫码

← 安装 Kuboard v2 通过反向代理访问 Kuboard →