Skip to content

Latest commit

 

History

History
127 lines (76 loc) · 6.74 KB

getting-started.md

File metadata and controls

127 lines (76 loc) · 6.74 KB

Get Started with Kubeapps

This guide will walk you through the process of deploying Kubeapps for your cluster and installing an example application.

Prerequisites

Kubeapps assumes a working Kubernetes cluster (v1.15+), as well as the helm (3.1.0+) and kubectl command-line interfaces installed and configured to talk to your Kubernetes cluster. Kubeapps has been tested with Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), minikube and Docker for Desktop Kubernetes. Kubeapps works on RBAC-enabled clusters and this configuration is encouraged for a more secure install.

On GKE, you must either be an "Owner" or have the "Container Engine Admin" role in order to install Kubeapps.

Step 1: Install Kubeapps

Use the Helm chart to install the latest version of Kubeapps:

helm repo add bitnami https://charts.bitnami.com/bitnami
kubectl create namespace kubeapps
helm install kubeapps --namespace kubeapps bitnami/kubeapps

For detailed information on installing, configuring and upgrading Kubeapps, checkout the chart README.

The above commands will deploy Kubeapps into the kubeapps namespace in your cluster. It may take a few minutes to execute. Once it has been deployed and the Kubeapps pods are running, continue to step 2.

Step 2: Create a demo credential with which to access Kubeapps and Kubernetes

For any user-facing installation you should configure an OAuth2/OIDC provider to enable secure user authentication with Kubeapps and the cluster, but this is quite an overhead to simply try out Kubeapps. Instead, for a simpler way to try out Kubeapps for personal learning, we can create a Kubernetes service account and use that API token to authenticate with the Kubernetes API server via Kubeapps:

kubectl create --namespace default serviceaccount kubeapps-operator
kubectl create clusterrolebinding kubeapps-operator --clusterrole=cluster-admin --serviceaccount=default:kubeapps-operator

NOTE It's not recommended to assign users the cluster-admin role for Kubeapps production usage. Please refer to the Access Control documentation to configure fine-grained access control for users.

To retrieve the token,

On Linux/macOS:

kubectl get --namespace default secret $(kubectl get --namespace default serviceaccount kubeapps-operator -o jsonpath='{range .secrets[*]}{.name}{"\n"}{end}' | grep kubeapps-operator-token) -o jsonpath='{.data.token}' -o go-template='{{.data.token | base64decode}}' && echo

On Windows:

Create a file called GetDashToken.cmd with the following lines in it:

@ECHO OFF
REM Get the Service Account
kubectl get --namespace default serviceaccount kubeapps-operator -o jsonpath={.secrets[].name} > s.txt
SET /p ks=<s.txt
DEL s.txt

REM Get the Base64 encoded token
kubectl get --namespace default secret %ks% -o jsonpath={.data.token} > b64.txt

REM Decode The Token
DEL token.txt
certutil -decode b64.txt token.txt

Open a command prompt and run the GetDashToken.cmd Your token can be found in the token.txt file.

Step 3: Start the Kubeapps Dashboard

Once Kubeapps is installed, securely access the Kubeapps Dashboard from your system by running:

kubectl port-forward -n kubeapps svc/kubeapps 8080:80

This will start an HTTP proxy for secure access to the Kubeapps Dashboard. Visit http://127.0.0.1:8080/ in your preferred web browser to open the Dashboard. Here's what you should see:

Dashboard login page

Paste the token generated in the previous step to authenticate and access the Kubeapps dashboard for Kubernetes.

Dashboard main page

Note: If you are setting up Kubeapps for other people to access, you will want to use a different service type or setup Ingress rather than using the above kubectl port-forward. For detailed information on installing, configuring and upgrading Kubeapps, checkout the chart README

Step 4: Deploy WordPress

Once you have the Kubeapps Dashboard up and running, you can start deploying applications into your cluster.

  • Use the "Deploy" button or click on the "Catalog" page in the Dashboard to select an application from the list of charts in any of the configured Helm chart repositories. This example assumes you want to deploy WordPress.

    WordPress chart

  • Click the "Deploy" button.

    WordPress chart

  • You will be prompted for the release name and values for the application. The form is populated by the values (YAML), which you can see in the adjacent tab.

    WordPress installation

  • Click the "Deploy" button. The application will be deployed. You will be able to track the new Helm deployment directly from the browser. The status will be shown at the top, including the access URL and any secret included with the app. You can also look at the individual resources lower in the page. It will also show the number of ready pods. If you run your cursor over the status, you can see the workloads and number of ready and total pods within them.

    WordPress deployment

To access your new WordPress site, you can run the commands in the "Notes" section to get the URLs or simply click a URL (HTTP and HTTPS) shown.

Note: Depending on your cloud provider of choice, it may take some time for an access URL to be available for the application and the Service will stay in a "Pending" state until a URL is assigned. If using Minikube, you will need to run minikube tunnel in your terminal in order for an IP address to be assigned to your application.

WordPress deployment notes

To get the credentials for logging into your WordPress account, refer to the "Notes" section. You can also get the WordPress password by clicking on the eye next to wordpress-password.

WordPress deployment notes

[Optional] Step 5: Uninstall/Delete WordPress

If you want to uninstall/delete your WordPress application, you can do so by clicking the "Delete" button.

WordPress uninstall

Next Steps

Learn more about Kubeapps with the links below: