部署kubeapps应用,为Helm提供web UI界面管理
(1)首先需要添加一个第三方库
[kubeadm@server1 kubeapps]$ helm repo add bitnami https://charts.bitnami.com/bitnami
"bitnami" has been added to your repositories
[kubeadm@server1 kubeapps]$ helm search repo kubeapps
NAME CHART VERSION APP VERSION DESCRIPTION
bitnami/kubeapps 3.6.0 v1.10.0 Kubeapps is a dashboard for your Kubernetes clu...
[kubeadm@server1 kubeapps]$
(2)最新的版本是3.6.0,我们使用3.4.3
,拉取解压部署文件
[kubeadm@server1 kubeapps]$ helm pull bitnami/kubeapps --version 3.4.3 //拉取3.4.3版本的bitnami/kubeapps
[kubeadm@server1 kubeapps]$ ls
kubeapps-3.4.3.tgz
[kubeadm@server1 kubeapps]$ tar zxf kubeapps-3.4.3.tgz
[kubeadm@server1 kubeapps]$ ls
kubeapps kubeapps-3.4.3.tgz
[kubeadm@server1 kubeapps]$ cd kubeapps/
[kubeadm@server1 kubeapps]$ ls
charts crds requirements.lock templates values.yaml
Chart.yaml README.md requirements.yaml values.schema.json
[kubeadm@server1 kubeapps]$
(3)可以发现对比以前的应用多了一个requirements.yaml
文件,这个文件定义了应用的依赖性
[kubeadm@server1 kubeapps]$ cat requirements.yaml
dependencies:
- name: mongodb
version: ">= 0"
repository: https://kubernetes-charts.storage.googleapis.com
condition: mongodb.enabled
- name: postgresql
version: ">= 0"
repository: https://kubernetes-charts.storage.googleapis.com
condition: postgresql.enabled
[kubeadm@server1 kubeapps]$
可以看出其依赖mongodb以及postgresql
[root@server1 ~]# docker load -i kubeapps-3.4.3.tar // 将所有镜像的打包文件上传
[root@server1 ~]# for i in `docker images|grep bitnami|awk '{printf("%s:%s\n",$1,$2)}'`;do docker tag $i reg.westos.org/$i;done // 修改镜像上传名称
[root@server1 ~]# for i in `docker images|grep reg.westos.org/bitnami|awk '{print $1":"$2}'`;do docker push $i;done // 上传镜像到私有仓库
for i in `docker images|grep reg.westos.org/bitnami|awk '{print $1":"$2}'`;do docker rmi $i;done // 删除镜像
for i in `docker images|grep bitnami|awk '{print $1":"$2}'`;do docker rmi $i;done // 删除镜像防止占用空间
(4)部署kubeapps需要的镜像至harbor仓库
(5) 编辑变量values.yaml
文件
默认镜像仓库为docker.io我们需要在全局指定我们的镜像仓库
[kubeadm@server1 kubeapps]$ vim values.yaml
global:
imageRegistry: reg.westos.org // 改写为你的私有仓库
useHelm3: true // 支持helm v3版本
ingress: //打开ingress并指定主机名
## Set to true to enable ingress record generation
##
enabled: true
hostname: kubeapps.westos.org // 主机名
initialRepos: //定义初始化仓库
- name: stable
url: http://mirror.azure.cn/kubernetes/charts/
- name: bitnami
url: https://charts.bitnami.com/bitnami
![在这里插入图片描述](https://img-blog.csdnimg.cn/20200611182613197.png(6)安装部署
[kubeadm@server1 kubeapps]$ kubectl create namespace kubeapps // 创建kubeapps的namespace
namespace/kubeapps created
[kubeadm@server1 kubeapps]$ helm -n kubeapps install kubeapps . // 部署kubeapps
NAME: kubeapps
LAST DEPLOYED: Wed May 13 22:02:12 2020
NAMESPACE: kubeapps
STATUS: deployed
REVISION: 1
NOTES:
等待一会查看状态
[kubeadm@server1 kubeapps]$ kubectl -n kubeapps get pod
NAME READY STATUS RESTARTS AGE
apprepo-kubeapps-sync-bitnami-9bbtf-tskp8 1/1 Running 0 47s
apprepo-kubeapps-sync-stable-scpsv-ctsqm 1/1 Running 1 47s
kubeapps-6688575df9-2gtgb 1/1 Running 0 77s
kubeapps-6688575df9-w929g 1/1 Running 0 77s
kubeapps-internal-apprepository-controller-8cdf54665-tz8xr 1/1 Running 0 77s
kubeapps-internal-assetsvc-6b94785ffb-gg8v2 1/1 Running 0 77s
kubeapps-internal-assetsvc-6b94785ffb-pt8vk 1/1 Running 1 77s
kubeapps-internal-dashboard-6b65678647-knfsv 1/1 Running 0 77s
kubeapps-internal-dashboard-6b65678647-n4xws 1/1 Running 0 77s
kubeapps-internal-kubeops-59887fdbf8-45tmk 1/1 Running 0 77s
kubeapps-internal-kubeops-59887fdbf8-m9c44 1/1 Running 0 76s
kubeapps-mongodb-685d4c95d9-j9d84 1/1 Running 0 77s
[kubeadm@server1 kubeapps]$
[kubeadm@server1 kubeapps]$ kubectl -n kubeapps get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubeapps ClusterIP 10.99.50.162 <none> 80/TCP 2m5s
kubeapps-internal-assetsvc ClusterIP 10.109.59.64 <none> 8080/TCP 2m5s
kubeapps-internal-dashboard ClusterIP 10.100.238.44 <none> 8080/TCP 2m5s
kubeapps-internal-kubeops ClusterIP 10.106.236.117 <none> 8080/TCP 2m4s
kubeapps-mongodb ClusterIP 10.97.156.50 <none> 27017/TCP 2m4s
[kubeadm@server1 kubeapps]$
[kubeadm@server1 kubeapps]$ kubectl -n kubeapps get deployments.apps
NAME READY UP-TO-DATE AVAILABLE AGE
kubeapps 2/2 2 2 2m35s
kubeapps-internal-apprepository-controller 1/1 1 1 2m35s
kubeapps-internal-assetsvc 2/2 2 2 2m35s
kubeapps-internal-dashboard 2/2 2 2 2m35s
kubeapps-internal-kubeops 2/2 2 2 2m35s
kubeapps-mongodb 1/1 1 1 2m35s
[kubeadm@server1 kubeapps]$
可以看出创建了两个cronjob,每隔10分钟同步我们定义的两个仓库
[kubeadm@server1 kubeapps]$ kubectl -n kubeapps get cronjobs.batch
NAME SCHEDULE SUSPEND ACTIVE LAST SCHEDULE AGE
apprepo-kubeapps-sync-bitnami */10 * * * * False 0 <none> 2m28s
apprepo-kubeapps-sync-stable */10 * * * * False 0 <none> 2m28s
[kubeadm@server1 kubeapps]$
部署成功
浏览器访问kubeapps.redhat.org
需要token登陆,因此我们需要创建sa并为其附加 cluster-admin 的权限
[kubeadm@server1 kubeapps]$ kubectl create serviceaccount kubeapps-operator -n kubeapps
serviceaccount/kubeapps-operator created
[kubeadm@server1 kubeapps]$ kubectl -n kubeapps get sa
NAME SECRETS AGE
default 1 27m
kubeapps-internal-apprepository-controller 1 24m
kubeapps-internal-kubeops 1 24m
kubeapps-operator 1 7s
[kubeadm@server1 kubeapps]$ kubectl create clusterrolebinding kubeapps-operator --clusterrole=cluster-admin --serviceaccount=kubeapps:kubeapps-operator
clusterrolebinding.rbac.authorization.k8s.io/kubeapps-operator created
[kubeadm@server1 kubeapps]$
查看token
[kubeadm@server1 kubeapps]$ kubectl -n kubeapps describe sa kubeapps-operator
Name: kubeapps-operator
Namespace: kubeapps
Labels: <none>
Annotations: <none>
Image pull secrets: <none>
Mountable secrets: kubeapps-operator-token-gcfwr
Tokens: kubeapps-operator-token-gcfwr
Events: <none>
[kubeadm@server1 kubeapps]$ kubectl -n kubeapps describe secrets kubeapps-operator-token-gcfwr
Name: kubeapps-operator-token-gcfwr
Namespace: kubeapps
Labels: <none>
Annotations: kubernetes.io/service-account.name: kubeapps-operator
kubernetes.io/service-account.uid: 19c16e66-80d3-4fbd-b117-d679e71015c5
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1025 bytes
namespace: 8 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IlNUdEFKWnVENXZtcnczV0FDbVNOU0JmN0RrYXFqWlk1VXVzZFp3dWF6bUUifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlYXBwcyIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlYXBwcy1vcGVyYXRvci10b2tlbi1nY2Z3ciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJ
...
...
添加自己的chart库
因为我们仓库的地址为reg.westos.org
,在pod内不能解析这个地址,因此我们首先需要添加pod内解析
[kubeadm@server1 kubeapps]$ kubectl -n kube-system get cm
NAME DATA AGE
coredns 1 23d
extension-apiserver-authentication 6 23d
kube-flannel-cfg 2 23d
kube-proxy 2 23d
kubeadm-config 2 23d
kubelet-config-1.18 1 23d
[kubeadm@server1 kubeapps]$ kubectl -n kube-system edit cm coredns
在网页端就可以搜到
点进入可以看到两个版本0.1.0
和0.2.0
点击Deploy
更改部署文件,使用ingress
更改后提交,等待一会变成ready
测试访问
部署成功。