Install KubeSphere on GKE (or existing K8s cluster)

This guide walks you throungh the steps of KubeSphere minimal installation on Google Kubernetes Engine, it also applies to installing on your existing K8s cluster.

What is KubeSphere

KubeSphere is an enterprise-grade multi-tenant container platform that built on Kubernetes, it’s an open source project that supports installing on Linux and Kubernetes. It provides an easy-to-use UI for users to manage Kubernetes resources with a few clicks, which reduces the learning curve and empowers the DevOps teams. It greatly reduces the complexity of the daily work of development, testing, operation and maintenance, aiming to alleviate the pain points of Kubernetes’ storage, network, security and ease of use, etc.

Prepare a GKE cluster

At first, a standard Kubernetes in GKE is a prerequisite of installing KubeSphere, we’ve created a GKE cluster with 1.14.8-gke.17 in this demo, and choosed the n1-standard-2 (2 vCPU, 7.5 GB memory) and 3 nodes in Machine configuration.

Note:

  • n1-standard-2 (2 vCPU, 7.5 GB memory) is only the minimal requirements that is used for the minimal installation, it’s recommended to choose higher machine configuration for production environment.
  • n1-standard-2 (2 vCPU, 7.5 GB memory) is only used for minimal installation, KubeSphere 2.1 has decoupled several feature components, which supports installing these pluggable components in an easy way, you have to prepare enough machine configuration before you enable pluggable components, see Enabling pluggable components installation.
  • Supported Kubernetes version: 1.13.0 ≤ K8s version < 1.16.

Create Tiller Service Account

KubeSphere requires Helm (>= v2.10.0, excluding v2.16.0) to trigger the installation. By default, Tiller is not ready on GKE, thus we need to install Tiller in advance.

When GKE cluster is ready, we can connenct to Cloud Shell.

Here, we create helm-rbac.yaml in GKE as following:


apiVersion: v1

kind: ServiceAccount

metadata:

  name: tiller

  namespace: kube-system

---

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRoleBinding

metadata:

  name: tiller

roleRef:

  apiGroup: rbac.authorization.k8s.io

  kind: ClusterRole

  name: cluster-admin

subjects:

  - kind: ServiceAccount

    name: tiller

    namespace: kube-system

Let’s create these resources using kubectl:


$ kubectl apply -f helm-rbac.yaml

Deploy Tiller

Initialize helm using the following command.


$ helm init --service-account=tiller --tiller-image=gcr.io/kubernetes-helm/tiller:v2.14.1   --history-max 300

Check the Tiller status using kubectl, when it display 1/1 that means you are ready to continue.


$ kubectl get deployment tiller-deploy -n kube-system

Install KubeSphere

Install KubeSphere using kubectl, this command is only trigger the minimal installation by default:


$ kubectl apply -f https://raw.githubusercontent.com/kubesphere/ks-installer/master/kubesphere-minimal.yaml

Verify the real-time logs, when you see the following outputs, congratulation! You can access KubeSphere in your browser.


$ kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l app=ks-install -o jsonpath='{.items[0].metadata.name}') -f

#####################################################

###              Welcome to KubeSphere!           ###

#####################################################

Console: http://10.128.0.34:30880

Account: admin

Password: P@88w0rd

NOTES:

  1. After logging into the console, please check the

     monitoring status of service components in

     the "Cluster Status". If the service is not

     ready, please wait patiently. You can start

     to use when all components are ready.

  2. Please modify the default password after login.

#####################################################

Access KubeSphere console

In this guide, we’ll show you how to access KubeSphere console by changing service type to LoadBalancer.

Select Services & Ingress > ks-console, then click EDIT and modify the service type from NodePort to LoadBalancer.

Now, you can access KubeSphere Console using the Endpoints that was generated by GKE.

Note: In addition to changing the service type to LoadBalancer, you can also access KubeSphere console via NodeIP:NodePort, you may need to allow port 30880 in firewall rules.

Log in to KubeSphere console using default account admin / P@88w0rd, you’ll be able to see its dashboard.

Enable Pluggable Components

The above installation is only used for minimal installation by default, execute following command to enable more pluggable components installation, make sure your cluster has enough CPU and memory in advance.

For enabling DevOps, OpenPitrix and etcd monitoring installation, you have to create CA and etcd certificates in advance, see ks-installer for complete guide.


$ kubectl edit cm -n kubesphere-system ks-installer

2 Likes