kubeapps应用可以为Helm提供web UI界面管理。

一、部署kubeapps

首先需要添加一个第三方库:

[root@server1 helm]# helm repo add bitnami https://charts.bitnami.com/bitnami
"bitnami" has been added to your repositories
[root@server1 helm]# 
[root@server1 helm]# helm search repo kubeapps
NAME            	CHART VERSION	APP VERSION	DESCRIPTION                                       
bitnami/kubeapps	3.6.0        	v1.10.0    	Kubeapps is a dashboard for your Kubernetes clu...

最新的版本是3.6.0,我们使用3.4.3,拉取解压部署文件:

[root@server1 helm]# helm pull bitnami/kubeapps --version 3.4.3
[root@server1 helm]# ls
kubeapps-3.4.3.tgz  nfs-client-provisioner            nginx-ingress             pvc.yaml
mychart             nfs-client-provisioner-1.2.8.tgz  nginx-ingress-1.36.3.tgz
[root@server1 helm]# tar zxf kubeapps-3.4.3.tgz 
[root@server1 helm]# ls
kubeapps            mychart                 nfs-client-provisioner-1.2.8.tgz  nginx-ingress-1.36.3.tgz
kubeapps-3.4.3.tgz  nfs-client-provisioner  nginx-ingress                     pvc.yaml
[root@server1 helm]# cd kubeapps/
[root@server1 kubeapps]# ls
charts  Chart.yaml  crds  README.md  requirements.lock  requirements.yaml  templates  values.schema.json  values.yaml

可以发现对比以前的应用多了一个requirements.yaml文件,这个文件定义了应用的依赖性:

[root@server1 kubeapps]# cat requirements.yaml 
dependencies:
  - name: mongodb
    version: ">= 0"
    repository: https://kubernetes-charts.storage.googleapis.com
    condition: mongodb.enabled
  - name: postgresql
    version: ">= 0"
    repository: https://kubernetes-charts.storage.googleapis.com
    condition: postgresql.enabled

可以看出其依赖mongodb以及postgresql。

部署kubeapps需要的镜像:

helm上传到harbor helm部署应用_运维可以在变量文件中查看镜像的版本,为了方便这里新建了一个harbor项目bitnami(文件中的镜像就是这个地址)。

编辑变量文件:

[root@server1 kubeapps]# vim values.yaml 

默认镜像仓库为docker.io我们需要在全局指定我们的镜像仓库:
helm上传到harbor helm部署应用_服务器_02使用helm v3版本:
helm上传到harbor helm部署应用_服务器_03
打开ingress并指定主机名:
helm上传到harbor helm部署应用_服务器_04

定义初始化仓库:helm上传到harbor helm部署应用_kubeapps_05其他的我们不做更改。

安装:

[root@server1 kubeapps]# kubectl create namespace kubeapps
namespace/kubeapps created

[root@server1 kubeapps]# helm -n kubeapps install kubeapps .

等待一会查看状态:

[root@server1 kubeapps]# kubectl -n kubeapps get all
NAME                                                             READY   STATUS      RESTARTS   AGE
pod/apprepo-kubeapps-sync-bitnami-1589314200-j8w4d               0/1     Completed   0          28m
pod/apprepo-kubeapps-sync-bitnami-1589314800-6rcsc               0/1     Completed   0          18m
pod/apprepo-kubeapps-sync-bitnami-1589315400-86k5k               0/1     Completed   4          8m2s
pod/apprepo-kubeapps-sync-bitnami-nzpwn-7nt47                    0/1     Completed   2          115m
pod/apprepo-kubeapps-sync-stable-1589314200-j5h4j                0/1     Completed   0          28m
pod/apprepo-kubeapps-sync-stable-1589314800-xnsnm                0/1     Completed   0          18m
pod/apprepo-kubeapps-sync-stable-1589315400-n79lb                0/1     Completed   0          8m2s
pod/apprepo-kubeapps-sync-stable-f2m2x-7bsfb                     0/1     Completed   0          115m
pod/kubeapps-6688575df9-cqt2m                                    1/1     Running     0          116m
pod/kubeapps-6688575df9-j7qx6                                    1/1     Running     0          116m
pod/kubeapps-internal-apprepository-controller-8cdf54665-d7fgv   1/1     Running     0          116m
pod/kubeapps-internal-assetsvc-6b94785ffb-6rwzm                  1/1     Running     3          116m
pod/kubeapps-internal-assetsvc-6b94785ffb-vvk9l                  1/1     Running     2          116m
pod/kubeapps-internal-dashboard-6b65678647-54vc4                 1/1     Running     0          116m
pod/kubeapps-internal-dashboard-6b65678647-dpkms                 1/1     Running     0          116m
pod/kubeapps-internal-kubeops-59887fdbf8-hgqpr                   1/1     Running     0          116m
pod/kubeapps-internal-kubeops-59887fdbf8-mm9x8                   1/1     Running     0          116m
pod/kubeapps-mongodb-685d4c95d9-lmr2h                            1/1     Running     0          116m

NAME                                  TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)     AGE
service/kubeapps                      ClusterIP   10.104.41.207   <none>        80/TCP      116m
service/kubeapps-internal-assetsvc    ClusterIP   10.107.221.83   <none>        8080/TCP    116m
service/kubeapps-internal-dashboard   ClusterIP   10.102.5.115    <none>        8080/TCP    116m
service/kubeapps-internal-kubeops     ClusterIP   10.102.76.222   <none>        8080/TCP    117m
service/kubeapps-mongodb              ClusterIP   10.104.39.53    <none>        27017/TCP   116m

NAME                                                         READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/kubeapps                                     2/2     2            2           116m
deployment.apps/kubeapps-internal-apprepository-controller   1/1     1            1           116m
deployment.apps/kubeapps-internal-assetsvc                   2/2     2            2           116m
deployment.apps/kubeapps-internal-dashboard                  2/2     2            2           116m
deployment.apps/kubeapps-internal-kubeops                    2/2     2            2           116m
deployment.apps/kubeapps-mongodb                             1/1     1            1           116m

NAME                                                                   DESIRED   CURRENT   READY   AGE
replicaset.apps/kubeapps-6688575df9                                    2         2         2       116m
replicaset.apps/kubeapps-internal-apprepository-controller-8cdf54665   1         1         1       116m
replicaset.apps/kubeapps-internal-assetsvc-6b94785ffb                  2         2         2       116m
replicaset.apps/kubeapps-internal-dashboard-6b65678647                 2         2         2       116m
replicaset.apps/kubeapps-internal-kubeops-59887fdbf8                   2         2         2       116m
replicaset.apps/kubeapps-mongodb-685d4c95d9                            1         1         1       116m

NAME                                                 COMPLETIONS   DURATION   AGE
job.batch/apprepo-kubeapps-sync-bitnami-1589314200   1/1           14s        28m
job.batch/apprepo-kubeapps-sync-bitnami-1589314800   1/1           17s        18m
job.batch/apprepo-kubeapps-sync-bitnami-1589315400   1/1           2m31s      8m2s
job.batch/apprepo-kubeapps-sync-bitnami-nzpwn        1/1           6m         115m
job.batch/apprepo-kubeapps-sync-stable-1589314200    1/1           27s        28m
job.batch/apprepo-kubeapps-sync-stable-1589314800    1/1           26s        18m
job.batch/apprepo-kubeapps-sync-stable-1589315400    1/1           22s        8m2s
job.batch/apprepo-kubeapps-sync-stable-f2m2x         1/1           3m43s      115m

NAME                                          SCHEDULE       SUSPEND   ACTIVE   LAST SCHEDULE   AGE
cronjob.batch/apprepo-kubeapps-sync-bitnami   */10 * * * *   False     0        8m9s            115m
cronjob.batch/apprepo-kubeapps-sync-stable    */10 * * * *   False     0        8m9s            115m

可以看出创建了两个cronjob,每隔10分钟同步我们定义的两个仓库。

部署成功

二、kubeapps的登陆

首先需要做解析:

[root@foundation63 ~]# cat /etc/hosts
......
172.25.63.3 kubeapps.redhat.org www1.westos.org www2.westos.org www3.westos.org 

浏览器访问kubeapps.redhat.org
helm上传到harbor helm部署应用_服务器_06需要token登陆,因此我们需要创建sa并为其附加cluster-admin的权限:

[root@server1 kubeapps]# kubectl create serviceaccount kubeapps-operator -n kubeapps 
serviceaccount/kubeapps-operator created
[root@server1 kubeapps]# 
[root@server1 kubeapps]# kubectl -n kubeapps get sa
NAME                                         SECRETS   AGE
default                                      1         122m
kubeapps-internal-apprepository-controller   1         122m
kubeapps-internal-kubeops                    1         122m
kubeapps-operator                            1         6s
[root@server1 kubeapps]# 
[root@server1 kubeapps]# kubectl create clusterrolebinding kubeapps-operator --clusterrole=cluster-admin --serviceaccount=kubeapps:kubeapps-operator
clusterrolebinding.rbac.authorization.k8s.io/kubeapps-operator created

查看token:

[root@server1 kubeapps]# kubectl -n kubeapps describe sa kubeapps-operator 
Name:                kubeapps-operator
Namespace:           kubeapps
Labels:              <none>
Annotations:         <none>
Image pull secrets:  <none>
Mountable secrets:   kubeapps-operator-token-5gb84
Tokens:              kubeapps-operator-token-5gb84
Events:              <none>
[root@server1 kubeapps]# kubectl -n kubeapps describe secrets kubeapps-operator-token-5gb84
Name:         kubeapps-operator-token-5gb84
Namespace:    kubeapps
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: kubeapps-operator
              kubernetes.io/service-account.uid: aa9f9695-e250-4f89-962b-225e375a198d

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1025 bytes
namespace:  8 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6Ilp5SmtWcG42LUZiMGhaR3Rac3dUT01HQ0RkdFpvaE00ZkNGNnJuend6dmMifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlYXBwcyIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlYXBwcy1vcGVyYXRvci10b2tlbi01Z2I4NCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlYXBwcy1vcGVyYXRvciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImFhOWY5Njk1LWUyNTAtNGY4OS05NjJiLTIyNWUzNzVhMTk4ZCIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlYXBwczprdWJlYXBwcy1vcGVyYXRvciJ9.ecyGNwfTqXS7JyhNFXqjfS0iYZT5lbwE0iRETJHOqNF75w1DzVD88RNQ8ofgWqqQtPTJXDCyEkSmKaRR0re55DAifdvmx5qtySN07j7sjznsoNk1doKKWRMjV_zBzNGfB-XPL1JGgDPP2pTRR6_sBnpG2mhS6RhJ3fcVjgJF_B10LXw6Fhi-HeyAMhY9i4hAtWb6sDOkPGPp4NTJTQhlgDWRg7HHGrfW-v-gsvUzIl8Rn-sD3NXR6NRhuvenCdyTMbetVRrZrRa_tdSDjA6WA4c8qgVs_y5rROLsRb0-K1FEOnWV937GA8VCrS0mq-BCzGUP94_Z6DfgNMvxuHb4ig

复制token到网页端登陆:helm上传到harbor helm部署应用_服务器_07登陆成功。

三、kubeapps的使用

查看所有的namespace:

helm上传到harbor helm部署应用_docker_08上面展示的就是我们之前部署过的应用。

添加自己的chart库

因为我们仓库的地址为reg.westos.org,在pod内不能解析这个地址,因此我们首先需要添加pod内解析:

[root@server1 kubeapps]# kubectl -n kube-system get cm
NAME                                 DATA   AGE
coredns                              1      25d
extension-apiserver-authentication   6      25d
kube-flannel-cfg                     2      25d
kube-proxy                           2      25d
kubeadm-config                       2      25d
kubelet-config-1.18                  1      25d
[root@server1 kubeapps]# kubectl -n kube-system edit cm coredns
configmap/coredns edited

helm上传到harbor helm部署应用_运维_09之后网页端添加仓库:
helm上传到harbor helm部署应用_kubernetes_10helm上传到harbor helm部署应用_kubeapps_11
信息填写完成后安装。
helm上传到harbor helm部署应用_kubernetes_12

安装后会进行同步。

[root@server1 kubeapps]# kubectl -n kubeapps get pod
NAME                                                         READY   STATUS              RESTARTS   AGE
......
apprepo-kubeapps-sync-mychart-5xqzz-mh72q                    0/1     Completed           0          49s
apprepo-kubeapps-sync-mychart-c6m9f-qlgk9                    0/1     ContainerCreating   0          27s
apprepo-kubeapps-sync-mychart-q5kbv-kngz4                    0/1     Completed           0          30s
......

同步完成后会显示Completed。

在网页端就可以搜到:
helm上传到harbor helm部署应用_kubeapps_13点进入可以看到两个版本0.1.0和0.2.0:
helm上传到harbor helm部署应用_docker_14

使用chart部署ingress-nginx应用

点击Deploy:
helm上传到harbor helm部署应用_运维_15更改部署文件,使用ingress:
helm上传到harbor helm部署应用_kubernetes_16
更改后提交,等待一会变成ready:
helm上传到harbor helm部署应用_docker_17测试访问:
helm上传到harbor helm部署应用_kubeapps_18

部署成功。

更新应用

helm上传到harbor helm部署应用_kubeapps_19
点击Upgrade,更改版本号:

helm上传到harbor helm部署应用_运维_20更改后点击提交:
helm上传到harbor helm部署应用_运维_21再次访问发现应用已更新:

helm上传到harbor helm部署应用_kubernetes_22

应用回滚

helm上传到harbor helm部署应用_kubeapps_23

helm上传到harbor helm部署应用_服务器_24等待ready后,再次测试访问:

helm上传到harbor helm部署应用_运维_25可以看出已经回滚到了v1.

应用删除

helm上传到harbor helm部署应用_服务器_26

可以看出通过kubeapps图形部署应用极大的简化了我们部署helm应用的过程。