Kubernetes Dashboard Terminator: KubeSphere
In July 2018, Qingyun launched a new container platform — KubeSphere at the Cloud Insight Cloud Computing Summit, which aims to help enterprises manage containers quickly and at a low cost. And KubeSphere itself is open source, it is based on Kubernetes to build a distributed, multi-tenant, enterprise-level open source container platform, with strong and perfect network and storage capacity, and through minimal human-computer interaction to provide perfect multi-cluster management, CI/CD, micro-service governance, application management and other functions. It helps enterprises quickly build, deploy, and operate container architectures on heterogeneous infrastructures such as cloud, virtualization, and physical machines, realizing agile application development and full life cycle management.
The latest version of KubeSphere is premium 2.0.2, and all versions are 100% open source. Its Dashboard looks like this:
KubeSphere main interface
Istio microservice governance interface
Multi-dimensional monitoring interface
This is a much higher level of appearance than the Kubernetes Dashboard. If you are interested, you can give a Github Star to encourage you to develop your app. Kubesphere. IO
KubeSphere provides two installation methods: one is to install KubeSphere and K8S cluster, and the other is to install KubeSphere on an existing K8S cluster. I’m sure most users will want to install on their existing cluster, but there are a lot of weird holes in the official documentation, and this article will fill them out for you.
1. Environment preparation
Of course, some students may be as obsessive as I am, even if there is no ready-made Kubernetes environment, I do not want KubeSphere to give me a whole family bucket, or want to build their own K8S cluster, how to do, binary deployment is boring ah, like me this kind of novice does not have a long time to deal with. Is there a quick and easy way to build a cluster in 10 minutes? Yes, just use SEALos to install all dependencies across hosts with a single command, no ansible, no SSH login to other machines, a few preparations are required before installation:
- Docker is installed and started on all nodes
- Download the Kubernetes offline installation package
- Download the latest sealOS (current stable version 2.0.4)
My machine plan looks like this:
| Hostname | IP | Role |
|---|---|---|
| sealos-node1 | 192.168.0.2 | master |
| sealos-node2 | 192.168.0.3 | node |
| sealos-node3 | 192.168.0.4 | node |
The installation steps are as follows:
1. Run the following command on master:
$SEALos init --master 192.168.0.2 --node 192.168.0.3 --node 192.168.0.4 --user root --passwd password \ --version v1.14.5 \ --pkg-url /root/kube1.14.5.tar.gzCopy the code2. No.
No more. If you want to know how it works, please check the official sealOS documentation.
Now, the installation of KubeSphere will begin.
2. Install KubeSphere
1. Clone kS-Installer repository to master node:
$ git clonehttps://github.com/kubesphere/ks-installer - the advanced - 2.0.2 bCopy the codeKubesphere -system; kubesphere-monitoring- System; kubesphere-monitoring-system;
Create Kubernetes CA certificate Secret
Note: Use the ca.crt and ca.key certificate paths to create clusters. Kubeadm Generally uses /etc/kubernetes/pki paths to create clusters.
$ kubectl -n kubesphere-system create secret generic kubesphere-ca \
--from-file=ca.crt=/etc/kubernetes/pki/ca.crt \
--from-file=ca.key=/etc/kubernetes/pki/ca.key
Copy the code4, create etCD certificate Secret.
Note: The etCD certificate is created based on the actual location of the cluster.
- If a certificate has been configured on etCD, perform the following steps to create one:
$ kubectl -n kubesphere-monitoring-system create secret generic kube-etcd-client-certs \
--from-file=etcd-client-ca.crt=/etc/kubernetes/pki/etcd/ca.crt \
--from-file=etcd-client.crt=/etc/kubernetes/pki/etcd/healthcheck-client.crt \
--from-file=etcd-client.key=/etc/kubernetes/pki/etcd/healthcheck-client.key
Copy the code- Create empty Secret if etcd is not configured with a certificate (the following command applies to the Kubernetes cluster environment created by Kubeadm) :
$ kubectl -n kubesphere-monitoring-system create secret generic kube-etcd-client-certs
Copy the codeHere is a cluster built using SEALOS, you can get its certificate by looking at etCD’s resource manifest file:
5. Modify deployment files
Due to the large number of components involved in KubeSphere deployment, there will be a number of confusing potholes during the installation process, and you may encounter the following problems:
** Problem 1: ** If metrics_server_enable is already installed in the cluster, you need to set metrics_server_enable to False in the configuration file. I don’t have this component installed in my cluster, so I don’t need to set it to False.
** Question 2: ** Stuck on Waitting for KS-Sonarqube port to become open during installation, the node can access Sonarqube normally through NodePort, the problem is not resolved, Since this is an operation that does not affect the global installation, set sonarqube_enable to False in the configuration file as well.
** Problem 3: ** If the current cluster resources are insufficient, you can temporarily cancel isTIO installation and enable ISTIO later.
** Question 4: **KubeSphere’s components use persistent storage by default. You need to make sure there is a default StorageClass resource object in the cluster. If not, you just want to temporarily deploy a demo. You can set the enable in persistence to false in the configuration file.
The configuration file I ended up using to install KubeSphere is as follows:
Kube_apiserver_host is the APIServer address of the existing cluster, and etcd_endpoint_ips is the IP address of the node where etCD resides. The default port number is 2379. If you are in cluster etCD mode, you can enter multiple node IP addresses separated by commas (,). Set False for components that do not need to be installed.
6, custom Docker image.
Since logs cannot be disabled in ConfigMap, you can only forcibly change ansible Playbook. Kubesphere. Yaml: Ks-Logging: kubesphere.
Then modify the Dockerfile and replace Helm V2 with Helm V3 because, you know, I don’t want tiller installed. The modified Dockerfile contents are as follows:
Finally, rebuild the image, change the image of the Deployment file to a custom image, and then deploy directly:
$ kubectl apply -fdeploy/kubesphere.yaml $ kubectl -n kubesphere-system get pod NAME READY STATUS RESTARTS AGE ks-account-585846bd44-mt7ss 1/1 Running 0 3h9m ks-apigateway-7d77cb9495-hxgz8 1/1 Running 0 3h9m ks-apiserver-697c5f4859-dsbmm 1/1 Running 0 3h7m ks-console-5b8fbf45c4-7hxrw 1/1 Running 0 3h8m ks-console-5b8fbf45c4-hj4bj 1/1 Running 0 3h8m ks-controller-manager-7497f6c944-4k8wd 1/1 Running 0 3h8m ks-docs-65999c97c9-5f9z7 1/1 Running 0 3h37m kubesphere-installer-6j49s 0/1 Completed 0 3h10m openldap-78df9f7b47-wvs5n 1/1 Running 0 3h38m redis-99f5985b8-2d62q 1/1 Running 0 3h38m $ kubectl -n kubesphere-system get job NAME COMPLETIONS DURATION AGE kubesphere-installer 1/1 2m9s 3h10mCopy the codeKubeSphere was successfully installed if the Job was completed.
We can create an IngressRoute object to access KubeSphere:
Add the domain information to hosts on your local computer to access KubeSphere’s Dashboard in your browser.
The default cluster administrator account is:
- User name: admin
- Password: P @ 88 w0rd
For details, please refer to the official documentation: kubesphere. IO /docs/ zh-cn /
3. Reference materials
- Install KubeSphere on an existing Kubernetes cluster
Wechat official account
Scan the following QR code to follow the wechat public account, in the public account reply ◉ plus group ◉ to join our cloud native communication group, and Sun Hongliang, Zhang Curator, Yang Ming and other leaders to discuss cloud native technology
