Deploy KubeSphere on GKE

Edit

KubeSphere+GKE

This guide walks you through the steps of deploying KubeSphere on Google Kubernetes Engine.

Prepare a GKE cluster

At first, a standard Kubernetes in GKE is a prerequisite of installing KubeSphere. We create a GKE cluster with 1.14.8-gke.17 in this demo, and choose the n1-standard-2 (2 vCPU, 7.5 GB memory) and three nodes in Machine configuration.

Note:

  • n1-standard-2 (2 vCPU, 7.5 GB memory) is the minimal requirement. It is recommended to choose higher machine configuration for production environment.
  • n1-standard-2 (2 vCPU, 7.5 GB memory) is used for minimal installation of KubeSphere. If you want to install any pluggable component, you need to provide more machine resource. Please see Enabling pluggable components installation for more information.
  • Supported Kubernetes versions: 1.15 ≤ K8s version ≤ 1.17 for KubeSphere 2.1.1; 1.13.0 ≤ K8s version ≤ 1.15 for KubeSphere 2.1.0.

Choose GKE

Prepare Machines

Create Tiller Service Account

KubeSphere v2.1 requires Helm (>= v2.10.0 and < 3.0, excluding v2.16.0) to continue the installation. By default, Tiller is not installed on GKE, thus we need to install Tiller first.

When GKE cluster is ready, we can connect to Cloud Shell.

Cloud Shell

Here, we create helm-rbac.yaml in GKE as follows.

  1. apiVersion: v1
  2. kind: ServiceAccount
  3. metadata:
  4.   name: tiller
  5.   namespace: kube-system
  6. ---
  7. apiVersion: rbac.authorization.k8s.io/v1
  8. kind: ClusterRoleBinding
  9. metadata:
  10.   name: tiller
  11. roleRef:
  12.   apiGroup: rbac.authorization.k8s.io
  13.   kind: ClusterRole
  14.   name: cluster-admin
  15. subjects:
  16.   - kind: ServiceAccount
  17.     name: tiller
  18.     namespace: kube-system

Let’s create these resources using kubectl.

  1. kubectl apply -f helm-rbac.yaml

Deploy Tiller

Initialize Helm using the following command.

  1. helm init --service-account=tiller --tiller-image=gcr.io/kubernetes-helm/tiller:v2.14.1 --history-max 300

Check the Tiller status using kubectl. When it displays 1/1, it means you are ready to continue.

  1. kubectl get deployment tiller-deploy -n kube-system

Install KubeSphere

Install KubeSphere using kubectl. The following command is only to start the default minimal installation.

  1. kubectl apply -f https://raw.githubusercontent.com/kubesphere/ks-installer/master/kubesphere-minimal.yaml

Verify the real-time logs, when you see the following outputs, congratulation! You can access KubeSphere in your browser.

  1. $ kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l app=ks-install -o jsonpath='{.items[0].metadata.name}') -f
  4. #####################################################
  5. ###              Welcome to KubeSphere!           ###
  6. #####################################################
  7. Console: http://10.128.0.34:30880
  8. Account: admin
  9. Password: P@88w0rd
  10. NOTES
  11.   1. After logging into the console, please check the
  12.      monitoring status of service components in
  13.      the "Cluster Status". If the service is not
  14.      ready, please wait patiently. You can start
  15.      to use when all components are ready.
  16.   2. Please modify the default password after login.
  17. #####################################################

Access KubeSphere console

In this section, we will show you how to access KubeSphere console by changing service type to LoadBalancer.

K8s Dashboard

Select Services & Ingress > ks-console, then click EDIT and modify the service type from NodePort to LoadBalancer.

ks-console service

Now, you can access KubeSphere console using the endpoint that was generated by GKE.

ks-console endpoint

Note: In addition to changing the service type to LoadBalancer, you can also access KubeSphere console via NodeIP:NodePort. You may need to allow port 30880 in firewall rules.

Log in KubeSphere console using the default account admin / P@88w0rd. You will see the dashboard as shown in the following screenshot.

KubeSphere Dashboard

Enable Pluggable Components (Optional)

The installation above is only used for a default minimal installation. Execute the following command to open the configmap in order to enable more pluggable components. Make sure your cluster has enough CPU and memory. Please see Configuration Table for the requirements and Enable Pluggable Components for the instructions.

If you want to enable DevOps or Etcd monitoring, please create CA and Etcd certificates first. See ks-installer for detailed guide.

  1. kubectl edit cm -n kubesphere-system ks-installer