Install on Kubernetes (Online)

Prerequisites

This guide is for online installation, make sure your Kubernetes cluster meets the prerequisites below, see Prerequisites for more details.

  • Kubernetes Version: from 1.13.0 to 1.15.x
  • Helm Version: >= 2.10.0
  • Available Memory: >= 10 G
  • Already have Storage Class (Recommended)

Installing KubeSphere

  1. You need to create 2 namespaces in Kubernetes cluster, namely, kubesphere-system and kubesphere-monitoring-system.
  1. $ cat <<EOF | kubectl create -f -
  2. ---
  3. apiVersion: v1
  4. kind: Namespace
  5. metadata:
  6.     name: kubesphere-system
  7. ---
  8. apiVersion: v1
  9. kind: Namespace
  10. metadata:
  11.     name: kubesphere-monitoring-system
  12. EOF
  1. Create a Secret of CA certificate of your current Kubernetes cluster.

Attention: Follow the certificate paths of ca.crt and ca.key to create this secret.

  1. kubectl -n kubesphere-system create secret generic kubesphere-ca  \
  2. --from-file=ca.crt=/etc/kubernetes/pki/ca.crt  \
  3. --from-file=ca.key=/etc/kubernetes/pki/ca.key
  1. Create an ETCD‘s Secret of certificate.

Attention: Create the secret according to the your actual path for the k8s cluster;

  • If the ETCD has been configured with certificates, refer to the following step:
  1. $ kubectl -n kubesphere-monitoring-system create secret generic kube-etcd-client-certs  \
  2. --from-file=etcd-client-ca.crt=/etc/kubernetes/pki/etcd/ca.crt  \
  3. --from-file=etcd-client.crt=/etc/kubernetes/pki/etcd/healthcheck-client.crt  \
  4. --from-file=etcd-client.key=/etc/kubernetes/pki/etcd/healthcheck-client.key
  • If the ETCD has been not configured with certificates, create an empty Secret (The following command is suitable for Kubernetes cluster created by Kubeadm):
  1. $ kubectl -n kubesphere-monitoring-system create secret generic kube-etcd-client-certs
  1. Clone the repository to Kubesphere-installer to local.
  1. $ git clone https://github.com/kubesphere/ks-installer.git
  1. Enter into ks-installer. Then install KubeSphere on existing Kubernetes cluster.
  1. $ cd deploy
  3. $ vim kubesphere-installer.yaml   
  4. # According to the parameter table at the bottom, replace the value of "kubesphere-config" in "kubesphere-installer.yaml" file with your current Kubernetes cluster parameters (If the ETCD has no certificate, set etcd_tls_enable: False).
  6. $ kubectl apply -f kubesphere-installer.yaml
  1. Inspect the logs of installer, waiting for the successful logs appear.
  1. kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l job-name=kubesphere-installer -o jsonpath='{.items[0].metadata.name}') -f
  1. Finally, check console’s service port. Use IP:30880 to visit KubeSphere login page. The default cluster administration account is admin/P@88w0rd.
  1. $ kubectl get svc -n kubesphere-system | grep 30880
  2. # Inspect the NodePort of ks-console, it's 30880 by default.

Online Installation - 图1

Parameter Table

ParameterDescriptionDefault
kube_apiserver_hostThe address of kube-apiserver of your current Kubernetes cluster(i.e. IP:NodePort)
etcd_tls_enableWhether to enable etcd TLS certificate authentication(True / False)True
etcd_endpoint_ipsEtcd addresses, such as ETCD clusters, you need to separate IPs by commas(e.g.192.168.0.7,192.168.0.8,192.168.0.9)
etcd_portETCD Port (2379 by default, you can configure this parameter if you are using another port)2379
disableMultiLogin Whether to turn off multipoint login for accounts   (True / False)True
elk_prefixLogging index logstash 
keep_log_daysLog retention time (days)7
metrics_server_enablewhether to install metrics_server    (True / False)True
sonarqube_enablewhether to install Sonarqube           (True / False)True
istio_enablewhether to install Istio           (True / False)True
persistenceenableWhether the persistent storage server is enabled   (True / False)(It is recommended tp enable persistent storage in a formal environment)
storageClassEnabling persistent storage requires that the storageClass has been created already in the cluster (The default value is empty, which means it’ll use default StorageClass)“”
containersLogMountedPath(Optional)Mount path of container logs“/var/lib/docker/containers”
external_es_url(Optional)External Elasticsearch address, it supports integrate your external ES or install internal ES directly. If you have ES, you can directly integrate it into KubeSphere
external_es_port(Optional)External ES port, supports integrate external ES
local_registry (Offline installation only)Integrate with the local repository when deploy on offline environment(To use this parameter, import the installation image into the local repository using “scripts/downloader-docker-images.sh”)

Future Plan

  • Support multiple public cloud network plugins and storage plugins
  • Decouple component. Use pluggable design to lighten the installation and improve resource efficiency.