Kubeapp by Bitnami Over PKS

Authored by:

Oren Penso (Twitter: @openso)
Roie Ben-haim (Twitter: @roie9876)
Barak Shrefler


Kubeapps is a Kubernetes dashboard that supercharges your Kubernetes cluster over PKS as infrastructure, with simple browse and click deployment of apps in any format.

Building on Bitnami’s contributions to leading open source projects, Kubeapps provides a complete application delivery environment that empowers users to launch, review and share applications

Getting started here:



Kubeapps is a set of tools that give you the following abilities:

  • Your own applications dashboard, allowing you to deploy Kubernetes-ready applications into your cluster with a single click.
  • Kubeless – a Kubernetes-native Serverless Framework, compatible with serverless.com.
  • SealedSecrets – a SealedSecret can be decrypted only by the controller running in the cluster and nobody else (not even the original author)

Installation instruction over PKS infrastructure

Step 1, making the infrastructure ready:

Spin up a new cluster with PKS, have a routed network from the nodes and pods to the internet. Create a new Name Space for Kubeapp. we need to be able works with Dynamic Persistent Volume (PVC), so the first thing is to configure Storage Class with a YAML file as follow

Create Storage Class YAML file

kind: StorageClass

apiVersion: storage.k8s.io/v1


name: thin-disk

provisioner: kubernetes.io/vsphere-volume


diskformat: thin

run the following command:

kubectl create -f sc.yaml

Expected output:

storageclass “thin-disk” created

run the following command for verification:

kubectl get sa

Expected output:

# NAME                                   SECRETS   AGE

# caceb30a-b97c-4070-852a-ba31ca4c7e40   1         5m

# default                                1         32m


Setting up the SC as default. (when setting up the SC as default, there is no need to use the annotation in the PVC manifest file)

kubectl patch storageclass thin-disk -p ‘{“metadata”: {“annotations“:{“storageclass.kubernetes.io/is-default-class“:”true“}}}’

Expected output:

# storageclass “thin-disk” patched


Create Dynamic Persistent Volume Claim

kind: PersistentVolumeClaim

apiVersion: v1


name: pvc




– ReadWriteOnce



storage: 1Gi


Deploy the PVC

kubectl create -f pv.yaml -n kubeapps

Expected output:

persistentvolumeclaim “pvc” created



Step 2, Install Kubeapps:

Curl the installation:

curl -s https://api.github.com/repos/kubeapps/kubeapps/releases/latest | grep –i $(uname -s) | grepbrowser_download_url | cut -d ‘”‘ -f 4 | wget –i –



Prepper the installation files:

sudo mv kubeapps-$(uname -s| tr ‘[:upper:]’ ‘[:lower:]’)-amd64 /usr/local/bin/kubeapps

sudo chmod +x /usr/local/bin/kubeapps


run the kubeapps command:

kubeapps up


Change the kubeapps SVC to type Load Balancer:


cat kubeapps-svc.yaml

apiVersion: v1

kind: Service



kubecfg.ksonnet.io/garbage-collect-tag: bitnami/kubeapps



app: kubeapps

created-by: kubeapps

name: kubeapps

name: kubeapps

namespace: kubeapps




– port: 8080

protocol: TCP

targetPort: http


app: kubeapps

name: kubeapps

sessionAffinity: None

type: LoadBalancer


delete the current kubeapps svc:

kubectl delete svc kubeapps -n kubeapps


create new kubeapps svc:

kubectl create -f kubeapps-svc.yaml -n kubeapps


get the service info:

kubectl get svc kubeapps -n kubeapps


see the output and the external network:

NAME       TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)          AGE

kubeapps   LoadBalancer   8080:30229/TCP   <invalid>

The IP address of the ingress is


Step 3, Create a Kubernetes API token


create service account called “kubeapps-operator” and give him permissions on the cluster

kubectl create serviceaccount kubeapps-operator

kubectl create clusterrolebinding kubeapps-operator —clusterrole=cluster-admin —serviceaccount=default:kubeapps-operator


get the login token for the Kubeapp dashboard

kubectl get secret $(kubectl get serviceaccount kubeapps-operator -o jsonpath=’{.secrets[].name}’) -ojsonpath='{.data.token}’ | base64 –decode


Token sample:


copy and paste the token output to the login page of the application

Open web browser to ingress IP: (Service external IP), and paste the API token from above:




Click Login, then you should see the Applications page that should have the application already deployed with kubeapps





Go to Charts, that’s the page publishing all the Helm charts from the central repository





Step 4, Deploy Word Press for example:





  1. Hit deploy @WordPress helm chart page
  2. Wait for the deployment to finish
  3. click on the URL to access the Word press application:




That’s it, you have deployed containers via Helm chart on top of PKS infrastructure 