Kubeapps and Harbor better together

Posted on by OpensO

19

I’m excited! From the announcement that VMware was to acquire Bitnami.

I and my colleges Roei (@roie9876@gmail.com) and Barak Shrefler wrote on Kubeaaps almost a year ago in our first blog “Kubeapps on PKS” as we tried to find the best Helm chart catalogue to make k8s application consumption easier.

I won’t elaborate on Helm (you can read all about it online), but I would like to focus on installing Kubeapps on top of PKS via Harbor as the Helm chart repository. With that process you can install Kubeapps in air gaped environment after you check the TGZ chart file (that’s the chart package). In the next version of Harbor (1.8) you can also add Harbor as one of the repositories to Kubeapps and than use Harbor as the repository and Kubeapps as the front end service catalogue for consumption.

This blog will be more on Harbor chart’s functionalities with Kubeapps if you want to see a great blog to install Kubeapps on k8s there’s a blog from one of my colleagues, Bjoern Brundert.

Lets go

First, we need to add Harbor as one of our Helm chart repositories I’m doing it from an Ubuntu management server. List the repo of Helm on the machine:

1

Add Harbor as Helm repo:

2

To install Kubeapps from Harbor offline, we need to download the Kubeapps Chart, check the file to know there is no malware or viruses and push it to Harbor repo internally so we can install it offline. First, we need to download the chart from Bitnami repo:

3

To download the chart, we use the Helm Fetch command:

4

Now we can check the TGZ file for viruses and malware prior to pushing it to Harbor. There are other charts you will need to pull and make sure you have it offline as prerequisites for the installation those can be inside Harbor as well. One of the main charts is MongoDB, the configuration of the repository to pull from can be found in prerequisites.yaml

18

Do the same process with MongoDB chart and change the repo to the local Harbor one. More details on pulling and pushing docker charts to Harbor here.

After the relevant checks to the TGZ file we can push it to Harbor with Helm Push command:

20

In Harbor, we can see the chart under Project/Library helm chart label

5

Now to install the chart from Harbor:

6

As you can see from the print screen, first I have searched Harbor repo to make sure I can use the Kubeapps chart internally.

helm install --name kubeapps --namespace kubeapps harbor/library/kubeapps

The installation command has two parameters needed for the installation on PKS:

  1. Network service type: the installation of Kubeapps is on Enterprise PKS platform, as part of that any network aspect is taking care of by NSX-T. The exposure of Kubeapps will be through LB that will be assigned from NSX-T.
  2. MongoDB parameter – change the default IP version to IPv4 from IPv6

A few seconds later:

7

Do Kubectl get SVC to get the external IP of Kubeapps:

8

It’s recommended creating an FQDN DNS record for Kubeapps

9

Some prerequisites on the k8s cluster side, create a service account for Kubeapps

kubectl create serviceaccount kubeapps-operator
kubectl create clusterrolebinding kubeapps-operator --clusterrole=cluster-admin --serviceaccount=default:kubeapps-operator

Get the user token for the User:

kubectl get secret $(kubectl get serviceaccount kubeapps-operator -o jsonpath='{.secrets[].name}') -o jsonpath='{.data.token}' | base64 --decode

10

Login into Kubeapps web console with the token you got above:

21.png

In the main console, we can see Helm charts from different repositories, we can also see a combo for Namespace the NS you will choose here will be the one that the installation of the chart will be on:

13

Let’s move over the default Helm repositories:

14

You can see the default charts that are part of the Kubeapps installation, in the main console you can see on each chart the indication of the chart repo he is in

22.png

The next step will be to configure Helm as one of the repositories inside Kubeapps so you can install the Helm charts internally from Harbor. Unfortunately, the function of configuring ext_url to expose the helm repo in Harbor will be in the next version of 1.8 (according to the community) so stay tuned ill update the blog accordingly. Just so you know how to, you will need to ass new repo to the list:

1615

The link that is shown in the URL is the one to use in the command line to pull/push.

Now that we (VMware) have the service catalogue layer (Bitnami offerings) to expose Helm chart with a comprehensive platform to create, maintain and manage multiple k8s clusters and the ability to support upstream k8s with a full stack of consulting and educating services around it (ex-Heptio offerings) I’m more than confident that we can lead the way into cloud-native for all of our customers!

Exciting times!

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.