文章目录

• 1. 部署kubeapps
• 1. kubeapps的登陆
• 1. kubeapps的使用
• 1. 使用chart部署ingress-nginx应用
• 1. 更新和回滚

1. 部署kubeapps

部署kubeapps应用，为Helm提供web UI界面管理

（1）首先需要添加一个第三方库

[kubeadm@server1 kubeapps]$ helm repo add bitnami https://charts.bitnami.com/bitnami
"bitnami" has been added to your repositories
[kubeadm@server1 kubeapps]$ helm search repo kubeapps
NAME                CHART VERSION    APP VERSION    DESCRIPTION                                       
bitnami/kubeapps    3.6.0            v1.10.0        Kubeapps is a dashboard for your Kubernetes clu...
[kubeadm@server1 kubeapps]$

（2）最新的版本是3.6.0，我们使用3.4.3，拉取解压部署文件

[kubeadm@server1 kubeapps]$ helm pull bitnami/kubeapps --version 3.4.3  //拉取3.4.3版本的bitnami/kubeapps
[kubeadm@server1 kubeapps]$ ls
kubeapps-3.4.3.tgz
[kubeadm@server1 kubeapps]$ tar zxf kubeapps-3.4.3.tgz 
[kubeadm@server1 kubeapps]$ ls
kubeapps  kubeapps-3.4.3.tgz
[kubeadm@server1 kubeapps]$ cd kubeapps/
[kubeadm@server1 kubeapps]$ ls
charts      crds       requirements.lock  templates           values.yaml
Chart.yaml  README.md  requirements.yaml  values.schema.json
[kubeadm@server1 kubeapps]$

（3）可以发现对比以前的应用多了一个requirements.yaml文件，这个文件定义了应用的依赖性

[kubeadm@server1 kubeapps]$ cat requirements.yaml 
dependencies:
  - name: mongodb
    version: ">= 0"
    repository: https://kubernetes-charts.storage.googleapis.com
    condition: mongodb.enabled
  - name: postgresql
    version: ">= 0"
    repository: https://kubernetes-charts.storage.googleapis.com
    condition: postgresql.enabled
[kubeadm@server1 kubeapps]$

可以看出其依赖mongodb以及postgresql

[root@server1 ~]# docker load -i kubeapps-3.4.3.tar // 将所有镜像的打包文件上传
[root@server1 ~]# for i in `docker images|grep bitnami|awk '{printf("%s:%s\n",$1,$2)}'`;do docker tag $i reg.westos.org/$i;done // 修改镜像上传名称
[root@server1 ~]# for i in `docker images|grep reg.westos.org/bitnami|awk '{print $1":"$2}'`;do docker push $i;done // 上传镜像到私有仓库
for i in `docker images|grep reg.westos.org/bitnami|awk '{print $1":"$2}'`;do docker rmi $i;done // 删除镜像
for i in `docker images|grep bitnami|awk '{print $1":"$2}'`;do docker rmi $i;done // 删除镜像防止占用空间

（4）部署kubeapps需要的镜像至harbor仓库

（5） 编辑变量values.yaml文件

默认镜像仓库为docker.io我们需要在全局指定我们的镜像仓库

[kubeadm@server1 kubeapps]$ vim values.yaml
global:
  imageRegistry: reg.westos.org  // 改写为你的私有仓库
useHelm3: true // 支持helm v3版本
ingress:     //打开ingress并指定主机名
  ## Set to true to enable ingress record generation
  ##
  enabled: true
  hostname: kubeapps.westos.org // 主机名
  initialRepos:      //定义初始化仓库
    - name: stable
      url: http://mirror.azure.cn/kubernetes/charts/
    - name: bitnami
      url: https://charts.bitnami.com/bitnami

![在这里插入图片描述](https://img-blog.csdnimg.cn/20200611182613197.png![在这里插入图片描述][watermark_type_ZmFuZ3poZW5naGVpdGk_shadow_10_text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl80MzkzNjk2OQ_size_16_color_FFFFFF_t_70 1]（6）安装部署

[kubeadm@server1 kubeapps]$ kubectl create namespace kubeapps // 创建kubeapps的namespace
namespace/kubeapps created
[kubeadm@server1 kubeapps]$ helm -n kubeapps install kubeapps .  // 部署kubeapps
NAME: kubeapps
LAST DEPLOYED: Wed May 13 22:02:12 2020
NAMESPACE: kubeapps
STATUS: deployed
REVISION: 1
NOTES:

等待一会查看状态

[kubeadm@server1 kubeapps]$ kubectl -n kubeapps get pod
NAME                                                         READY   STATUS    RESTARTS   AGE
apprepo-kubeapps-sync-bitnami-9bbtf-tskp8                    1/1     Running   0          47s
apprepo-kubeapps-sync-stable-scpsv-ctsqm                     1/1     Running   1          47s
kubeapps-6688575df9-2gtgb                                    1/1     Running   0          77s
kubeapps-6688575df9-w929g                                    1/1     Running   0          77s
kubeapps-internal-apprepository-controller-8cdf54665-tz8xr   1/1     Running   0          77s
kubeapps-internal-assetsvc-6b94785ffb-gg8v2                  1/1     Running   0          77s
kubeapps-internal-assetsvc-6b94785ffb-pt8vk                  1/1     Running   1          77s
kubeapps-internal-dashboard-6b65678647-knfsv                 1/1     Running   0          77s
kubeapps-internal-dashboard-6b65678647-n4xws                 1/1     Running   0          77s
kubeapps-internal-kubeops-59887fdbf8-45tmk                   1/1     Running   0          77s
kubeapps-internal-kubeops-59887fdbf8-m9c44                   1/1     Running   0          76s
kubeapps-mongodb-685d4c95d9-j9d84                            1/1     Running   0          77s
[kubeadm@server1 kubeapps]$
[kubeadm@server1 kubeapps]$ kubectl -n kubeapps get svc
NAME                          TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)     AGE
kubeapps                      ClusterIP   10.99.50.162     <none>        80/TCP      2m5s
kubeapps-internal-assetsvc    ClusterIP   10.109.59.64     <none>        8080/TCP    2m5s
kubeapps-internal-dashboard   ClusterIP   10.100.238.44    <none>        8080/TCP    2m5s
kubeapps-internal-kubeops     ClusterIP   10.106.236.117   <none>        8080/TCP    2m4s
kubeapps-mongodb              ClusterIP   10.97.156.50     <none>        27017/TCP   2m4s
[kubeadm@server1 kubeapps]$
[kubeadm@server1 kubeapps]$ kubectl -n kubeapps get deployments.apps 
NAME                                         READY   UP-TO-DATE   AVAILABLE   AGE
kubeapps                                     2/2     2            2           2m35s
kubeapps-internal-apprepository-controller   1/1     1            1           2m35s
kubeapps-internal-assetsvc                   2/2     2            2           2m35s
kubeapps-internal-dashboard                  2/2     2            2           2m35s
kubeapps-internal-kubeops                    2/2     2            2           2m35s
kubeapps-mongodb                             1/1     1            1           2m35s
[kubeadm@server1 kubeapps]$

可以看出创建了两个cronjob，每隔10分钟同步我们定义的两个仓库

[kubeadm@server1 kubeapps]$ kubectl -n kubeapps get cronjobs.batch 
NAME                            SCHEDULE       SUSPEND   ACTIVE   LAST SCHEDULE   AGE
apprepo-kubeapps-sync-bitnami   */10 * * * *   False     0        <none>          2m28s
apprepo-kubeapps-sync-stable    */10 * * * *   False     0        <none>          2m28s
[kubeadm@server1 kubeapps]$

部署成功

2. kubeapps的登陆

浏览器访问kubeapps.redhat.org

需要token登陆，因此我们需要创建sa并为其附加 cluster-admin 的权限

[kubeadm@server1 kubeapps]$ kubectl create serviceaccount kubeapps-operator -n kubeapps 
serviceaccount/kubeapps-operator created
[kubeadm@server1 kubeapps]$ kubectl -n kubeapps get sa
NAME                                         SECRETS   AGE
default                                      1         27m
kubeapps-internal-apprepository-controller   1         24m
kubeapps-internal-kubeops                    1         24m
kubeapps-operator                            1         7s
[kubeadm@server1 kubeapps]$ kubectl create clusterrolebinding kubeapps-operator --clusterrole=cluster-admin --serviceaccount=kubeapps:kubeapps-operator
clusterrolebinding.rbac.authorization.k8s.io/kubeapps-operator created
[kubeadm@server1 kubeapps]$

查看token

[kubeadm@server1 kubeapps]$ kubectl -n kubeapps describe sa kubeapps-operator 
Name:                kubeapps-operator
Namespace:           kubeapps
Labels:              <none>
Annotations:         <none>
Image pull secrets:  <none>
Mountable secrets:   kubeapps-operator-token-gcfwr
Tokens:              kubeapps-operator-token-gcfwr
Events:              <none>
[kubeadm@server1 kubeapps]$ kubectl -n kubeapps describe secrets kubeapps-operator-token-gcfwr
Name:         kubeapps-operator-token-gcfwr
Namespace:    kubeapps
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: kubeapps-operator
              kubernetes.io/service-account.uid: 19c16e66-80d3-4fbd-b117-d679e71015c5
Type:  kubernetes.io/service-account-token
Data
====
ca.crt:     1025 bytes
namespace:  8 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IlNUdEFKWnVENXZtcnczV0FDbVNOU0JmN0RrYXFqWlk1VXVzZFp3dWF6bUUifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlYXBwcyIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlYXBwcy1vcGVyYXRvci10b2tlbi1nY2Z3ciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJ
...
...

复制token到网页端登陆

登陆成功。

3. kubeapps的使用

添加自己的chart库

因为我们仓库的地址为reg.westos.org，在pod内不能解析这个地址，因此我们首先需要添加pod内解析

[kubeadm@server1 kubeapps]$ kubectl -n kube-system get cm
NAME                                 DATA   AGE
coredns                              1      23d
extension-apiserver-authentication   6      23d
kube-flannel-cfg                     2      23d
kube-proxy                           2      23d
kubeadm-config                       2      23d
kubelet-config-1.18                  1      23d
[kubeadm@server1 kubeapps]$ kubectl -n kube-system edit cm coredns

添加仓库

信息填写完成后安装

在网页端就可以搜到
点进入可以看到两个版本0.1.0和0.2.0

4. 使用chart部署ingress-nginx应用

点击Deploy
更改部署文件，使用ingress

更改后提交，等待一会变成ready

测试访问

部署成功。

5. 更新和回滚

点击Upgrade,更改版本号

更改后点击提交

再次访问发现应用已更新

点击Rollback 进行回滚
等待ready后，再次测试访问