This guide is for online installation, make sure your Kubernetes cluster meets the prerequisites below, see Prerequisites for more details.
- Kubernetes Version: from
1.13.0
to1.15.x
- Helm Version:
>= 2.10.0
- Available Memory:
>= 10 G
- Already have Storage Class (Recommended)
kubesphere-system
and kubesphere-monitoring-system
.$ cat <<EOF | kubectl create -f -
---
apiVersion: v1
kind: Namespace
metadata:
name: kubesphere-system
---
apiVersion: v1
kind: Namespace
metadata:
name: kubesphere-monitoring-system
EOF
Attention: Follow the certificate paths of
ca.crt
andca.key
to create this secret.
kubectl -n kubesphere-system create secret generic kubesphere-ca \
--from-file=ca.crt=/etc/kubernetes/pki/ca.crt \
--from-file=ca.key=/etc/kubernetes/pki/ca.key
Attention: Create the secret according to the your actual path for the k8s cluster;
$ kubectl -n kubesphere-monitoring-system create secret generic kube-etcd-client-certs \
--from-file=etcd-client-ca.crt=/etc/kubernetes/pki/etcd/ca.crt \
--from-file=etcd-client.crt=/etc/kubernetes/pki/etcd/healthcheck-client.crt \
--from-file=etcd-client.key=/etc/kubernetes/pki/etcd/healthcheck-client.key
$ kubectl -n kubesphere-monitoring-system create secret generic kube-etcd-client-certs
$ git clone https://github.com/kubesphere/ks-installer.git
$ cd deploy
$ vim kubesphere-installer.yaml
# According to the parameter table at the bottom, replace the value of "kubesphere-config" in "kubesphere-installer.yaml" file with your current Kubernetes cluster parameters (If the ETCD has no certificate, set etcd_tls_enable: False).
$ kubectl apply -f kubesphere-installer.yaml
kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l job-name=kubesphere-installer -o jsonpath='{.items[0].metadata.name}') -f
IP:30880
to visit KubeSphere login page. The default cluster administration account is admin/P@88w0rd
.$ kubectl get svc -n kubesphere-system | grep 30880
# Inspect the NodePort of ks-console, it's 30880 by default.
Parameter | Description | Default | |
kube_apiserver_host | The address of kube-apiserver of your current Kubernetes cluster(i.e. IP:NodePort) | ||
etcd_tls_enable | Whether to enable etcd TLS certificate authentication(True / False) | True | |
etcd_endpoint_ips | Etcd addresses, such as ETCD clusters, you need to separate IPs by commas(e.g.192.168.0.7,192.168.0.8,192.168.0.9) | ||
etcd_port | ETCD Port (2379 by default, you can configure this parameter if you are using another port) | 2379 | |
disableMultiLogin | Whether to turn off multipoint login for accounts (True / False) | True | |
elk_prefix | Logging index | logstash | |
keep_log_days | Log retention time (days) | 7 | |
metrics_server_enable | whether to install metrics_server (True / False) | True | |
sonarqube_enable | whether to install Sonarqube (True / False) | True | |
istio_enable | whether to install Istio (True / False) | True | |
persistence | enable | Whether the persistent storage server is enabled (True / False)(It is recommended tp enable persistent storage in a formal environment) | |
storageClass | Enabling persistent storage requires that the storageClass has been created already in the cluster (The default value is empty, which means it'll use default StorageClass) | “” | |
containersLogMountedPath(Optional) | Mount path of container logs | "/var/lib/docker/containers" | |
external_es_url(Optional) | External Elasticsearch address, it supports integrate your external ES or install internal ES directly. If you have ES, you can directly integrate it into KubeSphere | ||
external_es_port(Optional) | External ES port, supports integrate external ES | ||
local_registry (Offline installation only) | Integrate with the local repository when deploy on offline environment(To use this parameter, import the installation image into the local repository using "scripts/downloader-docker-images.sh") |
Future Plan