1. Release Notes
    1. Release Notes - 2.0.2Latest
    1. Release Notes - 2.0.1
    1. Release Notes - 2.0.0
  1. Introduction
    1. Introduction
    1. Features
    1. Architecture
    1. Advantages
    1. Glossary
  1. Installation
    1. Intruction
      1. Intro
      2. Port Requirements
    1. Install on Linux
      1. All-in-One Installation
      2. Multi-Node Installation
      3. Installing HA Master and Etcd Cluster
      4. Storage Configuration Instruction
    1. Install on Kubernetes
      1. Prerequisites
      2. Online Installation
      3. Offline Installation
    1. Related Tools
      1. Integrating Harbor Registry
    1. Cluster Operation
      1. Adding New Nodes
      2. High Risk Operation
      3. Uninstalling KubeSphere
  1. Quick Start
    1. Getting Started with Multitenancy
    1. Exposing your APP using Ingress
    1. Deploying a MySQL Application
    1. Deploying a Wordpress Website
    1. Job to compute π to 2000 places
    1. Deploying Grafana using APP Template
    1. Creating Horizontal Pod Autoscaler
    1. S2i: Publish your app without Dockerfile
    1. Canary Release of Microservice APP
    1. CI/CD based on Spring Boot Project
    1. Building a Pipeline in a Graphical Panel
    1. CI/CD based on GitLab and Harbor
    1. Ingress-Nginx for Grayscale Release
  1. Cluster Admin Guide
    1. Multi-tenant Management
      1. Overview of Multi-tenant Management
      2. Overview of Role Management
    1. Platform Management
      1. Account Management
      2. Platform Roles Management
    1. Infrastructure
      1. Service Components
      2. Nodes
      3. Storage Classes
    1. Monitoring Center
      1. Physical Resources
      2. Application Resources
    1. Application Repository
    1. Jenkins System Settings
  1. User Guide
    1. Application Template
    1. Workloads
      1. Deployments
      2. StatefulSets
      3. DaemonSets
      4. Jobs
      5. CronJobs
    1. Storage
      1. Volumes
    1. Network & Services
      1. Services
      2. Routes
    1. Configuration Center
      1. Secret
      2. ConfigMap
      3. Image Registry
    1. Project Settings
      1. Basic Information
      2. Member Roles
      3. Project Members
      4. Internet Access
    1. DevOps Project
      1. DevOps Project Management
      2. DevOps Project Management
      3. DevOps Project Management
      4. DevOps Project Management
      5. DevOps Project Management
  1. Development Guide
    1. Preparing the Development Environment
    1. Development Workflow
  1. API Documentation
    1. API Guide
    1. How to invoke KubeSphere API
KubeSphere®️ 2020 All Rights Reserved.

Install on Kubernetes (Online)


This guide is for online installation, make sure your Kubernetes cluster meets the prerequisites below, see Prerequisites for more details.

  • Kubernetes Version: from 1.13.0 to 1.15.x
  • Helm Version: >= 2.10.0
  • Available Memory: >= 10 G
  • Already have Storage Class (Recommended)

Installing KubeSphere

  1. You need to create 2 namespaces in Kubernetes cluster, namely, kubesphere-system and kubesphere-monitoring-system.
$ cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Namespace
    name: kubesphere-system
apiVersion: v1
kind: Namespace
    name: kubesphere-monitoring-system
  1. Create a Secret of CA certificate of your current Kubernetes cluster.

Attention: Follow the certificate paths of ca.crt and ca.key to create this secret.

kubectl -n kubesphere-system create secret generic kubesphere-ca  \
--from-file=ca.crt=/etc/kubernetes/pki/ca.crt  \
  1. Create an ETCD‘s Secret of certificate.

Attention: Create the secret according to the your actual path for the k8s cluster;

  • If the ETCD has been configured with certificates, refer to the following step:
$ kubectl -n kubesphere-monitoring-system create secret generic kube-etcd-client-certs  \
--from-file=etcd-client-ca.crt=/etc/kubernetes/pki/etcd/ca.crt  \
--from-file=etcd-client.crt=/etc/kubernetes/pki/etcd/healthcheck-client.crt  \
  • If the ETCD has been not configured with certificates, create an empty Secret (The following command is suitable for Kubernetes cluster created by Kubeadm):
$ kubectl -n kubesphere-monitoring-system create secret generic kube-etcd-client-certs
  1. Clone the repository to Kubesphere-installer to local.
$ git clone https://github.com/kubesphere/ks-installer.git
  1. Enter into ks-installer. Then install KubeSphere on existing Kubernetes cluster.
$ cd deploy

$ vim kubesphere-installer.yaml   
# According to the parameter table at the bottom, replace the value of "kubesphere-config" in "kubesphere-installer.yaml" file with your current Kubernetes cluster parameters (If the ETCD has no certificate, set etcd_tls_enable: False).

$ kubectl apply -f kubesphere-installer.yaml
  1. Inspect the logs of installer, waiting for the successful logs appear.
kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l job-name=kubesphere-installer -o jsonpath='{.items[0].metadata.name}') -f
  1. Finally, check console's service port. Use IP:30880 to visit KubeSphere login page. The default cluster administration account is admin/P@88w0rd.
$ kubectl get svc -n kubesphere-system | grep 30880
# Inspect the NodePort of ks-console, it's 30880 by default.

Parameter Table

Parameter Description Default
kube_apiserver_host The address of kube-apiserver of your current Kubernetes cluster(i.e. IP:NodePort)
etcd_tls_enable Whether to enable etcd TLS certificate authentication(True / False) True
etcd_endpoint_ips Etcd addresses, such as ETCD clusters, you need to separate IPs by commas(e.g.,,
etcd_port ETCD Port (2379 by default, you can configure this parameter if you are using another port) 2379
disableMultiLogin  Whether to turn off multipoint login for accounts   (True / False) True
elk_prefix Logging index  logstash 
keep_log_days Log retention time (days) 7
metrics_server_enable whether to install metrics_server    (True / False) True
sonarqube_enable whether to install Sonarqube           (True / False) True
istio_enable whether to install Istio           (True / False) True
persistence enable Whether the persistent storage server is enabled   (True / False)(It is recommended tp enable persistent storage in a formal environment)
storageClass Enabling persistent storage requires that the storageClass has been created already in the cluster (The default value is empty, which means it'll use default StorageClass) “”
containersLogMountedPath(Optional) Mount path of container logs "/var/lib/docker/containers"
external_es_url(Optional) External Elasticsearch address, it supports integrate your external ES or install internal ES directly. If you have ES, you can directly integrate it into KubeSphere
external_es_port(Optional) External ES port, supports integrate external ES
local_registry (Offline installation only) Integrate with the local repository when deploy on offline environment(To use this parameter, import the installation image into the local repository using "scripts/downloader-docker-images.sh")

Future Plan

  • Support multiple public cloud network plugins and storage plugins
  • Decouple component. Use pluggable design to lighten the installation and improve resource efficiency.