Homelab,Network Infrastructure,Tutorials

Installing kubeapps on Azure AKS

Kubeapps is a management interface for kubernetes clusters that simplifies installing and uninstalling helm charts.

First, login to your kubernetes cluster via the Azure CLI: (below are fake GUIDs and group names, use your own)

az account set --subscription  [12345678-abcd-efgh-ijkl-123456789123]
az aks get-credentials --resource-group [RGName] --name [ClusterName]

Next, install the kubeapps repository to the cluster, create a namespace for the installation’s resources, and install the chart.

helm repo add bitnami https://charts.bitnami.com/bitnami
kubectl create namespace kubeapps
helm install kubeapps --namespace kubeapps bitnami/kubeapps

Kubeapps will be installed, but will not have a publicly-exposed port outside the cluster without a loadbalancer enabled. You can check this via:

kubectl get services --namespace kubeapps

You will see an output like the following, showing that there are internal service endpoints for the kubeapps resources, but no external endpoints:

For public access, we’ll need to edit the service definition via:

kubectl edit svc kubeapps --namespace kubeapps

The above command will open a vim session with the YAML service definition. Use your arrow keys to find the line for “Spec->Type” which will currently say “ClusterIP”. Press ‘i’ to begin editing, then change “ClusterIP” to “LoadBalancer”. Press Escape, then type ‘:wq’ to save and exit. You should see a message in the CLI saying “service/kubeapps edited”. Check the same service list again:

kubectl get services --namespace kubeapps

You will now have a public endpoint listed under the ‘EXTERNAL-IP’ column in the table. Visiting that endpoint will show a screen similar to the following:

Since we are obviously our own cluster operator, we will need to generate our own Kubernetes API token for access to the GUI via the following command:

kubectl create --namespace default serviceaccount kubeapps-operator
kubectl create clusterrolebinding kubeapps-operator --clusterrole=cluster-admin --serviceaccount=default:kubeapps-operator

To actually retrieve the token within the Cloud Shell interface, the easiest way is to switch from the Powershell interface to the Bash interface via the button in the top left of the Cloud Shell terminal:

Once within the Bash interface, you can run the following:

kubectl get --namespace default secret $(kubectl get --namespace default serviceaccount kubeapps-operator -o jsonpath='{range .secrets[*]}{.name}{"\n"}{end}' | grep kubeapps-operator-token) -o jsonpath='{.data.token}' -o go-template='{{.data.token | base64decode}}' && echo

An access token will be printed to your console. Copy/paste it into the kubeapps login GUI field. You should now be able to login and see the following interface:

You’re now ready to start managing your helm installations graphically via kubeapps!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.