Installation
This is the installation guide for Kubero. It will guide you through the installation of the required components, the Kubero Operator and the Kubero UI.
All these steps can be performed with the Kubero CLI or kubectl. You can download the latest Kubero CLI version from the releases page
Prerequisites
- Kubernetes cluster
- kubectl
- Kubero CLI (optional)
Components
Ingress Controller
The Installation of the Ingress Controller depends on your Kubernetes provider. For example, if you are using Kind, you can use the following command:
- kubectl
- Kubero CLI
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml
kubero install -c ingress
For other Kubernetes providers, please use one of the following resources
Metrics Server
The Metrics Server is required for the Kubero UI to display CPU and Memory usage. You can install it with the following command:
- kubectl
- Kubero CLI
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
kubero install -c metrics
Cert Manager
The Certmanager is requirede to generate and manage TLS certificates.
- kubectl
- Kubero CLI
kubectl apply -f https://operatorhub.io/install/cert-manager.yaml
kubero install -c certmanager
Kubero Operator
There are two ways to install Kubero: 1) Minimal installation 2) Full installation with OLM (Operator Lifecycle Manager)
Option 1) Minimal installation
The minimal installation will install the Kubero Operator and the required CRDs. The Kubero UI will be installed on a later step.
- kubectl
- Kubero CLI
kubectl apply -f https://raw.githubusercontent.com/kubero-dev/kubero-operator/main/deploy/operator.yaml
kubero install -c kubero-operator
Option 2) Full installation with OLM
The OLM installation will install the Operator Lifecycle Manager and the Kubero Operator. The Kubero UI will be installed on a later step.
OLM (Operator Lifecycle Manager)
kubectl create -f https://raw.githubusercontent.com/operator-framework/operator-lifecycle-manager/master/deploy/upstream/quickstart/crds.yaml
kubectl create -f https://raw.githubusercontent.com/operator-framework/operator-lifecycle-manager/master/deploy/upstream/quickstart/olm.yaml
Kubero Operator
kubectl create -f https://operatorhub.io/install/kubero-operator.yaml
Kubero UI
The Kubero UI provides an API and a web interface to manage your Kubero installation. Without the Kubero UI, you can still use the Kubero Operator to manage your applications but you will need to use the kubectl to apply the rescources.
Install Kubero UI with the Kubero CLI
kubero install -c kubero-ui
Install Kubero UI with kubectl
These steps are not required if you have installed the Kubero UI with the Kubero CLI.
Crate the namespace
kubectl create namespace kubero
Create the secrets
kubectl create secret generic kubero-secrets \
--from-literal=KUBERO_WEBHOOK_SECRET=$(openssl rand -hex 20) \
--from-literal=KUBERO_SESSION_KEY=$(openssl rand -hex 20) \
--from-literal=GITHUB_PERSONAL_ACCESS_TOKEN=$GITHUB_TOKEN \
-n kubero
| Variable | Required | Description |
|---|---|---|
| GIT_DEPLOYMENTKEY_PUBLIC | deprecated | (Bug in Operator =< v0.0.70, set to random string) |
| GIT_DEPLOYMENTKEY_PRIVATE_B64 | deprecated | (Bug in Operator =< v0.0.70, set to random string) |
| KUBERO_WEBHOOK_SECRET | required | Random secret string |
| KUBERO_SESSION_KEY | required | Random secret string |
| KUBECONFIG_BASE64 | optional | Base64 encoded Kubeconfig, may contain multiple contexts (required for multi cluster) |
| KUBERO_USERS | optional | Base64 encoded jsonfile (see Authentication chapter) |
| GITHUB_PERSONAL_ACCESS_TOKEN | optional | Personal access token for GitHub API |
| GITEA_PERSONAL_ACCESS_TOKEN | optional | Personal access token for Gitea API |
Deploy the Kubero UI
kubectl apply -f https://raw.githubusercontent.com/kubero-dev/kubero-operator/main/config/samples/application_v1alpha1_kubero.yaml -n kubero
Enable the Kubero Registry
This config requires Kubero Operator >= v0.0.137
This step is optional.
The Kubero Registry is a central place to store and share your CI/CD images. It is required to use the Dockerfile and Nixpacks buildstrategy for your applications.
kubectl edit kuberoes kubero -n kubero
Edit/add the registry section:
spec:
registry:
enabled: true # creates registry credentials for a external or a local registry (required for build strategy apps)
create: true # spins up a local registry
#host: registry.kubero.svc.cluster.local # works for pushes, but not for pulls. DO NOT USE THIS :( since it requires to configure all nodes ot acceppt this "insecure" registry
#host: docker.io # requires a docker account. Might be the best choice when running on a non public domain
host: registry.mykubero.com # will make your images publicly avaialble with a basic auth protection
account:
# create account with:
# docker run --entrypoint htpasswd httpd:2 -Bbn [username] [password]
# http://aspirine.org/htpasswd_en.html (use bcrypt)
username: MyUser
password: MyPassword
hash: $2y$05$cXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
port: 443
storage: 1Gi
storageClassName: