To simplify application deployment and management on Kubernetes, Kubeapps provides a web-based dashboard to deploy, manage, and upgrade applications on a Kubernetes cluster. Kubeapps includes a built-in catalog of Helm charts and operators that allows users to deploy trusted and continuosly maintained content on their clusters.
Kubeapps is the best option for enterprise development teams since Kubeapps uses cluster's existing configured RBAC rules. This allows operators and cluster admins to control which users can access and manage applications. Kubeapps can thus be used as the central place for managing all enterprise application deployments with total confidence.
In addition, you can configure Kubeapps to use your private application repository as its source. This feature gives you the option of extending your catalog with your charts located in a private Helm repository such as ChartMuseum or Harbor, and even to use your customized Helm chart catalog directly from the VMware Tanzu Application Catalog.
Kubeapps can be easily configured to automatically replicate Helm charts from the VMware Tanzu Application Catalog. Users will benefit from a browser-based user interface to customize, upgrade and rollback their deployments using the latest, most secure and up-to-date Helm charts from the Tanzu Application Catalog.
This tutorial will show you how to create and configure an application repository for Tanzu Application Catalog in Kubeapps, and how to deploy a WordPress Helm chart from your TAC catalog from its dashboard. In addition, you will learn how to use an existing MariaDB Galera cluster as an external database in your WordPress deployment to run a production-ready blog.
This guide uses WordPress as an example, but you can follow the instructions shown in this article to deploy on your cluster any other Helm chart from your TAC catalog using the Kubeapps UI.
This guide explains how to create an application repository for Tanzu Application Catalog (TAC) in Kubeapps. It assumes that you have access to TAC and to a pre-built or custom catalog. If you don't have access to TAC, please reach out to your VMware sales representative.
This tutorial assumes that:
The first step is to create an application repository in Kubeapps pointing to the TAC catalog. Follow these instructions:
Click the menu button in the top right corner and select the "App Repositories" option.
On the resulting screen, click the "Add App Repository" button.
Enter a name for the new repository and add the chart URL, in this case https://charts.trials.tac.bitnami.com/demo to add the demo TAC catalog to Kubeapps. Then select an authentication method (if applicable).
Click "Install Repo" to finish the process.
Once you create the application repository with the TAC catalog as source, all the charts in the catalog will become available for deployment through Kubeapps. This guide uses WordPress as an example, but you can deploy any other chart that you have in your catalog. Follow these steps:
Click the "Catalog" link in the navigation bar and search for WordPress. You will see two charts, one with the "bitnami" tag and another with the "tac" tag. Select the latter.
In the resulting page, you will find information about the WordPress Helm chart. You will also find the version of the chart that exists in your TAC catalog:
TIP: If you navigate to your TAC catalog and search for "WordPress", you will see that the version of the chart available in your catalog matches the one shown in Kubeapps. Learn more about the information related to charts and containers releases in TAC.
Click "Deploy" to deploy the chart. This will take you to a page where you can configure your WordPress deployment. You can use either the form or the "Values (YAML)" tab to customize your deployment as you want: give your chart a name, change the version you want to deploy, add an admin password (if not, a random 10-character alphanumeric string will be set), or configure Helm values.
NOTE: Don't forget to select a valid namespace to deploy the chart.
In this example, Ingress will be enabled. If you have an Ingress Controller running in your cluster, you can active the custom hostname in order to use a hostname rather than just a public IP. Also, if CertManager is available in the cluster, you can enable it and enable TLS in order to automatically generate a certificate and use HTTPS.
To do so, scroll down until the "Ingress Details" section and perform the following steps:
You can check that all these values has been correctly added to the values.yaml chart in the "Values (YAML)" tab:
Activate the "Enable Metrics" button to start a side-car Prometheus exporter.
Click "Deploy" to start the deployment. Once submitted, you will be redirected to a page that describes the state of your deployment. The status will be "Deploying" until WordPress is up and running.
Once the chart is deployed, you can see all the deployment details, including the URLs to access the application. In this case, you will see two URLs:
Service LoadBalancer: by default, WordPress creates a Service with LoadBalancer type to provide an externally accessible URL for its web interface.
In the deployment details page, you can also view the secrets assigned to both the database and the application:
You can also view important information such as the installation values, as shown in the image below:
To access WordPress, click the Ingress URL. This opens a new tab in your browser with your WordPress blog. You will see the lock in the navigation bar, this means that your deployment is secure, using HTTPS with a valid certificate:
If you need a deployment able to respond in a high-demand environment and ensure failover and high availability, then you can configure a WordPress installation using an existing MariaDB Galera cluster as an external database. The following example uses a MariaDB Galera deployment already running in the Kubeapps cluster so you can fetch all its values directly from the Kubeapps UI.
To deploy a WordPress production-ready using an external MariaDB Galera database, follow these instructions:
In the "External Database Details" section, enter the MariaDB Galera database values for the parameters below. To quickly find these values, navigate to the database deployment details page and copy them as explained below:
NOTE: Remember to select the same namespace where the MariaDB Galera cluster is running. In case you want to deploy WordPress in a different namespace, you must add it at the end of the database host as follows: DB-HOST.NAMESPACE. Being DB-HOST a placeholder of the service for the external database and NAMESPACE a placeholder for the namespace in which the database is running.
The external database details should look similar to this:
Once you have configured the external database values, you can configure other parameters such as enabling Ingress, Metrics, Cert Manager or TLS as described in step 2 for monitoring and securing your deployment. Click "Submit" to start the deployment of the chart. After several minutes, your deployment will be ready and you will be able to access WordPress using Ingress (if you enabled it) or the Service LoadBalancer URL.
To learn more about the topics discussed in this guide, use the links below: