Wednesday, May 13, 2020

Kubeapps Now Supports Private Helm and Docker Registries

The Kubeapps team has released a new version that provides support for private Helm repositories with private Docker images. This is the second release in a month, since last April, Kubeapps also extended its catalog with support for operators. 

From now on, Kubeapps users can include private Docker images in their customized Helm charts and deploy them directly from a private Helm repository.  This support is aligned with the Kubernetes RBAC authentication model with private credentials available only in the configured namespace. Users can only add private repositories in those namespaces in which they have the required permissions.  Similarly, only those users with access to that namespace have access to deploy the charts with private images.

Kubeapps officially supports the following private Helm repositories:

Chose the option that better suits your team and start deploying custom applications from your private repositories from the Kubeapps user interface.

Kubeapps simplifies the deployment from private registries within the Kubernetes security model 

To enable the full support for private repositories, Kubeapps introduced the option of associating Docker credentials to an application repository so that Kubeapps can ensure they are used to pull any matching private images within a chart.

This eliminates the manual configuration you would otherwise need to be able to deploy charts with private Docker images, without which Kubernetes is unable to find Docker images requiring credentials, resulting in a failed deployment.

Without this feature, the user has two options: either create manually an image pull secret in the Kubernetes namespace or ask the cluster operator to make the secret available, and then update the chart values to reference the created secret.

Both situations require that you or the people that will use the application know how to manually add the specific pull secret and reference it in the chart values at deployment time.

Here is where Kubeapps simplify things! How? By associating Docker image pull secrets to an application repository (only available for Helm 3).

From the Kubeapps user interface, create an application repository and after entering the normal URL of the private repository where the app is and basic authentication of the chart:

  • Create the credentials for the image pull secret so that Kubernetes can pull the images from the Docker registry.  
  • Then ensure the newly created image pull secret is selected for the application repository.  

This information tells Kubeapps that whenever deploying any chart from this application repository, if an image matching any associated pull secret is referenced in any pod, then Kubeapps will automatically add an image pull secret to that pod.

Watch the following video to learn step-by-step how to create an application repository to deploy a custom application from external private repositories:

Or check out the documentation for private application repositories to learn more.

Deploy the latest Kubeapps release now!

Wednesday, April 8, 2020

Kubeapps Extends its Catalog with Support for Operators

Over the last few weeks, the Bitnami team has worked on including a major change in the new Kubeapps version (available in alpha): support for Operators. With this, the Kubeapps catalog increases by more than 110 applications.

Operators extend Kubernetes capabilities, including those related to stateful applications. Operators may handle updates, failure recovery, application scale-out, etc., reducing the number of manual operations that are required for applications to run on a cluster. They contain the logic for deploying and operating an application on Kubernetes, handling almost all aspects of application management. Operators can also help with many so-called "day-2 operations", automating manual tasks like upgrades or backups.

Now, cluster administrators and developers will be able to deploy Operators directly from Kubeapps. Kubeapps users will be able to deploy instances directly from the UI to better manage applications and their components using custom resources.

Keep reading to learn how to use this new feature and to discover other enhancements in this new version of Kubeapps.

Why extend the Kubeapps catalog with Operators? 

Helm charts are a great way for deploying applications on Kubernetes. They package pre-configured Kubernetes resources and contain manifest files which describe how the application should be managed.

While Helm charts allow you to easily run an application on a cluster, once the application is deployed, you may still need to perform additional tasks to connect your application with external resources such a database or manual operations to scale a deployment.

Bitnami has added Operators to Kubeapps to give cluster administrators and developers the resources to automate the application lifecycle in their clusters. For example, when a security update is available for your application, you can now expect it to be automatically applied with no human intervention. This is especially useful for SRE teams that need to manage many clusters.

Now that the Kubeapps catalog includes both Helm charts and Operators (some applications are only available as Operators), administrators can mix and match Helm charts and Operators to create more complex / production-ready solutions.

Kubeapps is the first open source tool that allows you to manage charts, Operators, and instances through a single user-friendly interface.

Enable Operators Support and Start Deploying Operators on Your Cluster 

Support for Operators is being released as a feature in alpha state and it is not enabled by default. For that reason, users must manually enable it by adding the related flag at deployment time or when upgrading Kubeapps. 

When you finish the process, your Kubeapps “Catalog”  will add Operators to the catalog, and you can start using them from a web browser. Navigate to the “Configuration -> Operators” menu, and see the full list of Operators available and ready to be deployed on your cluster:

Click the Operator you wish to deploy, check the information displayed, click “Deploy” and follow the instructions to finish the installation. Check out the Kubeapps GitHub repository to learn how to get started with Operators.

Want to try Operators in Kubeapps?  Download the latest version and start using them!

Friday, March 13, 2020

Migration of Bitnami's Helm Charts from Stable Repository to Bitnami's Repository Now Complete

The Helm 3 release has resulted in some important changes that affect chart deployment and chart repositories. These changes have been implemented to facilitate chart maintenance. Keep reading to learn more about the major changes planned for the Helm and Bitnami chart repositories.

What is going to change in Helm charts repositories?

In the next few months, the stable and incubator repositories will be de-listed from all Hubs. They are already excluded in Helm 3 by default. To use these repositories, it is necessary to explicitly add them using the “helm repo add” command. For more information about how the Helm community will use a distributed approach to maintain chart repositories going forward, refer to this proposal.

What does the new distributed approach mean?

Chart maintainers should move the charts they maintain to their own repository, and of course, offer support to users, include them in the Kubeapps Hub, etc.

Given the stable repository deprecation timeline, the Bitnami team has already migrated its contributed charts to the Bitnami charts GitHub repository.

This repository is already included in the Kubeapps Hub and we will provide the same cadence in updates and user support as we have done for the stable repository during the last years.

How to use the Bitnami charts repository

The installation instructions are very similar to the older ones. The main change is that you must first add the bitnami repository to your local Helm installation with the “helm repo add” command and use this repository when installing a specific chart:

$ helm repo add bitnami

$ helm install my-release bitnami/<chart> # Helm 3

$ helm install --name my-release bitnami/<chart> # Helm 2

How to contribute to the Bitnami charts repository?

Going forward, any new issues or pull requests (PRs) related to Bitnami’s charts should be created in the Bitnami GitHub repository. Likewise, we will redirect to that repository all the Issues and PRs that were created in the stable repository before the date of the transition.

We are open to accepting new chart contributions in the Bitnami repository. Such charts will be integrated into our release pipeline, which implies that they will benefit from automatic updates for container images, daily testing, CVE scanning, etc. If you want to submit a new chart, don’t hesitate to create a new PR!

We will also be happy to answer your questions about this change! Post them to this issue thread opened in the stable repository. This thread also has information about the reasons for this transition and how to follow up on the process.