Tuesday, August 31, 2021

Kubeapps 2.3.4 - Easier Deployment in VMware Tanzu™ Kubernetes Grid Clusters

A new Kubeapps release is out, and it is even easier to run in TKG clusters! The last version of Kubeapps necessitated a manual update of the current Pinniped version to the latest – this step is no longer required.  Cluster administrators can now configure Kubeapps to simply use the built-in Pinniped instance to authenticate through the same OIDC provider as they have already installed in their VMware Tanzu™ Kubernetes Grid (TKG) clusters. 

Keep reading to learn more about how to benefit from installing the Kubeapps 2.3.4 version.  

Advanced Features for Tanzu Users 

Kubeapps enables users to consume and manage open-source trusted and validated solutions through an intuitive web-based interface. 

With the previous release, Tanzu users gained the possibility of deploying Kubeapps directly to TKG workload clusters. This integration allows users to operate Kubernetes deployments through a web-based dashboard both on-premises in vSphere, and even in the public cloud on Amazon EC2 or Microsoft Azure. 

Kubeapps provides a wide catalog of ready-to-run-on Kubernetes solutions. In addition to the default Kubeapps catalog, Tanzu users have the flexibility to configure either VMware Tanzu™ Application Catalog (TAC) as a private chart repository or any of VMware Marketplace™ Catalog or the Bitnami Application Catalog as public chart repositories. This extends the number of available solutions and sources for development teams to work with. Refer to this blog post to learn more about Kubeapps key features for Tanzu users.  

How to Use Kubeapps in TKG 

However, once Kubeapps is enabled in a cluster, some concerns may arise for cluster administrators when users need to access the tool:  

  • How to ensure secure authentication for users to Kubeapps? 
  • How to manage the different application catalogs? 
  • Is possible to customize the layout of Kubeapps to align it with my corporate branding policies? 

This new release of Kubeapps comes to address all these questions. When you install Kubeapps in a TKG cluster, you at once get:  

1) An in-built authentication system in TKG via Pinniped using the same version as the cluster runs

Authorization is delegated to the Kubernetes RBAC, which means that the same policies and roles configured for your cluster will be used when users want to enter and use Kubeapps.  

That way, the authentication to Kubeapps is completely safe since it will use the same OIDC provider as the TKG cluster uses.  

Follow these steps to configure an OIDC provider in your cluster to use for Kubeapps authentication: 

2) An easy way to deploy applications from the Tanzu Application Catalog and the Bitnami Application Catalog from the VMware Marketplace through Kubeapps

With Kubeapps, you can either deploy custom applications from a private repository or access the different catalogs from both public and private repositories that VMware provides. To configure application catalogs in Kubeapps once it is running on your TKG cluster, use the following instructions depending on which solutions you want to add:   

Once Kubeapps has been configured with one or more application repositories, you can start to use it to deploy, upgrade, roll back, or delete applications on your TKG clusters through its dashboard. Check out this documentation to learn how. 

3) A custom user interface

To provide a rich user experience, Kubeapps supplies a set of parameters to use for configuring a custom user interface. Learn how to configure the user interface to follow your company branding guidelines.  

Support and resources 

Since Kubeapps is an OSS project, support for this version of Kubeapps will be provided on a best-effort basis. For solving the problems you may have (including deployment support, operational support, and bug fixes), please open an issue in the Kubeapps GitHub repository. A markdown template is provided by default to open new issues with the information requested to prioritize and respond to them as soon as possible. Also, if you want to contribute to the project, feel free to send us a pull request, and the team will check it and guide you in the process for a successful merge. 

In addition, you can reach out to Kubeapps developers at #kubeapps on Kubernetes Slack (click here to sign up). 

For more information about the topics discussed in this blog post, refer to the following links: 

The Kubeapps team continues to work on the revamp of the Kubeapps backend. It will support multiple package formats really soon. Stay tuned!