Create Tiller Service Account

KubeSphere requires Helm (>= v2.10.0, excluding v2.16.0) to trigger the installation. By default, Tiller is not ready on GKE, thus we need to install Tiller in advance.

When GKE cluster is ready, we can connect to Cloud Shell.

Here, we create helm-rbac.yaml in GKE as following:

apiVersion: v1

kind: ServiceAccount

metadata:

name: tiller

namespace: kube-system

---

apiVersion: rbac.authorization.k8s.io/v1

kind: ClusterRoleBinding

metadata:

name: tiller

roleRef:

apiGroup: rbac.authorization.k8s.io

kind: ClusterRole

name: cluster-admin

subjects:

- kind: ServiceAccount

name: tiller

namespace: kube-system

Let’s create these resources using kubectl:

$ kubectl apply -f helm-rbac.yaml

Deploy Tiller

Initialize helm using the following command.

$ helm init --service-account=tiller --tiller-image=gcr.io/kubernetes-helm/tiller:v2.14.1 --history-max 300

Check the Tiller status using kubectl, when it displays 1/1 that means you are ready to continue.

$ kubectl get deployment tiller-deploy -n kube-system

Install KubeSphere

Install KubeSphere using kubectl, this command only triggers the minimal installation by default:

Verify the real-time logs, when you see the following outputs, congratulation! You can access KubeSphere in your browser.

$ kubectl logs -n kubesphere-system $(kubectl get pod -n kubesphere-system -l app=ks-install -o jsonpath='{.items[0].metadata.name}') -f

#####################################################

### Welcome to KubeSphere! ###

#####################################################

Console: http://10.128.0.34:30880

Account: admin

Password: P@88w0rd

NOTES：

1. After logging into the console, please check the

monitoring status of service components in

the "Cluster Status". If the service is not

ready, please wait patiently. You can start

to use when all components are ready.

2. Please modify the default password after login.

#####################################################

Access KubeSphere console

In this guide, we’ll show you how to access KubeSphere console by changing service type to LoadBalancer .

Select Services & Ingress > ks-console , then click EDIT and modify the service type from NodePort to LoadBalancer .

Now, you can access the KubeSphere Console using the Endpoints that were generated by GKE.

Note: In addition to changing the service type to LoadBalancer, you can also access KubeSphere console via NodeIP:NodePort , you may need to allow port 30880 in firewall rules.