Apps

Apps are Helm charts from Helm repositories which you can manage via Loft. Apps can be managed in the loft UI from within a space (Spaces > Apps) or from within a cluster (Clusters > Apps).

loft Apps
Loft Apps
Apps Authorization

Loft will install apps by impersonating the user that wants to install the app, which means that if the user is not allowed to install certain resources (e.g. ClusterRoles), the user also won't be able to install an App that contains such resources.

By default, all users that have admin access to a space are able to install apps into that space limited by their RBAC rights. To disable this, remove the RBAC rights for helmreleases in the cluster role loft-cluster-extra-space-admin-rules.

Types of Apps

System Apps

System apps are Helm charts which are installed into the cluster by Loft during the cluster initialization process, i.e. right after connecting the cluster. These apps are managed and upgraded by Loft. You cannot delete or upgrade them manually because this would impact Loft's ability to manage the cluster. Currently, only kiosk is a system app.

App Store

Loft has the most commonly used Helm Charts already predefined which makes it easy to install over 1,200 Helm charts with just a few clicks.

Recommended Apps: After connecting a cluster, Loft suggests a few specific popular apps which you can see in the "Clusters > Cluster" tab. Click on one to configure and install it. Other Apps: To install other apps, click on "Explore other apps" and use the searchable select to find charts.

To customize what Apps should be available, take a look at the customization section below.

Workflows

Convert an existing Helm Release

In Helm v3, Helm creates a Kubernetes secret for each Helm release that contains details about the release. To view such secrets you can execute in the cluster:

# Show all deployed helm releases in the cluster
kubectl get secrets --selector=owner=helm,status=deployed --all-namespaces

In order for Loft to display the Helm releases as apps in the Loft UI, the secret needs a label called loft.sh/app: true. To query the Helm releases Loft will display in the UI, you can run:

# Show all deployed helm releases in the cluster that are marked as loft apps
kubectl get secrets --selector=owner=helm,status=deployed,loft.sh/app=true --all-namespaces

Additionally, there is the label loft.sh/system-app: true and the annotation loft.sh/url: REPO_URL to provide additional loft specific details about the app. Sometimes, it can be useful to "import" an already existing Helm chart by adding the missing labels and annotations. This has the advantage that you can view and manage the Helm release using the Loft UI. With the helper script import-helm-release, you can import Helm releases into Loft.

tip

If you connected the management cluster (that Loft is running in), you can:

Import cert-manager:

curl -L "https://raw.githubusercontent.com/loft-sh/loft/master/hack/import-helm-release.sh" | bash -s -- "cert-manager" "https://charts.jetstack.io"

Import nginx-ingress:

curl -L "https://raw.githubusercontent.com/loft-sh/loft/master/hack/import-helm-release.sh" | bash -s -- "ingress-nginx" "https://kubernetes.github.io/ingress-nginx"

Import loft and label it as system app:

curl -L "https://raw.githubusercontent.com/loft-sh/loft/master/hack/import-helm-release.sh" | bash -s -- "loft" "https://charts.devspace.sh" true false

Install Apps

Installing apps essentially runs helm install.

Loft UI - Cluster Overview: Apps

Upgrade Apps

You can upgrade (or downgrade) your apps in the UI which essentially performs a helm upgrade. Upgrading apps is also useful to change the configuration of an app (helm values).

Loft UI - Upgrade App

Uninstall Apps

Uninstalling an app essentially performs helm delete.

Loft UI - Uninstall App

Customization

Change App Repositories

You can customize which Helm repositories should be crawled by Loft. This can be done in the "Admin > Config" tab. In the textbox you can change the apps settings. You have several options to customize how Loft will crawl the Helm repositories:

#
# Specify additional Helm repositories. After you change something here and press apply, loft will recrawl
# all repositories and show them in the Apps views. Please be patient, this can take
# some time.
#
apps:
# If this option is true, loft will not parse any default repositories
noDefault: false
# Additional repositories that should be parsed. Not affected by the noDefault option
repositories:
# The name of the repository. Charts will be shown as name/chart in the UI
- name: repo
# The url to the repository. The index.yaml will be appended automatically
url: http://url-to-repo.com

For example, if you want to add your own helm chart repository you can specify it via:

apps:
# If you want to skip the helm repositories recommended by loft
# (https://github.com/loft-sh/loft/blob/master/appstore/repos.yaml)
# noDefault: true
repositories:
- name: my-custom-repo
url: 'https://my.custom.repo.com/repo'

Apps crawled from the repository will then be shown as my-custom-repo/chart within the Apps views.

loft Apps
Loft Apps

Change Predefined Space Apps

You can also specify custom predefined apps that will be displayed in the "Spaces > Apps" tab. This can be done in the "Admin > Config" tab under the apps section in the textbox. The following options are available:

#
# Specify custom predefined apps. The predefined apps are displayed in Spaces > Apps.
#
apps:
# Predefined Apps that are configured here will be displayed in the in the Spaces > Apps view
predefinedApps:
# Repo name and chart name of the helm chart to deploy
- chart: repo/chart
# (Optional) Title is the name that should be displayed for the predefined app.
# If empty the chart name is used.
title: my-custom-app
# (Optional) The version that should be preselected in the create app drawer
initialVersion: 0.0.1
# (Optional) Values that should be prefilled when selecting the app. Several place holders can
# be used that will be replaced by loft:
# - ${loft.host} -> The current hostname (e.g. loft.my-domain.com)
# - ${loft.cluster} -> The name of the cluster
# - ${loft.space} -> The name of the space / namespace
# - ${loft.user} -> The name of the user
initialValues: >
my-values:
host: ${loft.host}
# (Optional) iconUrl specifies an url to the icon that should be displayed for this app.
# If none is specified the icon from the chart metadata is used.
iconUrl: http://url-to-my-icon.com/icon.png
# (Optional) readmeUrl specifies an url to the readme page of this predefined app.
# If empty an url will be constructed to artifact hub.
readmeUrl: http://url-to-readme.com/my-chart/readme
# (Optional) Cluster names in which the predefined app should be displayed under Space > Apps.
# If ommitted it is shown in all clusters
clusters:
- my-local-cluster

For example, if you want to specify a mysql example app, enter the following into the textbox and press apply:

apps:
predefinedApps:
- chart: bitnami/mysql
initialValues: |
auth:
rootPassword: ${loft.user}-${loft.space}
title: easy-mysql
readmeUrl: 'https://artifacthub.io/packages/helm/bitnami/mysql'

After a short waiting period, Loft will display the app in the "Spaces > Apps" tab:

loft Apps
mysql example predefined app
Edit this page