什么是 Helm
在没使用 helm 之前,向 kubernetes 部署应用,我们要依次部署 deployment、svc 等,步骤较繁琐。况且随着很多项目微服务化,复杂的应用在容器中部署以及管理显得较为复杂,helm 通过打包的方式,支持发布的版本管理和控制,很大程度上简化了 Kubernetes 应用的部署和管理Helm 本质就是让 K8s 的应用管理(Deployment,Service 等 ) 可配置,能动态生成。通过动态生成 K8s 资源清单文件(deployment.yaml,service.yaml)。然后调用 Kubectl 自动执行 K8s 资源部署Helm 是官方提供的类似于 YUM 的包管理器,是部署环境的流程封装。Helm 有两个重要的概念:chart 和 release
Helm使用的包格式称为 chart。
chart 是创建一个应用的信息集合,包括各种 Kubernetes 对象的配置模板、参数定义、依赖关系、文档说
明等。chart 是应用部署的自包含逻辑单元。可以将 chart 想象成 apt、yum 中的软件安装包。Chart 文件结构
chart是一个组织在文件目录中的集合。目录名称就是chart名称(没有版本信息)。因而描述WordPress的chart可以存储在wordpress/目录中。
在这个目录中,Helm 期望可以匹配以下结构:
wordpress/
Chart.yaml # 包含了chart信息的YAML文件
LICENSE # 可选: 包含chart许可证的纯文本文件
README.md # 可选: 可读的README文件
values.yaml # chart 默认的配置值
values.schema.json # 可选: 一个使用JSON结构的values.yaml文件
charts/ # 包含chart依赖的其他chart
crds/ # 自定义资源的定义
templates/ # 模板目录, 当和values 结合时,可生成有效的Kubernetes manifest文件
templates/NOTES.txt # 可选: 包含简要使用说明的纯文本文件
- 几个Helm涉及的概念
- Repositry: 集中存储和分发Chart的仓库,类似于Perl的CPAN, 或者Python的PyPI等。
- Config: Chart实例化安装运行时使用的配置信息。
- Release: Chart实例化配置后运行于Kubernetes集群中的一个应用实例;在同一个集群上,一个Chart可以使用不同的Config重复安装多次,每次安装都会创建一 个新的发布 (Release)
-
Helm 包含两个组件:Helm 客户端和 Tiller 服务器,如下图所示
Helm 客户端负责 chart 和 release 的创建和管理以及和 Tiller 的交互。Tiller 服务器运行在 Kubernetes 集群
中,它会处理 Helm 客户端的请求,与 Kubernetes API Server 交互
Helm 部署
helm v3版本不需要部Tiller 可直接使用
官网下载适合版本:
- helm仓库
- 安装helm v3版
[root@k8s-master helm]# ls
helm-v3.6.1-linux-amd64.tar.gz
[root@k8s-master helm]# tar -xf helm-v3.6.1-linux-amd64.tar.gz
l[root@k8s-master helm]# ls
helm-v3.6.1-linux-amd64.tar.gz linux-amd64
[root@k8s-master helm]# cd linux-amd64/
[root@k8s-master linux-amd64]# ls
helm LICENSE README.md
- helm为可执行二进制文件 直接拷贝到
[root@k8s-master linux-amd64]# cp helm /usr/local/bin/helm
[root@k8s-master linux-amd64]# helm --help
The Kubernetes package manager
Common actions for Helm:
- helm search: search for charts
- helm pull: download a chart to your local directory to view
- helm install: upload the chart to Kubernetes
- helm list: list releases of charts
Environment variables:
......
Helm常用命令
[root@k8s-master helm]# helm list -A #查看所有helm 或指明 namespace
[root@k8s-master helm]# helm repo list #查看仓库
[root@k8s-master helm]# helm search hub grafana #hup搜索
[root@k8s-master helm]# helm search repo grafana #仓库搜索
NAME CHART VERSION APP VERSION DESCRIPTION
grafana/grafana 6.13.6 8.0.3 The leading tool for querying and visualizing t...
grafana/enterprise-metrics 1.3.5 v1.3.0 Grafana Enterprise Metrics
[root@k8s-master helm]# helm pull grafana/grafana #下载Chart到本地
Helm Hub、Repositry仓库的添加
helm search hub
- helm hub仓库中搜索redis
-
点击右侧install 按提示添加仓库地址
通过helm search hub搜索仓库地址 找到适合的版本直接安装
[root@k8s-master repository]# helm search hub redis -o yaml
- app_version: 6.2.5
description: A Helm chart for Redis on Kubernetes
url: https://artifacthub.io/packages/helm/groundhog2k/redis
version: 0.4.7
- app_version: 6.0.11
description: Open source, advanced key-value store. It is often referred to as a
data structure server since keys can contain strings, hashes, lists, sets and
sorted sets.
url: https://artifacthub.io/packages/helm/taalhuizen-service/redis
version: 12.7.7
- app_version: 1.16.0
description: Redis with metrics compatible with ARM
url: https://artifacthub.io/packages/helm/mmontes/redis
version: 0.1.0
- app_version: 6.2.5
description: Open source, advanced key-value store. It is often referred to as a
data structure server since keys can contain strings, hashes, lists, sets and
sorted sets.
url: https://artifacthub.io/packages/helm/wenerme/redis
version: 15.3.2
- app_version: ""
description: A Redis database for use inside a Kubernetes cluster.
url: https://artifacthub.io/packages/helm/drycc-canary/redis
version: 1.0.0
Helm Repositry
- 常用的helm仓库
helm repo add stable https://charts.helm.sh/stable #官方仓库
helm repo add bitnami https://charts.bitnami.com/bitnami #第三方仓库
- 查看现有仓库
[root@k8s-master ~]# helm repo list
Error: no repositories to show
- 添加helm仓库
[root@k8s-master ~]# helm repo add bitnami https://charts.bitnami.com/bitnami
[root@k8s-master ~]# helm repo add stable https://charts.helm.sh/stable
"stable" has been added to your repositories
[root@k8s-master ~]# helm repo list
NAME URL
bitnami https://charts.bitnami.com/bitnami
stable https://charts.helm.sh/stable
[root@k8s-master ~]# helm repo update #添加和删除仓库后更新索引信息
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "stable" chart repository
...Successfully got an update from the "bitnami" chart repository
Update Complete. ⎈Happy Helming!⎈
- 搜索char
[root@k8s-master ~]# helm search repo redis
NAME CHART VERSION APP VERSION DESCRIPTION
bitnami/redis 15.3.2 6.2.5 Open source, advanced key-value store. It is of...
bitnami/redis-cluster 6.3.6 6.2.5 Open source, advanced key-value store. It is of...
stable/prometheus-redis-exporter 3.5.1 1.3.4 DEPRECATED Prometheus exporter for Redis metrics
stable/redis 10.5.7 5.0.7 DEPRECATED Open source, advanced key-value stor...
stable/redis-ha 4.4.6 5.0.6 DEPRECATED - Highly available Kubernetes implem...
stable/sensu 0.2.5 0.28 DEPRECATED Sensu monitoring framework backed by...
下载chart到本地 2种方法
- 方法1 pull直接下载
[root@k8s-master ~]# cd mag/helm/
[root@k8s-master helm]# helm pull bitnami/redis #把chart下载到本地
[root@k8s-master helm]# ls
helm-v3.6.1-linux-amd64.tar.gz redis-15.3.2.tgz
[root@k8s-master helm]# tar -xf redis-15.3.2.tgz
[root@k8s-master helm]# cd redis/
[root@k8s-master redis]# ls
Chart.lock charts Chart.yaml ci img README.md templates values.schema.json values.yaml
[root@k8s-master redis]#
- 方法2 缓冲文件中到找 chart
当执行过安装过命令后,helm会在家目录生成.cache的缓存文件 里面也会包含chart
[root@k8s-master repository]# helm install db bitnami/redis
[root@k8s-master repository]# pwd
/root/.cache/helm/repository
[root@k8s-master repository]# ll
total 19080
-rw-r--r-- 1 root root 1094 Sep 16 17:45 bitnami-charts.txt
-rw-r--r-- 1 root root 9570808 Sep 16 17:45 bitnami-index.yaml
-rw-r--r-- 1 root root 28227 Jul 1 17:40 grafana-6.13.6.tgz
-rw-r--r-- 1 root root 3908 Jul 7 21:41 myweb
-rw-r--r-- 1 root root 3872 Jul 7 03:13 nginx
-rw-r--r-- 1 root root 77619 Sep 17 11:53 redis-15.3.2.tgz #redis chart文件
-rw-r--r-- 1 root root 3370 Sep 16 17:44 stable-charts.txt
-rw-r--r-- 1 root root 9839197 Sep 16 17:44 stable-index.yaml
[root@k8s-master repository]# tar -xf redis-15.3.2.tgz
[root@k8s-master repository]# ls
bitnami-charts.txt bitnami-index.yaml grafana-6.13.6.tgz myweb nginx redis redis-15.3.2.tgz stable-charts.txt stable-index.yaml
[root@k8s-master repository]# cd redis/ #进入到redis缓存文件中
[root@k8s-master redis]# ls
Chart.lock charts Chart.yaml ci img README.md templates values.schema.json values.yaml
- 查看redis chart的详细信息
[root@k8s-master helm]# helm show all bitnami/redis #显示chart的所有信息
[root@k8s-master helm]# helm show readme bitnami/redis #显示chart的自述信息 可以查看示例、配置、每个版本的更新详情等信息
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
[root@k8s-master helm]# helm install db bitnami/redis
NAME: db
LAST DEPLOYED: Fri Sep 17 11:44:05 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
** Please be patient while the chart is being deployed **
#以下是对应用的描述信息 包括使用的端口 连接方式等
Redis™ can be accessed on the following DNS names from within your cluster:
db-redis-master.default.svc.cluster.local for read/write operations (port 6379) #端口
db-redis-replicas.default.svc.cluster.local for read-only operations (port 6379)
To get your password run:
export REDIS_PASSWORD=$(kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode) #获取密码
To connect to your Redis™ server:
#不同的连接到redis的方法
1. Run a Redis™ pod that you can use as a client:
kubectl run --namespace default redis-client --restart='Never' --env REDIS_PASSWORD=$REDIS_PASSWORD --image docker.io/bitnami/redis:6.2.5-debian-10-r34 --command -- sleep infinity
Use the following command to attach to the pod:
kubectl exec --tty -i redis-client \
--namespace default -- bash
2. Connect using the Redis™ CLI:
redis-cli -h db-redis-master -a $REDIS_PASSWORD
redis-cli -h db-redis-replicas -a $REDIS_PASSWORD
To connect to your database from outside the cluster execute the following commands:
kubectl port-forward --namespace default svc/db-redis-master 6379:6379 &
redis-cli -h 127.0.0.1 -p 6379 -a $REDIS_PASSWORD
[root@k8s-master helm]# kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode
usubChTbCD
[root@k8s-master helm]# kubectl get pod #查看部署状态
NAME READY STATUS RESTARTS AGE
db-redis-master-0 0/1 Pending 0 3m44s #挂起状态
db-redis-replicas-0 0/1 Pending 0 3m44s
mypod-env 0/1 CrashLoopBackOff 506 42h
[root@k8s-master helm]# kubectl describe pod db-redis-master-0 #查看描述信息
.....
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning FailedScheduling 6m2s default-scheduler 0/4 nodes are available: 4 pod has unbound immediate PersistentVolumeClaims. #无法申请到PVC资源
Warning FailedScheduling 6m1s default-scheduler 0/4 nodes are available: 4 pod has unbound immediate PersistentVolumeClaims.
示例2: redis部署
- 根据自己的实际情况 修改chart
- 进入之前下载的chart 修改values.yaml文件 测试环境关闭PVC需求
[root@k8s-master redis]# pwd
/root/mag/helm/redis
[root@k8s-master redis]# ls
Chart.lock charts Chart.yaml ci img README.md templates values.schema.json values.yaml
[root@k8s-master redis]# vim values.yaml
persistence:
## @param master.persistence.enabled Enable persistence on Redis™ master nodes using Persistent Volume Claims
##
enabled: false #关闭master数据持久化 测试环境没有搭建PVC
## @param master.persistence.path The path the volume will be mounted at on Redis™ master containers
## NOTE: Useful when using different Redis™ images
##
path: /data
## @param master.persistence.subPath The subdirectory of the volume to mount on Redis™ master containers
## NOTE: Useful in dev environments
##
subPath: ""
## @param master.persistence.storageClass Persistent Volume storage class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
##
storageClass: "" #之前有部署longhorn的可以选择longhorn
## @param master.persistence.accessModes [array] Persistent Volume access modes
##
accessModes:
- ReadWriteOnce
## @param master.persistence.size Persistent Volume size
##
size: 8Gi
persistence:
## @param replica.persistence.enabled Enable persistence on Redis™ replicas nodes using Persistent Volume Claims
##
enabled: false #关闭slave数据持久化 测试环境没有搭建PVC
## @param replica.persistence.path The path the volume will be mounted at on Redis™ replicas containers
## NOTE: Useful when using different Redis™ images
##
path: /data
## @param replica.persistence.subPath The subdirectory of the volume to mount on Redis™ replicas containers
## NOTE: Useful in dev environments
##
subPath: ""
## @param replica.persistence.storageClass Persistent Volume storage class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
##
storageClass: ""
## @param replica.persistence.accessModes [array] Persistent Volume access modes
##
accessModes:
- ReadWriteOnce
## @param replica.persistence.size Persistent Volume size
##
size: 8Gi
#修改副本数为1 根据自己需求修改默认为3
replica:
## @param replica.replicaCount Number of Redis™ replicas to deploy
##
replicaCount: 1
- 重新部署安装
helm传递参数 变量的引用不同方式
- 方式1 还是上repo仓库中的chart 但指定变量配置文件
[root@k8s-master helm]# helm install db bitnami/redis -f ./redis/values.yaml
- 方式2 安装时命令直接关闭
[root@k8s-master helm]# helm install db bitnami/redis --set master.persistence.enabled=false --set replica.persistence.enabled=false --set replice.replicaCount=1
- 方式3 直接使用修改后的chart
[root@k8s-master helm]# helm install db redis
NAME: db
LAST DEPLOYED: Fri Sep 17 15:46:50 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
** Please be patient while the chart is being deployed **
Redis™ can be accessed on the following DNS names from within your cluster:
db-redis-master.default.svc.cluster.local for read/write operations (port 6379)
db-redis-replicas.default.svc.cluster.local for read-only operations (port 6379)
To get your password run:
export REDIS_PASSWORD=$(kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode)
To connect to your Redis™ server:
1. Run a Redis™ pod that you can use as a client:
kubectl run --namespace default redis-client --restart='Never' --env REDIS_PASSWORD=$REDIS_PASSWORD --image docker.io/bitnami/redis:6.2.5-debian-10-r34 --command -- sleep infinity
Use the following command to attach to the pod:
kubectl exec --tty -i redis-client \
--namespace default -- bash
2. Connect using the Redis™ CLI:
redis-cli -h db-redis-master -a $REDIS_PASSWORD
redis-cli -h db-redis-replicas -a $REDIS_PASSWORD
To connect to your database from outside the cluster execute the following commands:
kubectl port-forward --namespace default svc/db-redis-master 6379:6379 &
redis-cli -h 127.0.0.1 -p 6379 -a $REDIS_PASSWORD
以上连接方式信息不需要保存 可通过status再次查看
[root@k8s-master helm]# helm status db
[root@k8s-master helm]# kubectl get pod
NAME READY STATUS RESTARTS AGE
db-redis-master-0 1/1 Running 0 39s
db-redis-replicas-0 0/1 Running 0 39s
- 获取redis密码
[root@k8s-master helm]# kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode
0Wf7jcy379[root@k8s-master helm]#
- 登录主节点
[root@k8s-master helm]# kubectl exec db-redis-master-0 -it -- /bin/sh
$ redis-cli -a 0Wf7jcy379
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
127.0.0.1:6379> set mykey www.google.com
OK
127.0.0.1:6379> set mykey2 www.baidu.com
OK
127.0.0.1:6379> get mykey2
"www.baidu.com"
127.0.0.1:6379> exit
$ redis-cli -h db-redis-replicas -a 0Wf7jcy379 #登录slave节点 看数据是否同步过去
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
db-redis-replicas:6379> get mykey
"www.google.com"
db-redis-replicas:6379> get mykey2
"www.baidu.com"
db-redis-replicas:6379>
[root@k8s-master helm]# helm install db2 redis -n dev #再dev 名称空间部署redis
[root@k8s-master helm]# helm delete db2 redis -n dev #删除db2