zoukankan      html  css  js  c++  java
  • kubernetes之4---Helm包管理器

    Helm包管理器

    Helm:让部署应用变的更简单,高效。

    Helm chart帮助我们定义,安装和升级kubernetes应用。

    官方安装文档

    安装helm客户端

    wget https://get.helm.sh/helm-v2.17.0-linux-amd64.tar.gz
    tar xf helm-v2.17.0-linux-amd64.tar.gz
    mv linux-amd64/helm /usr/local/bin/helm
    

    部署helm服务端

    helm必须部署在k8s集群中,才能有权限调用apiserver。

    1. helm初始化(准备镜像:ghcr.io/helm/tiller:v2.17.0)
    helm init
    
    1. 查看资源,验证
    kubectl get pod -n kube-system
    helm version
    

    授予tiller容器权限

    1. 创建RBAC的yaml文件
    mkdir -p /root/k8s_yaml/helm/ && cd /root/k8s_yaml/helm/
    cat <<EOF > /root/k8s_yaml/helm/tiller_rbac.yaml
    apiVersion: v1
    kind: ServiceAccount
    metadata:
      name: tiller
      namespace: kube-system
    ---
    apiVersion: rbac.authorization.k8s.io/v1beta1
    kind: ClusterRoleBinding
    metadata:
      name: tiller
    roleRef:
      apiGroup: rbac.authorization.k8s.io
      kind: ClusterRole
      name: cluster-admin
    subjects:
      - kind: ServiceAccount
        name: tiller
        namespace: kube-system
    EOF
    
    1. 创建RBAC资源
    kubectl create -f .
    
    1. 查看tiller-deploy的yaml文件
    kubectl get deploy tiller-deploy -n kube-system -o yaml
    
    1. 给tiller-deploy打补丁:命令行修改yaml文件
    kubectl patch -n kube-system deploy tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
    
    1. 配置命令行补全
    cd ~ && helm completion bash > .helmrc && echo "source ~/.helmrc" >> .bashrc
    source ~/.helmrc
    

    部署应用

    1. 搜索应用
    helm search phpmyadmin
    
    1. 下载charts(模板),安装实例
    helm install --name oldboy --namespace=oldboy stable/phpmyadmin
    
    [root@k8s-adm-master ~]# helm install --name oldboy --namespace=oldboy stable/phpmyadmin
    WARNING: This chart is deprecated
    NAME:   oldboy
    LAST DEPLOYED: Wed Dec 16 20:19:21 2020
    NAMESPACE: oldboy
    STATUS: DEPLOYED
    
    RESOURCES:
    ==> v1/Deployment
    NAME               READY  UP-TO-DATE  AVAILABLE  AGE
    oldboy-phpmyadmin  0/1    1           0          0s
    
    ==> v1/Pod(related)
    NAME                                READY  STATUS             RESTARTS  AGE
    oldboy-phpmyadmin-7d65b585fb-r8cp2  0/1    ContainerCreating  0         0s
    
    ==> v1/Service
    NAME               TYPE       CLUSTER-IP      EXTERNAL-IP  PORT(S)  AGE
    oldboy-phpmyadmin  ClusterIP  10.254.253.220  <none>       80/TCP   0s
    
    
    NOTES:
    This Helm chart is deprecated
    
    Given the `stable` deprecation timeline (https://github.com/helm/charts#deprecation-timeline), the Bitnami maintained Helm chart is now located at bitnami/charts (https://github.com/bitnami/charts/).
    
    The Bitnami repository is already included in the Hubs and we will continue providing the same cadence of updates, support, etc that we've been keeping here these years. Installation instructions are very similar, just adding the _bitnami_ repo and using it during the installation (`bitnami/<chart>` instead of `stable/<chart>`)
    
    ```bash
    $ helm repo add bitnami https://charts.bitnami.com/bitnami
    $ helm install my-release bitnami/<chart>           # Helm 3
    $ helm install --name my-release bitnami/<chart>    # Helm 2
    ```
    
    To update an exisiting _stable_ deployment with a chart hosted in the bitnami repository you can execute
    
    ```bash
    $ helm repo add bitnami https://charts.bitnami.com/bitnami
    $ helm upgrade my-release bitnami/<chart>
    ```
    
    Issues and PRs related to the chart itself will be redirected to `bitnami/charts` GitHub repository. In the same way, we'll be happy to answer questions related to this migration process in this issue (https://github.com/helm/charts/issues/20969) created as a common place for discussion.
    
    1. Get the application URL by running these commands:
      export POD_NAME=$(kubectl get pods --namespace oldboy -l "app=phpmyadmin,release=oldboy" -o jsonpath="{.items[0].metadata.name}")
      echo "phpMyAdmin URL: http://127.0.0.1:8080"
      kubectl port-forward --namespace oldboy svc/oldboy-phpmyadmin 8080:80
    
    2. How to log in
    
    phpMyAdmin has not been configure to point to a specific database. Please provide the db host,
    username and password at log in or upgrade the release with a specific database:
    
    $ helm upgrade oldboy stable/phpmyadmin --set db.host=mydb
    
    
    
    ** Please be patient while the chart is being deployed **
    
    1. 查看资源
    kubectl get all -n oldboy
    
    1. 升级,命令行修改变量
    helm upgrade oldboy stable/phpmyadmin --set db.host=10.0.0.13
    
    1. 可以解压缓存的tgz包,查看charts
    [root@k8s-adm-master charts]# ls /root/.helm/cache/archive/
    phpmyadmin-4.3.5.tgz
    

    charts

    1. 创建charts
    mkdir -p /root/k8s_yaml/helm/charts && cd /root/k8s_yaml/helm/charts
    helm create hello-helm
    
    [root@k8s-adm-master charts]# tree hello-helm
    hello-helm
    |-- charts                 # 子charts
    |-- Chart.yaml             # charts版本
    |-- templates              # 模板
    |   |-- deployment.yaml
    |   |-- _helpers.tpl
    |   |-- ingress.yaml
    |   |-- NOTES.txt           # 使用说明
    |   |-- serviceaccount.yaml
    |   |-- service.yaml
    |   `-- tests
    |       `-- test-connection.yaml
    `-- values.yaml             # 变量
    
    1. 自定义charts
    rm -rf /root/k8s_yaml/helm/charts/hello-helm/templates/*
    echo hello! > /root/k8s_yaml/helm/charts/hello-helm/templates/NOTES.txt
    cat <<EOF > /root/k8s_yaml/helm/charts/hello-helm/templates/pod.yaml
    apiVersion: extensions/v1beta1
    kind: Deployment
    metadata:
      name: nginx
    spec:
      replicas: 1
      template:
        metadata:
          labels:
            app: nginx
        spec:
          containers:
          - name: nginx
            image: nginx:1.13
            ports:
            - containerPort: 80
    EOF
    
    1. 安装charts
    cd /root/k8s_yaml/helm/charts
    helm install hello-helm
    
    1. 查看charts
    helm list
    
    1. 查看pod
    kubectl get pod
    
    1. 调试:只渲染,不部署
    helm install hello-helm --debug --dry-run
    
    1. 卸载实例
    helm delete oldboy
    
    1. 打包charts
    helm package hello-helm
    

    配置国内源

    1. 删除默认源
    helm repo remove stable
    
    1. 增加国内源(stable只能指定一个,可以指定不同名的源)官方
    helm repo add stable https://burdenbear.github.io/kube-charts-mirror/
    helm repo add stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
    helm repo add stable https://mirror.azure.cn/kubernetes/charts/
    
    1. 查看源
    helm repo list
    
    1. 更新仓库信息
    helm repo update
    
    1. 搜索测试
    helm search mysql
    
    1. 自建仓库

    搭建charts仓库需要:参考Github,官方推荐使用gitPage搭建charts仓库。


    Helm3变化

    去除Tiller 和 helm serve

    helm服务端和init命令在helm3已弃用。

    helm通过 kubeconfig 直接操作k8s集群,类似于kubectl。
    helm使用与kubectl上下文相同的访问权限,无需再使用helm init来初始化Helm。

    只需要安装helm即可:

    curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
    chmod 700 get_helm.sh
    ./get_helm.sh
    

    实际上就是Github下载二进制文件并解压,移动到/usr/local/bin/下,添加执行权限。


    移除预定义仓库被,增加helm hub

    helm search 区分 repo 和 hub

    • repo:自己手动添加的源
    helm repo add stable https://kubernetes-charts.storage.googleapis.com
    helm repo add incubator https://kubernetes-charts-incubator.storage.googleapis.com/
    helm repo add ibmstable https://raw.githubusercontent.com/IBM/charts/master/repo/stable
    
    • hub:helm 的中心库,各软件商需要在 hub 把应用更新到最新,我们才能在上面查到最新的,等同dockerhub。hub 搜到的包需要进入hub页面查看下载地址。可以把 hub 和 google repo 配合使用:
    helm search hub mysql
    

    Values 支持 JSON Schema 校验器

    运行 helm install 、 helm upgrade 、 helm lint 、 helm template 命令时,JSON Schema 的校验会自动运行,如果失败就会立即报错。等于先将yaml文件都校验一遍,再创建。

    helm pull stable/mysql
    tar -zxvf mysql-1.6.2.tgz 
    cd mysql 
    vim values.yaml 
    # 把port: 3306 改成 port: 3306aaa
    # 安装测试,会校验port的格式,而且确实是在安装之前,一旦有错任何资源都不会被创建
    helm install mysqlll .
    Error: unable to build kubernetes objects from release manifest: error validating "": error validating data: ValidationError(Service.spec.ports[0].port): invalid type for io.k8s.api.core.v1.ServicePort.port: got "string", expected "integer"
    

    helm2/3 命令差异

    参考文档


  • 相关阅读:
    用ps命令查看进程的内存
    女人
    一个中文系高材生的高水平请假条
    常用元件封装
    premiere 视频滤镜详解
    Start of Authority Record (SOA) (转) Anny
    DNS Record Format and Types Anny
    域名解析的配置文件 /etc/resolv.conf Anny
    System Information Record (HINFO)(转) Anny
    Bug分析:为bug预防奠定基础 (转) Anny
  • 原文地址:https://www.cnblogs.com/backups/p/k8s_4.html
Copyright © 2011-2022 走看看