简单介绍:
Helm其实就是一个基于Kubernetes的程序包(资源包)管理器,它将一个应用的相关资源组织成为Charts,并通过Charts管理程序包。再简单点说,可以当做RHEL/CentOS系统中的yum机制,有yum install,也有helm install等等。具体可以参考网上其他介绍。
GitHub:https://github.com/helm/helm
官网:https://helm.sh/docs/using_helm/#quickstart-guide
测试环境:
同之前部署的集群环境,如下
System | Hostname | IP | Helm |
CentOS 7.6 | k8s-master | 138.138.82.14 | helm命令安装在主节点上 |
CentOS 7.6 | k8s-node1 | 138.138.82.15 | — |
CentOS 7.6 | k8s-node2 | 138.138.82.16 | — |
具体步骤:
1. 安装客户端Helm命令(https://github.com/helm/helm/releases)
[root@k8s-master ~]# wget https://storage.googleapis.com/kubernetes-helm/helm-v2.13.1-linux-amd64.tar.gz
解压,将其中的helm文件移至 /usr/local/bin/
[root@k8s-master ~]# mv linux-amd64/helm /usr/local/bin/
helm的命令安装完成,如需查看命令怎么使用,使用 ~]# helm help 即可。
2. 安装Tiller服务
Tiller是helm的服务器端,一般运行于kubernetes集群之上,当然少不了RBAC授权,事先创建相关的ServiceAccount才能进行安装。
下面给出了一个样例yaml清单,定义了一个名为tiller的ServiceAccount,并通过ClusterRoleBinding将其绑定至集群管理员角色cluster-admin,从而使得它拥有集群级别所有的最高权限:
[root@k8s-master ~]# cat till-rbac-config.yaml apiVersion: v1 kind: ServiceAccount metadata: name: tiller namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: tiller roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: tiller namespace: kube-system
发布到kubernetes集群中去:
[root@k8s-master ~]# kubectl apply -f till-rbac-config.yaml serviceaccount/tiller created clusterrolebinding.rbac.authorization.k8s.io/tiller created
接下来,初始化Tiller服务:
[root@k8s-master ~]# helm init --upgrade --service-account tiller --tiller-image registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.13.1 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts Creating /root/.helm Creating /root/.helm/repository Creating /root/.helm/repository/cache Creating /root/.helm/repository/local Creating /root/.helm/plugins Creating /root/.helm/starters Creating /root/.helm/cache/archive Creating /root/.helm/repository/repositories.yaml Adding stable repo with URL: https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts Adding local repo with URL: http://127.0.0.1:8879/charts $HELM_HOME has been configured at /root/.helm. Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster. Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy. To prevent this, run `helm init` with the --tiller-tls-verify flag. For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation Happy Helming!
如上显示,初始化成功!
注意:helm init命令进行初始化时,Kubernetes集群会到gcr.io/kubernetes-helm/上获取所需的镜像,不出意外,被墙了,故指定替代镜像可以解决。同时还要将repo源更换成阿里的镜像,更快更便捷。
3. helm命令使用
①更新使用的默认仓库元数据信息
[root@k8s-master ~]# helm repo update Hang tight while we grab the latest from your chart repositories... ...Skip local chart repository ...Successfully got an update from the "stable" chart repository Update Complete. ⎈ Happy Helming!⎈
②搜索列出
[root@k8s-master ~]# helm search redis NAME CHART VERSION APP VERSION DESCRIPTION stable/redis 1.1.15 4.0.8 Open source, advanced key-value store. It is often referr... stable/redis-ha 2.0.1 Highly available Redis cluster with multiple sentinels an... stable/sensu 0.2.0 Sensu monitoring framework backed by the Redis transport
③打印指定Charts详细信息
[root@k8s-master ~]# helm inspect stable/redis
④安装
[root@k8s-master ~]# helm install stable/redis -n redis // -n 给个名字;也可以在安装前加个 --dry-run 用作测试
⑤查看已经安装
[root@k8s-master ~]# helm list
⑥删除已经安装的
[root@k8s-master ~]# helm delete redis
⑦其他
[root@k8s-master ~]# helm upgrade [root@k8s-master ~]# helm rollback [root@k8s-master ~]# helm history
至此,Helm的安装和简单使用到此完成。
结束.