乐趣区

关于kubernetes:29kubernetesk8s笔记-Helm

什么是 Helm

在没应用 helm 之前,向 kubernetes 部署利用,咱们要顺次部署 deployment、svc 等,步骤较繁琐。况且随着很多我的项目微服务化,简单的利用在容器中部署以及治理显得较为简单,helm 通过打包的形式,反对公布的版本治理和管制,很大水平上简化了 Kubernetes 利用的部署和治理 Helm 实质就是让 K8s 的利用治理(Deployment,Service 等 ) 可配置,能动静生成。通过动静生成 K8s 资源清单文件(deployment.yaml,service.yaml)。而后调用 Kubectl 主动执行 K8s 资源部署 Helm 是官网提供的相似于 YUM 的包管理器,是部署环境的流程封装。Helm 有两个重要的概念:chart 和 release

  • Helm 应用的包格局称为 chart。
    chart 是创立一个利用的信息汇合,包含各种 Kubernetes 对象的配置模板、参数定义、依赖关系、文档说
    明等。chart 是利用部署的自蕴含逻辑单元。能够将 chart 设想成 apt、yum 中的软件安装包。
  • Chart 文件构造
    chart 是一个组织在文件目录中的汇合。目录名称就是 chart 名称(没有版本信息)。因此形容 WordPress 的 chart 能够存储在 wordpress/ 目录中。

在这个目录中,Helm 冀望能够匹配以下构造:

wordpress/
  Chart.yaml          # 蕴含了 chart 信息的 YAML 文件
  LICENSE             # 可选: 蕴含 chart 许可证的纯文本文件
  README.md           # 可选: 可读的 README 文件
  values.yaml         # chart 默认的配置值
  values.schema.json  # 可选: 一个应用 JSON 构造的 values.yaml 文件
  charts/             # 蕴含 chart 依赖的其余 chart
  crds/               # 自定义资源的定义
  templates/          # 模板目录,当和 values 联合时,可生成无效的 Kubernetes manifest 文件
  templates/NOTES.txt # 可选: 蕴含简要应用阐明的纯文本文件
  • 几个 Helm 波及的概念
  • Repositry: 集中存储和散发 Chart 的仓库,相似于 Perl 的 CPAN, 或者 Python 的 PyPI 等。
  • Config: Chart 实例化装置运行时应用的配置信息。
  • Release: Chart 实例化配置后运行于 Kubernetes 集群中的一个利用实例; 在同一个集群上,一个 Chart 能够应用不同的 Config 反复装置屡次,每次装置都会创立一 个新的公布 (Release)
  • Helm 蕴含两个组件:Helm 客户端和 Tiller 服务器,如下图所示
  • Helm 客户端负责 chart 和 release 的创立和治理以及和 Tiller 的交互。Tiller 服务器运行在 Kubernetes 集群
    中,它会解决 Helm 客户端的申请,与 Kubernetes API Server 交互

Helm 部署

helm v3 版本不须要部 Tiller 可间接应用
官网下载适宜版本:

https://helm.sh/zh/docs/intro…

  • helm 仓库

    https://artifacthub.io/

  • 装置 helm v3 版
[root@k8s-master helm]# ls
helm-v3.6.1-linux-amd64.tar.gz
[root@k8s-master helm]# tar -xf helm-v3.6.1-linux-amd64.tar.gz 
l[root@k8s-master helm]# ls
helm-v3.6.1-linux-amd64.tar.gz  linux-amd64
[root@k8s-master helm]# cd linux-amd64/
[root@k8s-master linux-amd64]# ls
helm  LICENSE  README.md
  • helm 为可执行二进制文件 间接拷贝到
[root@k8s-master linux-amd64]# cp helm /usr/local/bin/helm  

[root@k8s-master linux-amd64]# helm --help
The Kubernetes package manager

Common actions for Helm:

- helm search:    search for charts
- helm pull:      download a chart to your local directory to view
- helm install:   upload the chart to Kubernetes
- helm list:      list releases of charts

Environment variables:
......

Helm 常用命令

[root@k8s-master helm]# helm list -A   #查看所有 helm 或指明 namespace
[root@k8s-master helm]# helm repo list   #查看仓库
[root@k8s-master helm]# helm search hub  grafana   #hup 搜寻 
[root@k8s-master helm]# helm search repo  grafana   #仓库搜寻 
NAME                          CHART VERSION    APP VERSION    DESCRIPTION                                       
grafana/grafana               6.13.6           8.0.3          The leading tool for querying and visualizing t...
grafana/enterprise-metrics    1.3.5            v1.3.0         Grafana Enterprise Metrics                       

[root@k8s-master helm]#  helm pull grafana/grafana   #下载 Chart 到本地

Helm Hub、Repositry 仓库的增加

helm search hub

https://artifacthub.io/

  • helm hub 仓库中搜寻 redis

  • 点击右侧 install 按提醒增加仓库地址

  • 通过 helm search hub 搜寻仓库地址 找到适宜的版本间接装置
[root@k8s-master repository]# helm search hub redis -o yaml
- app_version: 6.2.5
  description: A Helm chart for Redis on Kubernetes
  url: https://artifacthub.io/packages/helm/groundhog2k/redis
  version: 0.4.7
- app_version: 6.0.11
  description: Open source, advanced key-value store. It is often referred to as a
    data structure server since keys can contain strings, hashes, lists, sets and
    sorted sets.
  url: https://artifacthub.io/packages/helm/taalhuizen-service/redis
  version: 12.7.7
- app_version: 1.16.0
  description: Redis with metrics compatible with ARM
  url: https://artifacthub.io/packages/helm/mmontes/redis
  version: 0.1.0
- app_version: 6.2.5
  description: Open source, advanced key-value store. It is often referred to as a
    data structure server since keys can contain strings, hashes, lists, sets and
    sorted sets.
  url: https://artifacthub.io/packages/helm/wenerme/redis
  version: 15.3.2
- app_version: ""
  description: A Redis database for use inside a Kubernetes cluster.
  url: https://artifacthub.io/packages/helm/drycc-canary/redis
  version: 1.0.0

Helm Repositry 仓库

  • 罕用的 helm 仓库

    helm repo add stable https://charts.helm.sh/stable #官网仓库
    helm repo add bitnami https://charts.bitnami.com/bi… #第三方仓库

  • 查看现有仓库
[root@k8s-master ~]# helm repo list 
Error: no repositories to show
  • 增加 helm 仓库
[root@k8s-master ~]# helm repo add bitnami https://charts.bitnami.com/bitnami
[root@k8s-master ~]# helm repo add stable https://charts.helm.sh/stable
"stable" has been added to your repositories
[root@k8s-master ~]# helm repo list
NAME       URL                               
bitnami    https://charts.bitnami.com/bitnami
stable     https://charts.helm.sh/stable
[root@k8s-master ~]# helm repo update  #增加和删除仓库后更新索引信息 
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "stable" chart repository
...Successfully got an update from the "bitnami" chart repository
Update Complete. ⎈Happy Helming!⎈
  • 搜寻 char
[root@k8s-master ~]# helm search repo redis 
NAME                                CHART VERSION    APP VERSION    DESCRIPTION                                       
bitnami/redis                       15.3.2           6.2.5          Open source, advanced key-value store. It is of...
bitnami/redis-cluster               6.3.6            6.2.5          Open source, advanced key-value store. It is of...
stable/prometheus-redis-exporter    3.5.1            1.3.4          DEPRECATED Prometheus exporter for Redis metrics  
stable/redis                        10.5.7           5.0.7          DEPRECATED Open source, advanced key-value stor...
stable/redis-ha                     4.4.6            5.0.6          DEPRECATED - Highly available Kubernetes implem...
stable/sensu                        0.2.5            0.28           DEPRECATED Sensu monitoring framework backed by...

下载 chart 到本地 2 种办法

  1. 办法 1 pull 间接下载
[root@k8s-master ~]# cd mag/helm/
[root@k8s-master helm]# helm pull bitnami/redis  #把 chart 下载到本地
[root@k8s-master helm]# ls
helm-v3.6.1-linux-amd64.tar.gz  redis-15.3.2.tgz
[root@k8s-master helm]# tar -xf redis-15.3.2.tgz 
[root@k8s-master helm]# cd redis/
[root@k8s-master redis]# ls   
Chart.lock  charts  Chart.yaml  ci  img  README.md  templates  values.schema.json  values.yaml
[root@k8s-master redis]#
  1. 办法 2 缓冲文件中到找 chart
    当执行过装置过命令后,helm 会在家目录生成.cache 的缓存文件 外面也会蕴含 chart
[root@k8s-master repository]# helm install db  bitnami/redis
[root@k8s-master repository]# pwd
/root/.cache/helm/repository

[root@k8s-master repository]# ll
total 19080
-rw-r--r-- 1 root root    1094 Sep 16 17:45 bitnami-charts.txt
-rw-r--r-- 1 root root 9570808 Sep 16 17:45 bitnami-index.yaml
-rw-r--r-- 1 root root   28227 Jul  1 17:40 grafana-6.13.6.tgz
-rw-r--r-- 1 root root    3908 Jul  7 21:41 myweb
-rw-r--r-- 1 root root    3872 Jul  7 03:13 nginx
-rw-r--r-- 1 root root   77619 Sep 17 11:53 redis-15.3.2.tgz  #redis chart 文件
-rw-r--r-- 1 root root    3370 Sep 16 17:44 stable-charts.txt
-rw-r--r-- 1 root root 9839197 Sep 16 17:44 stable-index.yaml
[root@k8s-master repository]# tar -xf redis-15.3.2.tgz 
[root@k8s-master repository]# ls
bitnami-charts.txt  bitnami-index.yaml  grafana-6.13.6.tgz  myweb  nginx  redis  redis-15.3.2.tgz  stable-charts.txt  stable-index.yaml
[root@k8s-master repository]# cd redis/   #进入到 redis 缓存文件中
[root@k8s-master redis]# ls
Chart.lock  charts  Chart.yaml  ci  img  README.md  templates  values.schema.json  values.yaml
  • 查看 redis chart 的详细信息
[root@k8s-master helm]# helm show all bitnami/redis  #显示 chart 的所有信息
[root@k8s-master helm]# helm show readme  bitnami/redis   #显示 chart 的自述信息 能够查看示例、配置、每个版本的更新详情等信息

NAME    NAMESPACE    REVISION    UPDATED    STATUS    CHART    APP VERSION
[root@k8s-master helm]# helm install db  bitnami/redis
NAME: db
LAST DEPLOYED: Fri Sep 17 11:44:05 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
** Please be patient while the chart is being deployed **

#以下是对利用的形容信息  包含应用的端口 连贯形式等
Redis™ can be accessed on the following DNS names from within your cluster:

    db-redis-master.default.svc.cluster.local for read/write operations (port 6379)  #端口
    db-redis-replicas.default.svc.cluster.local for read-only operations (port 6379)

To get your password run:

    export REDIS_PASSWORD=$(kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode)  #获取明码

To connect to your Redis™ server:
#不同的连贯到 redis 的办法
1. Run a Redis™ pod that you can use as a client:    

   kubectl run --namespace default redis-client --restart='Never'  --env REDIS_PASSWORD=$REDIS_PASSWORD  --image docker.io/bitnami/redis:6.2.5-debian-10-r34 --command -- sleep infinity

   Use the following command to attach to the pod:

   kubectl exec --tty -i redis-client \
   --namespace default -- bash

2. Connect using the Redis™ CLI: 
   redis-cli -h db-redis-master -a $REDIS_PASSWORD
   redis-cli -h db-redis-replicas -a $REDIS_PASSWORD

To connect to your database from outside the cluster execute the following commands:

    kubectl port-forward --namespace default svc/db-redis-master 6379:6379 &
    redis-cli -h 127.0.0.1 -p 6379 -a $REDIS_PASSWORD


[root@k8s-master helm]# kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode
usubChTbCD

[root@k8s-master helm]# kubectl get pod  #查看部署状态
NAME                  READY   STATUS             RESTARTS   AGE
db-redis-master-0     0/1     Pending            0          3m44s  #挂起状态
db-redis-replicas-0   0/1     Pending            0          3m44s
mypod-env             0/1     CrashLoopBackOff   506        42h


[root@k8s-master helm]# kubectl describe pod db-redis-master-0    #查看形容信息
.....
Events:
  Type     Reason            Age   From               Message
  ----     ------            ----  ----               ------- 
  Warning  FailedScheduling  6m2s  default-scheduler  0/4 nodes are available: 4 pod has unbound immediate PersistentVolumeClaims.   #无奈申请到 PVC 资源
  Warning  FailedScheduling  6m1s  default-scheduler  0/4 nodes are available: 4 pod has unbound immediate PersistentVolumeClaims.

示例 2: redis 部署

  • 依据本人的理论状况 批改 chart
  • 进入之前下载的 chart 批改 values.yaml 文件 测试环境敞开 PVC 需要
[root@k8s-master redis]# pwd  
/root/mag/helm/redis
[root@k8s-master redis]# ls
Chart.lock  charts  Chart.yaml  ci  img  README.md  templates  values.schema.json  values.yaml
[root@k8s-master redis]# vim values.yaml

persistence:
    ## @param master.persistence.enabled Enable persistence on Redis™ master nodes using Persistent Volume Claims
    ##
    enabled: false  #敞开 master 数据长久化 测试环境没有搭建 PVC
    ## @param master.persistence.path The path the volume will be mounted at on Redis™ master containers
    ## NOTE: Useful when using different Redis™ images
    ##
    path: /data
    ## @param master.persistence.subPath The subdirectory of the volume to mount on Redis™ master containers
    ## NOTE: Useful in dev environments
    ##
    subPath: ""
    ## @param master.persistence.storageClass Persistent Volume storage class
    ## If defined, storageClassName: <storageClass>
    ## If set to "-", storageClassName: "", which disables dynamic provisioning
    ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
    ##
    storageClass: ""  #之前有部署 longhorn 的能够抉择 longhorn
    ## @param master.persistence.accessModes [array] Persistent Volume access modes
    ##
    accessModes:
      - ReadWriteOnce
    ## @param master.persistence.size Persistent Volume size
    ##
    size: 8Gi


  persistence:
    ## @param replica.persistence.enabled Enable persistence on Redis&trade; replicas nodes using Persistent Volume Claims
    ##
    enabled: false #敞开 slave 数据长久化 测试环境没有搭建 PVC
    ## @param replica.persistence.path The path the volume will be mounted at on Redis&trade; replicas containers
    ## NOTE: Useful when using different Redis&trade; images
    ##
    path: /data
    ## @param replica.persistence.subPath The subdirectory of the volume to mount on Redis&trade; replicas containers
    ## NOTE: Useful in dev environments
    ##
    subPath: ""
    ## @param replica.persistence.storageClass Persistent Volume storage class
    ## If defined, storageClassName: <storageClass>
    ## If set to "-", storageClassName: "", which disables dynamic provisioning
    ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
    ##
    storageClass: ""
    ## @param replica.persistence.accessModes [array] Persistent Volume access modes
    ##
    accessModes:
      - ReadWriteOnce
    ## @param replica.persistence.size Persistent Volume size
    ##
    size: 8Gi
    
#批改正本数为 1 依据本人需要批改默认为 3
replica:
  ## @param replica.replicaCount Number of Redis&trade; replicas to deploy
  ##
  replicaCount: 1
  • 重新部署装置

    helm 传递参数 3 种变量的援用形式

  • 形式 1 还是上 repo 仓库中的 chart 但指定变量配置文件
[root@k8s-master helm]# helm install db bitnami/redis -f ./redis/values.yaml  
  • 形式 2 装置时命令间接敞开
[root@k8s-master helm]# helm install db bitnami/redis --set master.persistence.enabled=false --set replica.persistence.enabled=false --set replice.replicaCount=1
  • 形式 3 间接应用批改后的 chart
[root@k8s-master helm]# helm install db redis 
NAME: db
LAST DEPLOYED: Fri Sep 17 15:46:50 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
** Please be patient while the chart is being deployed **

Redis&trade; can be accessed on the following DNS names from within your cluster:

    db-redis-master.default.svc.cluster.local for read/write operations (port 6379)
    db-redis-replicas.default.svc.cluster.local for read-only operations (port 6379)

To get your password run:

    export REDIS_PASSWORD=$(kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode)

To connect to your Redis&trade; server:

1. Run a Redis&trade; pod that you can use as a client:

   kubectl run --namespace default redis-client --restart='Never'  --env REDIS_PASSWORD=$REDIS_PASSWORD  --image docker.io/bitnami/redis:6.2.5-debian-10-r34 --command -- sleep infinity

   Use the following command to attach to the pod:

   kubectl exec --tty -i redis-client \
   --namespace default -- bash

2. Connect using the Redis&trade; CLI:
   redis-cli -h db-redis-master -a $REDIS_PASSWORD
   redis-cli -h db-redis-replicas -a $REDIS_PASSWORD

To connect to your database from outside the cluster execute the following commands:

    kubectl port-forward --namespace default svc/db-redis-master 6379:6379 &
    redis-cli -h 127.0.0.1 -p 6379 -a $REDIS_PASSWORD
  • 以上连贯形式信息不须要保留 可通过 status 再次查看
[root@k8s-master helm]# helm status  db
[root@k8s-master helm]# kubectl get pod
NAME                  READY   STATUS    RESTARTS   AGE
db-redis-master-0     1/1     Running   0          39s
db-redis-replicas-0   0/1     Running   0          39s
  • 获取 redis 明码
[root@k8s-master helm]# kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode
0Wf7jcy379[root@k8s-master helm]#  
  • 登录主节点
[root@k8s-master helm]# kubectl exec db-redis-master-0 -it -- /bin/sh
$ redis-cli -a 0Wf7jcy379
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
127.0.0.1:6379> set mykey www.google.com
OK
127.0.0.1:6379> set mykey2 www.baidu.com
OK
127.0.0.1:6379> get mykey2
"www.baidu.com"
127.0.0.1:6379> exit

$ redis-cli -h db-redis-replicas -a 0Wf7jcy379  #登录 slave 节点  看数据是否同步过来
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
db-redis-replicas:6379> get mykey
"www.google.com"
db-redis-replicas:6379> get mykey2
"www.baidu.com"
db-redis-replicas:6379> 

[root@k8s-master helm]# helm  install   db2 redis -n dev  #再 dev 名称空间部署 redis

[root@k8s-master helm]# helm  delete  db2 redis -n dev #删除 db2
退出移动版