什么是 Helm

在没应用 helm 之前,向 kubernetes 部署利用,咱们要顺次部署 deployment、svc 等,步骤较繁琐。况且随着很多我的项目微服务化,简单的利用在容器中部署以及治理显得较为简单,helm 通过打包的形式,反对公布的版本治理和管制,很大水平上简化了 Kubernetes 利用的部署和治理Helm 实质就是让 K8s 的利用治理(Deployment,Service 等 ) 可配置,能动静生成。通过动静生成 K8s 资源清单文件(deployment.yaml,service.yaml)。而后调用 Kubectl 主动执行 K8s 资源部署Helm 是官网提供的相似于 YUM 的包管理器,是部署环境的流程封装。Helm 有两个重要的概念:chart 和 release

  • Helm应用的包格局称为 chart。
    chart 是创立一个利用的信息汇合,包含各种 Kubernetes 对象的配置模板、参数定义、依赖关系、文档说
    明等。chart 是利用部署的自蕴含逻辑单元。能够将 chart 设想成 apt、yum 中的软件安装包。
  • Chart 文件构造
    chart是一个组织在文件目录中的汇合。目录名称就是chart名称(没有版本信息)。因此形容WordPress的chart能够存储在wordpress/目录中。

在这个目录中,Helm 冀望能够匹配以下构造:

wordpress/  Chart.yaml          # 蕴含了chart信息的YAML文件  LICENSE             # 可选: 蕴含chart许可证的纯文本文件  README.md           # 可选: 可读的README文件  values.yaml         # chart 默认的配置值  values.schema.json  # 可选: 一个应用JSON构造的values.yaml文件  charts/             # 蕴含chart依赖的其余chart  crds/               # 自定义资源的定义  templates/          # 模板目录, 当和values 联合时,可生成无效的Kubernetes manifest文件  templates/NOTES.txt # 可选: 蕴含简要应用阐明的纯文本文件
  • 几个Helm波及的概念
  • Repositry: 集中存储和散发Chart的仓库,相似于Perl的CPAN, 或者Python的PyPI等。
  • Config: Chart实例化装置运行时应用的配置信息。
  • Release: Chart实例化配置后运行于Kubernetes集群中的一个利用实例;在同一个集群上,一个Chart能够应用不同的Config反复装置屡次,每次装置都会创立一 个新的公布 (Release)
  • Helm 蕴含两个组件:Helm 客户端和 Tiller 服务器,如下图所示
  • Helm 客户端负责 chart 和 release 的创立和治理以及和 Tiller 的交互。Tiller 服务器运行在 Kubernetes 集群
    中,它会解决 Helm 客户端的申请,与 Kubernetes API Server 交互

Helm 部署

helm v3版本不须要部Tiller 可间接应用
官网下载适宜版本:

https://helm.sh/zh/docs/intro...

  • helm仓库

    https://artifacthub.io/
  • 装置helm v3版
[root@k8s-master helm]# lshelm-v3.6.1-linux-amd64.tar.gz[root@k8s-master helm]# tar -xf helm-v3.6.1-linux-amd64.tar.gz l[root@k8s-master helm]# lshelm-v3.6.1-linux-amd64.tar.gz  linux-amd64[root@k8s-master helm]# cd linux-amd64/[root@k8s-master linux-amd64]# lshelm  LICENSE  README.md
  • helm为可执行二进制文件 间接拷贝到
[root@k8s-master linux-amd64]# cp helm /usr/local/bin/helm  [root@k8s-master linux-amd64]# helm --helpThe Kubernetes package managerCommon actions for Helm:- helm search:    search for charts- helm pull:      download a chart to your local directory to view- helm install:   upload the chart to Kubernetes- helm list:      list releases of chartsEnvironment variables:......

Helm 常用命令

[root@k8s-master helm]# helm list -A   #查看所有helm 或指明 namespace[root@k8s-master helm]# helm repo list   #查看仓库[root@k8s-master helm]# helm search hub  grafana   #hup搜寻 [root@k8s-master helm]# helm search repo  grafana   #仓库搜寻 NAME                          CHART VERSION    APP VERSION    DESCRIPTION                                       grafana/grafana               6.13.6           8.0.3          The leading tool for querying and visualizing t...grafana/enterprise-metrics    1.3.5            v1.3.0         Grafana Enterprise Metrics                       [root@k8s-master helm]#  helm pull grafana/grafana   #下载Chart到本地

Helm Hub、Repositry仓库的增加

helm search hub

https://artifacthub.io/
  • helm hub仓库中搜寻redis

  • 点击右侧install 按提醒增加仓库地址

  • 通过helm search hub搜寻仓库地址 找到适宜的版本间接装置
[root@k8s-master repository]# helm search hub redis -o yaml- app_version: 6.2.5  description: A Helm chart for Redis on Kubernetes  url: https://artifacthub.io/packages/helm/groundhog2k/redis  version: 0.4.7- app_version: 6.0.11  description: Open source, advanced key-value store. It is often referred to as a    data structure server since keys can contain strings, hashes, lists, sets and    sorted sets.  url: https://artifacthub.io/packages/helm/taalhuizen-service/redis  version: 12.7.7- app_version: 1.16.0  description: Redis with metrics compatible with ARM  url: https://artifacthub.io/packages/helm/mmontes/redis  version: 0.1.0- app_version: 6.2.5  description: Open source, advanced key-value store. It is often referred to as a    data structure server since keys can contain strings, hashes, lists, sets and    sorted sets.  url: https://artifacthub.io/packages/helm/wenerme/redis  version: 15.3.2- app_version: ""  description: A Redis database for use inside a Kubernetes cluster.  url: https://artifacthub.io/packages/helm/drycc-canary/redis  version: 1.0.0

Helm Repositry仓库

  • 罕用的helm仓库

    helm repo add stable https://charts.helm.sh/stable #官网仓库
    helm repo add bitnami https://charts.bitnami.com/bi... #第三方仓库
  • 查看现有仓库
[root@k8s-master ~]# helm repo list Error: no repositories to show
  • 增加helm仓库
[root@k8s-master ~]# helm repo add bitnami https://charts.bitnami.com/bitnami[root@k8s-master ~]# helm repo add stable https://charts.helm.sh/stable"stable" has been added to your repositories[root@k8s-master ~]# helm repo listNAME       URL                               bitnami    https://charts.bitnami.com/bitnamistable     https://charts.helm.sh/stable
[root@k8s-master ~]# helm repo update  #增加和删除仓库后更新索引信息 Hang tight while we grab the latest from your chart repositories......Successfully got an update from the "stable" chart repository...Successfully got an update from the "bitnami" chart repositoryUpdate Complete. ⎈Happy Helming!⎈
  • 搜寻char
[root@k8s-master ~]# helm search repo redis NAME                                CHART VERSION    APP VERSION    DESCRIPTION                                       bitnami/redis                       15.3.2           6.2.5          Open source, advanced key-value store. It is of...bitnami/redis-cluster               6.3.6            6.2.5          Open source, advanced key-value store. It is of...stable/prometheus-redis-exporter    3.5.1            1.3.4          DEPRECATED Prometheus exporter for Redis metrics  stable/redis                        10.5.7           5.0.7          DEPRECATED Open source, advanced key-value stor...stable/redis-ha                     4.4.6            5.0.6          DEPRECATED - Highly available Kubernetes implem...stable/sensu                        0.2.5            0.28           DEPRECATED Sensu monitoring framework backed by...

下载chart到本地 2种办法

  1. 办法1 pull间接下载
[root@k8s-master ~]# cd mag/helm/[root@k8s-master helm]# helm pull bitnami/redis  #把chart下载到本地[root@k8s-master helm]# lshelm-v3.6.1-linux-amd64.tar.gz  redis-15.3.2.tgz[root@k8s-master helm]# tar -xf redis-15.3.2.tgz [root@k8s-master helm]# cd redis/[root@k8s-master redis]# ls   Chart.lock  charts  Chart.yaml  ci  img  README.md  templates  values.schema.json  values.yaml[root@k8s-master redis]#
  1. 办法2 缓冲文件中到找 chart
    当执行过装置过命令后,helm会在家目录生成.cache的缓存文件 外面也会蕴含chart
[root@k8s-master repository]# helm install db  bitnami/redis[root@k8s-master repository]# pwd/root/.cache/helm/repository[root@k8s-master repository]# lltotal 19080-rw-r--r-- 1 root root    1094 Sep 16 17:45 bitnami-charts.txt-rw-r--r-- 1 root root 9570808 Sep 16 17:45 bitnami-index.yaml-rw-r--r-- 1 root root   28227 Jul  1 17:40 grafana-6.13.6.tgz-rw-r--r-- 1 root root    3908 Jul  7 21:41 myweb-rw-r--r-- 1 root root    3872 Jul  7 03:13 nginx-rw-r--r-- 1 root root   77619 Sep 17 11:53 redis-15.3.2.tgz  #redis chart文件-rw-r--r-- 1 root root    3370 Sep 16 17:44 stable-charts.txt-rw-r--r-- 1 root root 9839197 Sep 16 17:44 stable-index.yaml[root@k8s-master repository]# tar -xf redis-15.3.2.tgz [root@k8s-master repository]# lsbitnami-charts.txt  bitnami-index.yaml  grafana-6.13.6.tgz  myweb  nginx  redis  redis-15.3.2.tgz  stable-charts.txt  stable-index.yaml[root@k8s-master repository]# cd redis/   #进入到redis缓存文件中[root@k8s-master redis]# lsChart.lock  charts  Chart.yaml  ci  img  README.md  templates  values.schema.json  values.yaml
  • 查看redis chart的详细信息
[root@k8s-master helm]# helm show all bitnami/redis  #显示chart的所有信息[root@k8s-master helm]# helm show readme  bitnami/redis   #显示chart的自述信息 能够查看示例、配置、每个版本的更新详情等信息NAME    NAMESPACE    REVISION    UPDATED    STATUS    CHART    APP VERSION[root@k8s-master helm]# helm install db  bitnami/redisNAME: dbLAST DEPLOYED: Fri Sep 17 11:44:05 2021NAMESPACE: defaultSTATUS: deployedREVISION: 1TEST SUITE: NoneNOTES:** Please be patient while the chart is being deployed **#以下是对利用的形容信息  包含应用的端口 连贯形式等Redis™ can be accessed on the following DNS names from within your cluster:    db-redis-master.default.svc.cluster.local for read/write operations (port 6379)  #端口    db-redis-replicas.default.svc.cluster.local for read-only operations (port 6379)To get your password run:    export REDIS_PASSWORD=$(kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode)  #获取明码To connect to your Redis™ server:#不同的连贯到redis的办法1. Run a Redis™ pod that you can use as a client:       kubectl run --namespace default redis-client --restart='Never'  --env REDIS_PASSWORD=$REDIS_PASSWORD  --image docker.io/bitnami/redis:6.2.5-debian-10-r34 --command -- sleep infinity   Use the following command to attach to the pod:   kubectl exec --tty -i redis-client \   --namespace default -- bash2. Connect using the Redis™ CLI:    redis-cli -h db-redis-master -a $REDIS_PASSWORD   redis-cli -h db-redis-replicas -a $REDIS_PASSWORDTo connect to your database from outside the cluster execute the following commands:    kubectl port-forward --namespace default svc/db-redis-master 6379:6379 &    redis-cli -h 127.0.0.1 -p 6379 -a $REDIS_PASSWORD[root@k8s-master helm]# kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decodeusubChTbCD[root@k8s-master helm]# kubectl get pod  #查看部署状态NAME                  READY   STATUS             RESTARTS   AGEdb-redis-master-0     0/1     Pending            0          3m44s  #挂起状态db-redis-replicas-0   0/1     Pending            0          3m44smypod-env             0/1     CrashLoopBackOff   506        42h[root@k8s-master helm]# kubectl describe pod db-redis-master-0    #查看形容信息.....Events:  Type     Reason            Age   From               Message  ----     ------            ----  ----               -------   Warning  FailedScheduling  6m2s  default-scheduler  0/4 nodes are available: 4 pod has unbound immediate PersistentVolumeClaims.   #无奈申请到PVC资源  Warning  FailedScheduling  6m1s  default-scheduler  0/4 nodes are available: 4 pod has unbound immediate PersistentVolumeClaims.

示例2: redis部署

  • 依据本人的理论状况 批改chart
  • 进入之前下载的chart 批改values.yaml文件 测试环境敞开PVC需要
[root@k8s-master redis]# pwd  /root/mag/helm/redis[root@k8s-master redis]# lsChart.lock  charts  Chart.yaml  ci  img  README.md  templates  values.schema.json  values.yaml[root@k8s-master redis]# vim values.yamlpersistence:    ## @param master.persistence.enabled Enable persistence on Redis&trade; master nodes using Persistent Volume Claims    ##    enabled: false  #敞开master数据长久化 测试环境没有搭建PVC    ## @param master.persistence.path The path the volume will be mounted at on Redis&trade; master containers    ## NOTE: Useful when using different Redis&trade; images    ##    path: /data    ## @param master.persistence.subPath The subdirectory of the volume to mount on Redis&trade; master containers    ## NOTE: Useful in dev environments    ##    subPath: ""    ## @param master.persistence.storageClass Persistent Volume storage class    ## If defined, storageClassName: <storageClass>    ## If set to "-", storageClassName: "", which disables dynamic provisioning    ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner    ##    storageClass: ""  #之前有部署longhorn的能够抉择longhorn    ## @param master.persistence.accessModes [array] Persistent Volume access modes    ##    accessModes:      - ReadWriteOnce    ## @param master.persistence.size Persistent Volume size    ##    size: 8Gi  persistence:    ## @param replica.persistence.enabled Enable persistence on Redis&trade; replicas nodes using Persistent Volume Claims    ##    enabled: false #敞开slave数据长久化 测试环境没有搭建PVC    ## @param replica.persistence.path The path the volume will be mounted at on Redis&trade; replicas containers    ## NOTE: Useful when using different Redis&trade; images    ##    path: /data    ## @param replica.persistence.subPath The subdirectory of the volume to mount on Redis&trade; replicas containers    ## NOTE: Useful in dev environments    ##    subPath: ""    ## @param replica.persistence.storageClass Persistent Volume storage class    ## If defined, storageClassName: <storageClass>    ## If set to "-", storageClassName: "", which disables dynamic provisioning    ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner    ##    storageClass: ""    ## @param replica.persistence.accessModes [array] Persistent Volume access modes    ##    accessModes:      - ReadWriteOnce    ## @param replica.persistence.size Persistent Volume size    ##    size: 8Gi    #批改正本数为1 依据本人需要批改默认为3replica:  ## @param replica.replicaCount Number of Redis&trade; replicas to deploy  ##  replicaCount: 1

  • 重新部署装置

    helm 传递参数 3种变量的援用形式

  • 形式1 还是上repo仓库中的chart 但指定变量配置文件
[root@k8s-master helm]# helm install db bitnami/redis -f ./redis/values.yaml
  • 形式2 装置时命令间接敞开
[root@k8s-master helm]# helm install db bitnami/redis --set master.persistence.enabled=false --set replica.persistence.enabled=false --set replice.replicaCount=1
  • 形式3 间接应用批改后的chart
[root@k8s-master helm]# helm install db redis NAME: dbLAST DEPLOYED: Fri Sep 17 15:46:50 2021NAMESPACE: defaultSTATUS: deployedREVISION: 1TEST SUITE: NoneNOTES:** Please be patient while the chart is being deployed **Redis&trade; can be accessed on the following DNS names from within your cluster:    db-redis-master.default.svc.cluster.local for read/write operations (port 6379)    db-redis-replicas.default.svc.cluster.local for read-only operations (port 6379)To get your password run:    export REDIS_PASSWORD=$(kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode)To connect to your Redis&trade; server:1. Run a Redis&trade; pod that you can use as a client:   kubectl run --namespace default redis-client --restart='Never'  --env REDIS_PASSWORD=$REDIS_PASSWORD  --image docker.io/bitnami/redis:6.2.5-debian-10-r34 --command -- sleep infinity   Use the following command to attach to the pod:   kubectl exec --tty -i redis-client \   --namespace default -- bash2. Connect using the Redis&trade; CLI:   redis-cli -h db-redis-master -a $REDIS_PASSWORD   redis-cli -h db-redis-replicas -a $REDIS_PASSWORDTo connect to your database from outside the cluster execute the following commands:    kubectl port-forward --namespace default svc/db-redis-master 6379:6379 &    redis-cli -h 127.0.0.1 -p 6379 -a $REDIS_PASSWORD
  • 以上连贯形式信息不须要保留 可通过status再次查看
[root@k8s-master helm]# helm status  db[root@k8s-master helm]# kubectl get podNAME                  READY   STATUS    RESTARTS   AGEdb-redis-master-0     1/1     Running   0          39sdb-redis-replicas-0   0/1     Running   0          39s
  • 获取redis明码
[root@k8s-master helm]# kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode0Wf7jcy379[root@k8s-master helm]#
  • 登录主节点
[root@k8s-master helm]# kubectl exec db-redis-master-0 -it -- /bin/sh$ redis-cli -a 0Wf7jcy379Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.127.0.0.1:6379> set mykey www.google.comOK127.0.0.1:6379> set mykey2 www.baidu.comOK127.0.0.1:6379> get mykey2"www.baidu.com"127.0.0.1:6379> exit$ redis-cli -h db-redis-replicas -a 0Wf7jcy379  #登录slave节点  看数据是否同步过来Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.db-redis-replicas:6379> get mykey"www.google.com"db-redis-replicas:6379> get mykey2"www.baidu.com"db-redis-replicas:6379> [root@k8s-master helm]# helm  install   db2 redis -n dev  #再dev 名称空间部署redis[root@k8s-master helm]# helm  delete  db2 redis -n dev #删除db2