29.kubernetes(k8s)筆記 Helm

什么是 Helm

在沒使用 helm 之前,向 kubernetes 部署應用,我們要依次部署 deployment、svc 等,步驟較繁瑣。況且隨著很多項目微服務化,復雜的應用在容器中部署以及管理顯得較為復雜,helm 通過打包的方式,支持發(fā)布的版本管理和控制,很大程度上簡化了 Kubernetes 應用的部署和管理Helm 本質(zhì)就是讓 K8s 的應用管理(Deployment,Service 等 ) 可配置,能動態(tài)生成。通過動態(tài)生成 K8s 資源清單文件(deployment.yaml,service.yaml)。然后調(diào)用 Kubectl 自動執(zhí)行 K8s 資源部署Helm 是官方提供的類似于 YUM 的包管理器,是部署環(huán)境的流程封裝。Helm 有兩個重要的概念:chart 和 release

  • Helm使用的包格式稱為 chart。
    chart 是創(chuàng)建一個應用的信息集合,包括各種 Kubernetes 對象的配置模板、參數(shù)定義、依賴關(guān)系、文檔說
    明等。chart 是應用部署的自包含邏輯單元??梢詫?chart 想象成 apt、yum 中的軟件安裝包。

  • Chart 文件結(jié)構(gòu)
    chart是一個組織在文件目錄中的集合。目錄名稱就是chart名稱(沒有版本信息)。因而描述WordPress的chart可以存儲在wordpress/目錄中。

在這個目錄中,Helm 期望可以匹配以下結(jié)構(gòu):

wordpress/
  Chart.yaml          # 包含了chart信息的YAML文件
  LICENSE             # 可選: 包含chart許可證的純文本文件
  README.md           # 可選: 可讀的README文件
  values.yaml         # chart 默認的配置值
  values.schema.json  # 可選: 一個使用JSON結(jié)構(gòu)的values.yaml文件
  charts/             # 包含chart依賴的其他chart
  crds/               # 自定義資源的定義
  templates/          # 模板目錄, 當和values 結(jié)合時,可生成有效的Kubernetes manifest文件
  templates/NOTES.txt # 可選: 包含簡要使用說明的純文本文件
  • 幾個Helm涉及的概念
  1. Repositry: 集中存儲和分發(fā)Chart的倉庫,類似于Perl的CPAN, 或者Python的PyPI等。
  2. Config: Chart實例化安裝運行時使用的配置信息。
  3. Release: Chart實例化配置后運行于Kubernetes集群中的一個應用實例;在同一個集群上,一個Chart可以使用不同的Config重復安裝多次,每次安裝都會創(chuàng)建一 個新的發(fā)布 (Release)

  • Helm 包含兩個組件:Helm 客戶端和 Tiller 服務器,如下圖所示


  • Helm 客戶端負責 chart 和 release 的創(chuàng)建和管理以及和 Tiller 的交互。Tiller 服務器運行在 Kubernetes 集群
    中,它會處理 Helm 客戶端的請求,與 Kubernetes API Server 交互

Helm 部署

helm v3版本不需要部Tiller 可直接使用
官網(wǎng)下載適合版本:

https://helm.sh/zh/docs/intro/install/

  • helm倉庫

https://artifacthub.io/

  • 安裝helm v3版
[root@k8s-master helm]# ls
helm-v3.6.1-linux-amd64.tar.gz
[root@k8s-master helm]# tar -xf helm-v3.6.1-linux-amd64.tar.gz 
l[root@k8s-master helm]# ls
helm-v3.6.1-linux-amd64.tar.gz  linux-amd64
[root@k8s-master helm]# cd linux-amd64/
[root@k8s-master linux-amd64]# ls
helm  LICENSE  README.md
  • helm為可執(zhí)行二進制文件 直接拷貝到
[root@k8s-master linux-amd64]# cp helm /usr/local/bin/helm  

[root@k8s-master linux-amd64]# helm --help
The Kubernetes package manager

Common actions for Helm:

- helm search:    search for charts
- helm pull:      download a chart to your local directory to view
- helm install:   upload the chart to Kubernetes
- helm list:      list releases of charts

Environment variables:
......
Helm常用命令
[root@k8s-master helm]# helm list -A   #查看所有helm 或指明 namespace
[root@k8s-master helm]# helm repo list   #查看倉庫
[root@k8s-master helm]# helm search hub  grafana   #hup搜索 
[root@k8s-master helm]# helm search repo  grafana   #倉庫搜索 
NAME                        CHART VERSION   APP VERSION DESCRIPTION                                       
grafana/grafana             6.13.6          8.0.3       The leading tool for querying and visualizing t...
grafana/enterprise-metrics  1.3.5           v1.3.0      Grafana Enterprise Metrics                       

[root@k8s-master helm]#  helm pull grafana/grafana   #下載Chart到本地

Helm Hub、Repositry倉庫的添加

helm search hub

https://artifacthub.io/

  • helm hub倉庫中搜索redis
image.png

  • 點擊右側(cè)install 按提示添加倉庫地址


  • 通過helm search hub搜索倉庫地址 找到適合的版本直接安裝

[root@k8s-master repository]# helm search hub redis -o yaml
- app_version: 6.2.5
  description: A Helm chart for Redis on Kubernetes
  url: https://artifacthub.io/packages/helm/groundhog2k/redis
  version: 0.4.7
- app_version: 6.0.11
  description: Open source, advanced key-value store. It is often referred to as a
    data structure server since keys can contain strings, hashes, lists, sets and
    sorted sets.
  url: https://artifacthub.io/packages/helm/taalhuizen-service/redis
  version: 12.7.7
- app_version: 1.16.0
  description: Redis with metrics compatible with ARM
  url: https://artifacthub.io/packages/helm/mmontes/redis
  version: 0.1.0
- app_version: 6.2.5
  description: Open source, advanced key-value store. It is often referred to as a
    data structure server since keys can contain strings, hashes, lists, sets and
    sorted sets.
  url: https://artifacthub.io/packages/helm/wenerme/redis
  version: 15.3.2
- app_version: ""
  description: A Redis database for use inside a Kubernetes cluster.
  url: https://artifacthub.io/packages/helm/drycc-canary/redis
  version: 1.0.0
Helm Repositry
  • 常用的helm倉庫

helm repo add stable https://charts.helm.sh/stable #官方倉庫
helm repo add bitnami https://charts.bitnami.com/bitnami #第三方倉庫

  • 查看現(xiàn)有倉庫
[root@k8s-master ~]# helm repo list 
Error: no repositories to show
  • 添加helm倉庫
[root@k8s-master ~]# helm repo add bitnami https://charts.bitnami.com/bitnami
[root@k8s-master ~]# helm repo add stable https://charts.helm.sh/stable
"stable" has been added to your repositories
[root@k8s-master ~]# helm repo list
NAME    URL                               
bitnami https://charts.bitnami.com/bitnami
stable  https://charts.helm.sh/stable

[root@k8s-master ~]# helm repo update  #添加和刪除倉庫后更新索引信息 
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "stable" chart repository
...Successfully got an update from the "bitnami" chart repository
Update Complete. ?Happy Helming!?
  • 搜索char
[root@k8s-master ~]# helm search repo redis 
NAME                                CHART VERSION   APP VERSION DESCRIPTION                                       
bitnami/redis                       15.3.2          6.2.5       Open source, advanced key-value store. It is of...
bitnami/redis-cluster               6.3.6           6.2.5       Open source, advanced key-value store. It is of...
stable/prometheus-redis-exporter    3.5.1           1.3.4       DEPRECATED Prometheus exporter for Redis metrics  
stable/redis                        10.5.7          5.0.7       DEPRECATED Open source, advanced key-value stor...
stable/redis-ha                     4.4.6           5.0.6       DEPRECATED - Highly available Kubernetes implem...
stable/sensu                        0.2.5           0.28        DEPRECATED Sensu monitoring framework backed by...
下載chart到本地 2種方法
  1. 方法1 pull直接下載
[root@k8s-master ~]# cd mag/helm/
[root@k8s-master helm]# helm pull bitnami/redis  #把chart下載到本地
[root@k8s-master helm]# ls
helm-v3.6.1-linux-amd64.tar.gz  redis-15.3.2.tgz
[root@k8s-master helm]# tar -xf redis-15.3.2.tgz 
[root@k8s-master helm]# cd redis/
[root@k8s-master redis]# ls   
Chart.lock  charts  Chart.yaml  ci  img  README.md  templates  values.schema.json  values.yaml
[root@k8s-master redis]#
  1. 方法2 緩沖文件中到找 chart
    當執(zhí)行過安裝過命令后,helm會在家目錄生成.cache的緩存文件 里面也會包含chart
[root@k8s-master repository]# helm install db  bitnami/redis
[root@k8s-master repository]# pwd
/root/.cache/helm/repository

[root@k8s-master repository]# ll
total 19080
-rw-r--r-- 1 root root    1094 Sep 16 17:45 bitnami-charts.txt
-rw-r--r-- 1 root root 9570808 Sep 16 17:45 bitnami-index.yaml
-rw-r--r-- 1 root root   28227 Jul  1 17:40 grafana-6.13.6.tgz
-rw-r--r-- 1 root root    3908 Jul  7 21:41 myweb
-rw-r--r-- 1 root root    3872 Jul  7 03:13 nginx
-rw-r--r-- 1 root root   77619 Sep 17 11:53 redis-15.3.2.tgz  #redis chart文件
-rw-r--r-- 1 root root    3370 Sep 16 17:44 stable-charts.txt
-rw-r--r-- 1 root root 9839197 Sep 16 17:44 stable-index.yaml
[root@k8s-master repository]# tar -xf redis-15.3.2.tgz 
[root@k8s-master repository]# ls
bitnami-charts.txt  bitnami-index.yaml  grafana-6.13.6.tgz  myweb  nginx  redis  redis-15.3.2.tgz  stable-charts.txt  stable-index.yaml
[root@k8s-master repository]# cd redis/   #進入到redis緩存文件中
[root@k8s-master redis]# ls
Chart.lock  charts  Chart.yaml  ci  img  README.md  templates  values.schema.json  values.yaml
  • 查看redis chart的詳細信息
[root@k8s-master helm]# helm show all bitnami/redis  #顯示chart的所有信息
[root@k8s-master helm]# helm show readme  bitnami/redis   #顯示chart的自述信息 可以查看示例、配置、每個版本的更新詳情等信息

NAME    NAMESPACE   REVISION    UPDATED STATUS  CHART   APP VERSION
[root@k8s-master helm]# helm install db  bitnami/redis
NAME: db
LAST DEPLOYED: Fri Sep 17 11:44:05 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
** Please be patient while the chart is being deployed **

#以下是對應用的描述信息  包括使用的端口 連接方式等
Redis™ can be accessed on the following DNS names from within your cluster:

    db-redis-master.default.svc.cluster.local for read/write operations (port 6379)  #端口
    db-redis-replicas.default.svc.cluster.local for read-only operations (port 6379)

To get your password run:

    export REDIS_PASSWORD=$(kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode)  #獲取密碼

To connect to your Redis™ server:
#不同的連接到redis的方法
1. Run a Redis™ pod that you can use as a client:    

   kubectl run --namespace default redis-client --restart='Never'  --env REDIS_PASSWORD=$REDIS_PASSWORD  --image docker.io/bitnami/redis:6.2.5-debian-10-r34 --command -- sleep infinity

   Use the following command to attach to the pod:

   kubectl exec --tty -i redis-client \
   --namespace default -- bash

2. Connect using the Redis™ CLI: 
   redis-cli -h db-redis-master -a $REDIS_PASSWORD
   redis-cli -h db-redis-replicas -a $REDIS_PASSWORD

To connect to your database from outside the cluster execute the following commands:

    kubectl port-forward --namespace default svc/db-redis-master 6379:6379 &
    redis-cli -h 127.0.0.1 -p 6379 -a $REDIS_PASSWORD


[root@k8s-master helm]# kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode
usubChTbCD

[root@k8s-master helm]# kubectl get pod  #查看部署狀態(tài)
NAME                  READY   STATUS             RESTARTS   AGE
db-redis-master-0     0/1     Pending            0          3m44s  #掛起狀態(tài)
db-redis-replicas-0   0/1     Pending            0          3m44s
mypod-env             0/1     CrashLoopBackOff   506        42h


[root@k8s-master helm]# kubectl describe pod db-redis-master-0    #查看描述信息
.....
Events:
  Type     Reason            Age   From               Message
  ----     ------            ----  ----               ------- 
  Warning  FailedScheduling  6m2s  default-scheduler  0/4 nodes are available: 4 pod has unbound immediate PersistentVolumeClaims.   #無法申請到PVC資源
  Warning  FailedScheduling  6m1s  default-scheduler  0/4 nodes are available: 4 pod has unbound immediate PersistentVolumeClaims.
示例2: redis部署
  • 根據(jù)自己的實際情況 修改chart
  • 進入之前下載的chart 修改values.yaml文件 測試環(huán)境關(guān)閉PVC需求
[root@k8s-master redis]# pwd  
/root/mag/helm/redis
[root@k8s-master redis]# ls
Chart.lock  charts  Chart.yaml  ci  img  README.md  templates  values.schema.json  values.yaml
[root@k8s-master redis]# vim values.yaml

persistence:
    ## @param master.persistence.enabled Enable persistence on Redis™ master nodes using Persistent Volume Claims
    ##
    enabled: false  #關(guān)閉master數(shù)據(jù)持久化 測試環(huán)境沒有搭建PVC
    ## @param master.persistence.path The path the volume will be mounted at on Redis™ master containers
    ## NOTE: Useful when using different Redis™ images
    ##
    path: /data
    ## @param master.persistence.subPath The subdirectory of the volume to mount on Redis™ master containers
    ## NOTE: Useful in dev environments
    ##
    subPath: ""
    ## @param master.persistence.storageClass Persistent Volume storage class
    ## If defined, storageClassName: <storageClass>
    ## If set to "-", storageClassName: "", which disables dynamic provisioning
    ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
    ##
    storageClass: ""  #之前有部署longhorn的可以選擇longhorn
    ## @param master.persistence.accessModes [array] Persistent Volume access modes
    ##
    accessModes:
      - ReadWriteOnce
    ## @param master.persistence.size Persistent Volume size
    ##
    size: 8Gi


  persistence:
    ## @param replica.persistence.enabled Enable persistence on Redis&trade; replicas nodes using Persistent Volume Claims
    ##
    enabled: false #關(guān)閉slave數(shù)據(jù)持久化 測試環(huán)境沒有搭建PVC
    ## @param replica.persistence.path The path the volume will be mounted at on Redis&trade; replicas containers
    ## NOTE: Useful when using different Redis&trade; images
    ##
    path: /data
    ## @param replica.persistence.subPath The subdirectory of the volume to mount on Redis&trade; replicas containers
    ## NOTE: Useful in dev environments
    ##
    subPath: ""
    ## @param replica.persistence.storageClass Persistent Volume storage class
    ## If defined, storageClassName: <storageClass>
    ## If set to "-", storageClassName: "", which disables dynamic provisioning
    ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
    ##
    storageClass: ""
    ## @param replica.persistence.accessModes [array] Persistent Volume access modes
    ##
    accessModes:
      - ReadWriteOnce
    ## @param replica.persistence.size Persistent Volume size
    ##
    size: 8Gi
    
#修改副本數(shù)為1 根據(jù)自己需求修改默認為3
replica:
  ## @param replica.replicaCount Number of Redis&trade; replicas to deploy
  ##
  replicaCount: 1
  • 重新部署安裝
helm傳遞參數(shù) 變量的引用不同方式
  • 方式1 還是上repo倉庫中的chart 但指定變量配置文件
[root@k8s-master helm]# helm install db bitnami/redis -f ./redis/values.yaml
  • 方式2 安裝時命令直接關(guān)閉
[root@k8s-master helm]# helm install db bitnami/redis --set master.persistence.enabled=false --set replica.persistence.enabled=false --set replice.replicaCount=1
  • 方式3 直接使用修改后的chart
[root@k8s-master helm]# helm install db redis 
NAME: db
LAST DEPLOYED: Fri Sep 17 15:46:50 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
** Please be patient while the chart is being deployed **

Redis&trade; can be accessed on the following DNS names from within your cluster:

    db-redis-master.default.svc.cluster.local for read/write operations (port 6379)
    db-redis-replicas.default.svc.cluster.local for read-only operations (port 6379)

To get your password run:

    export REDIS_PASSWORD=$(kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode)

To connect to your Redis&trade; server:

1. Run a Redis&trade; pod that you can use as a client:

   kubectl run --namespace default redis-client --restart='Never'  --env REDIS_PASSWORD=$REDIS_PASSWORD  --image docker.io/bitnami/redis:6.2.5-debian-10-r34 --command -- sleep infinity

   Use the following command to attach to the pod:

   kubectl exec --tty -i redis-client \
   --namespace default -- bash

2. Connect using the Redis&trade; CLI:
   redis-cli -h db-redis-master -a $REDIS_PASSWORD
   redis-cli -h db-redis-replicas -a $REDIS_PASSWORD

To connect to your database from outside the cluster execute the following commands:

    kubectl port-forward --namespace default svc/db-redis-master 6379:6379 &
    redis-cli -h 127.0.0.1 -p 6379 -a $REDIS_PASSWORD
以上連接方式信息不需要保存 可通過status再次查看
[root@k8s-master helm]# helm status  db
[root@k8s-master helm]# kubectl get pod
NAME                  READY   STATUS    RESTARTS   AGE
db-redis-master-0     1/1     Running   0          39s
db-redis-replicas-0   0/1     Running   0          39s
  • 獲取redis密碼
[root@k8s-master helm]# kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode
0Wf7jcy379[root@k8s-master helm]#
  • 登錄主節(jié)點
[root@k8s-master helm]# kubectl exec db-redis-master-0 -it -- /bin/sh
$ redis-cli -a 0Wf7jcy379
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
127.0.0.1:6379> set mykey www.google.com
OK
127.0.0.1:6379> set mykey2 www.baidu.com
OK
127.0.0.1:6379> get mykey2
"www.baidu.com"
127.0.0.1:6379> exit

$ redis-cli -h db-redis-replicas -a 0Wf7jcy379  #登錄slave節(jié)點  看數(shù)據(jù)是否同步過去
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
db-redis-replicas:6379> get mykey
"www.google.com"
db-redis-replicas:6379> get mykey2
"www.baidu.com"
db-redis-replicas:6379> 

[root@k8s-master helm]# helm  install   db2 redis -n dev  #再dev 名稱空間部署redis

[root@k8s-master helm]# helm  delete  db2 redis -n dev #刪除db2
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時請結(jié)合常識與多方信息審慎甄別。
平臺聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點,簡書系信息發(fā)布平臺,僅提供信息存儲服務。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容