00 Helm3基础使用
在 Helm 3 中移除了 Tiller, 版本相关的数据直接存储在了 Kubernetes 中。安装v3版本的helm,只需要安装helm二进制客户端即可。helm客户端和kubelet一样,使用kubeconfig配置文件连接k8s集群,具有和kubelet一样的RBAC权限。
helm发行版地址:https://github.com/helm/helm/releases
helmhub地址:https://hub.helm.sh/
对于mac,可以使用brew insgtall helm进行安装。
添加stable仓库:helm repo add stable https://kubernetes-charts.storage.googleapis.com/
stable仓库源码地址:https://github.com/helm/charts
自动补全:source <(helm completion zsh),可以写入到/etc/profile中
- Chart:chart是k8s的安装包。它包含在Kubernetes集群中运行应用程序、工具或服务所需的所有资源定义。可以将其视为类似于Homebrew的formula,Apt dpkg或Yum RPM文件。
- Repository:repository是可以收集和共享chart的地方。 类似于rpm包的yum仓库。
- Release:release是在Kubernetes集群中运行的chart的实例。一个chart通常可以多次安装到同一群集中。并且每次安装时,都会创建一个新的release。比如一个MySQL的release。如果要在群集中运行两个数据库,则可以两次安装该chart。每一次安装都有其自己的release,而每个release都有自己的release名称。
三者关系:
Helm将chart安装到Kubernetes中,为每次安装创建一个release。要查找新的chart,可以搜索Helm的repository。
helm help
helm COMMAND -h
helm search hub KEYWORD:从helm hub上搜索。helm search repo KEYWORD:从本地helm仓库搜索。helm搜索通过helm repo add添加的本地仓库。该搜索是通过本地数据完成的,不需要公共网络连接。
helm search使用模糊字符串匹配算法,因此您可以键入部分单词或短语:
helm search hub wordpress
helm search repo stable/mysql
helm install [NAME] [CHART] [flags] ,一般要指定release的名称和chart的名称。
helm install releasename-mysql stable/mysql
Helm不会等到所有资源都运行后才退出。 因为很多chart中的image都很大,下载会消耗很多时间。如果要查看release状态或者再次查看release发布状态,可以使用helm status RELEASE-NAME。
查看chart上可配置的选项,可以使用helm show values CHART:
$ helm show values stable/mariadb
Fetched stable/mariadb-0.3.0.tgz to /Users/mattbutcher/Code/Go/src/helm.sh/helm/mariadb-0.3.0.tgz
## Bitnami MariaDB image version
## ref: https://hub.docker.com/r/bitnami/mariadb/tags/
##
## Default: none
imageTag: 10.1.14-r3
## Specify a imagePullPolicy
## Default to 'Always' if imageTag is 'latest', else set to 'IfNotPresent'
## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
# imagePullPolicy:
## Specify password for root user
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#setting-the-root-password-on-first-run
##
# mariadbRootPassword:
## Create a database user
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#creating-a-database-user-on-first-run
##
# mariadbUser:
# mariadbPassword:
## Create a database
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#creating-a-database-on-first-run
##
# mariadbDatabase:
# ...
可以在YAML格式的文件中覆盖所有这些设置,然后在安装过程中传递该文件。
$ echo '{mariadbUser: user0, mariadbDatabase: user0db}' > config.yaml
$ helm install -f config.yaml stable/mariadb --generate-name
上面的代码将创建一个默认的MariaDB用户,名称为user0,并向该用户授予对新创建的user0db数据库的访问权限,但将接受该chart的所有其他默认值。
有两种在安装过程中传递配置数据的方式:
--values(或-f):指定带有覆盖配置的YAML文件。可以多次指定,最右边的文件优先。--set:在命令行上指定要覆盖的配置。使用格式:--set name=value,指定多个值:--set a=b,c=d,嵌套结构:--set outer.inner=value,其他格式参考官方文档
如果-f和 --set同时使用,--set 会以更高的优先级将合并到--values。(–set优先级高于–values)
用--set|--values指定的替代值将保留在ConfigMap中。
对于给定的release,可以使用helm get values <release-name>查看已--set|--values的值。可以通过helm upgrade mysql stable/mysql --reset-values来清除设定值。
➜ ~ helm install mysql stable/mysql --set imageTag='5.7.20'
NAME: mysql
LAST DEPLOYED: Sun Jun 14 10:09:30 2020
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
MySQL can be accessed via port 3306 on the following DNS name from within your cluster:
mysql.default.svc.cluster.local
To get your root password run:
MYSQL_ROOT_PASSWORD=$(kubectl get secret --namespace default mysql -o jsonpath="{.data.mysql-root-password}" | base64 --decode; echo)
To connect to your database:
1. Run an Ubuntu pod that you can use as a client:
kubectl run -i --tty ubuntu --image=ubuntu:16.04 --restart=Never -- bash -il
2. Install the mysql client:
$ apt-get update && apt-get install mysql-client -y
3. Connect using the mysql cli, then provide your password:
$ mysql -h mysql -p
To connect to your database directly from outside the K8s cluster:
MYSQL_HOST=127.0.0.1
MYSQL_PORT=3306
# Execute the following command to route the connection:
kubectl port-forward svc/mysql 3306
mysql -h ${MYSQL_HOST} -P${MYSQL_PORT} -u root -p${MYSQL_ROOT_PASSWORD}
➜ ~ helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
mysql default 1 2020-06-14 10:09:30.870015 +0800 CST deployed mysql-1.6.4 5.7.30
➜ ~ helm get values mysql
USER-SUPPLIED VALUES:
imageTag: 5.7.20
- chart仓库(如上面的演示)
- 本地的chart压缩包(A local chart archive)(
helm install foo foo-0.1.1.tgz) - 本地的chart目录(An unpacked chart directory )(
helm install foo path/to/foo) - URL路径(A full URL) (
helm install foo https://example.com/charts/foo-1.2.3.tgz)
升级将采用现有版本,并根据您提供的信息对其进行升级。由于Kubernetes的chart可能很大且很复杂,因此Helm尝试执行侵入性最小的升级。它将仅更新自上一发行版以来已更改的内容。
$ cat panda.yaml
mariadbUser: user1
$ helm upgrade -f panda.yaml happy-panda stable/mariadb
Fetched stable/mariadb-0.3.0.tgz to /Users/mattbutcher/Code/Go/src/helm.sh/helm/mariadb-0.3.0.tgz
happy-panda has been upgraded. Happy Helming!
Last Deployed: Wed Sep 28 12:47:54 2016
Namespace: default
Status: DEPLOYED
...
$ helm get values happy-panda #查看是否生效
mariadbUser: user1
回滚:helm rollback [RELEASE] [REVISION]
查看REVISION:helm history [RELEASE]
➜ ~ helm history mysql
REVISION UPDATED STATUS CHART APP VERSION DESCRIPTION
1 Sun Jun 14 10:09:30 2020 superseded mysql-1.6.4 5.7.30 Install complete
2 Sun Jun 14 10:20:05 2020 superseded mysql-1.6.4 5.7.30 Upgrade complete
3 Sun Jun 14 10:31:52 2020 deployed mysql-1.6.4 5.7.30 Upgrade complete
➜ ~ helm rollback mysql 2
Rollback was a success! Happy Helming!
安装或更新:
helm upgrade --install ingress-nginx ingress-nginx \
--repo https://kubernetes.github.io/ingress-nginx \
--namespace ingress-nginx --create-namespace
# 如果未安装,则安装;如果已经安装,则更新。
$ helm list #查看当前已经部署的release
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
mysql default 4 2020-06-14 10:37:21.936851 +0800 CST deployed mysql-1.6.4 5.7.30
$ helm uninstall mysql #删除名称为mysql的release
在以前版本的Helm中,当删除发行版时,将保留其删除记录。在Helm 3中,删除也会删除发布记录。如果想保留已删除的release的记录,可以使用helm uninstall --keep-history。可以使用helm list --uninstalled|--all查看已经删除的release或全部的release。
➜ ~ helm uninstall mysql --keep-history
release "mysql" uninstalled
➜ ~ helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
➜ ~ helm list --uninstalled
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
mysql default 4 2020-06-14 10:37:21.936851 +0800 CST uninstalled mysql-1.6.4 5.7.30
➜ ~ helm list --all
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
mysql default 4 2020-06-14 10:37:21.936851 +0800 CST uninstalled mysql-1.6.4 5.7.30
➜ ~
➜ ~ helm rollback mysql 2
Error: "mysql" has no deployed releases #现在已删除release,因此不再可能回滚已卸载的资源。
➜ ~ helm rollback mysql 4
Error: "mysql" has no deployed releases
Helm 3不再附带默认的chart存储库。helm repo命令组提供添加,列出和删除存储库的命令。
- 查看已经配置的repo:
helm repo list - 添加新的仓库:
helm repo add <NAME> https://example.com/dev-charts - 更新客户端仓库:
helm repo update - 删除repo:
helm repo remove <NAME>
helm repo add stable https://kubernetes-charts.storage.googleapis.com/
$ helm create deis-workflow #创建chart,chart会创建在“./deis-workflow”,我们可以对其进行修改
Creating deis-workflow
$ helm lint deis-workflow #指定目录,对chart进行校验
==> Linting deis-workflow
[INFO] Chart.yaml: icon is recommended
1 chart(s) linted, 0 chart(s) failed
$ helm package deis-workflow #指定目录,对chart进行打包
deis-workflow-0.1.0.tgz
$ helm install deis-workflow ./deis-workflow-0.1.0.tgz #使用打包好的chart进行安装
...
helm template mysql stable/mysql
helm pull stable/prometheus-operator
helm get manifest RELEASE [–revision REVISION]:获取RELEASE的yaml文件
helm get values RELEASE [-a] [–revision REVISION]:获取RELEASE的自定义values文件,默认只显示自定义的value而不显示默认value。-a表示显示所有value
helm show values CHART:获取CHART中的values默认值
helm show chart CHART:获取CHART的定义
使用stable/prometheus-operator部署prometheus监控。前提条件已经添加了stable仓库。helm repo add stable https://kubernetes-charts.storage.googleapis.com/
➜ ~ kubectl create ns monitoring
namespace/monitoring created
➜ ~ helm install prometheus-operator stable/prometheus-operator -n monitoring
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
manifest_sorter.go:192: info: skipping unknown hook: "crd-install"
NAME: prometheus-operator
LAST DEPLOYED: Sun Jun 14 11:08:28 2020
NAMESPACE: monitoring
STATUS: deployed
REVISION: 1
NOTES:
The Prometheus Operator has been installed. Check its status by running:
kubectl --namespace monitoring get pods -l "release=prometheus-operator"
Visit https://github.com/coreos/prometheus-operator for instructions on how
to create & configure Alertmanager and Prometheus instances using the Operator.
➜ ~ helm list -n monitoring
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
prometheus-operator monitoring 1 2020-06-14 11:08:28.467926 +0800 CST deployed prometheus-operator-8.14.0 0.38.1
➜ ~ kubectl --namespace monitoring get pods -l "release=prometheus-operator"
NAME READY STATUS RESTARTS AGE
prometheus-operator-prometheus-node-exporter-nwsc5 1/1 Running 0 58s
prometheus-operator-operator-75bbf7575d-98k5n 2/2 Running 0 58s
➜ ~ kubectl get po -n monitoring
NAME READY STATUS RESTARTS AGE
prometheus-operator-prometheus-node-exporter-nwsc5 1/1 Running 0 2m
prometheus-operator-kube-state-metrics-7fc98dbc88-6jwz2 1/1 Running 0 2m
prometheus-operator-operator-75bbf7575d-98k5n 2/2 Running 0 2m
alertmanager-prometheus-operator-alertmanager-0 2/2 Running 0 88s
prometheus-operator-grafana-548474d45d-65xd9 2/2 Running 0 2m
prometheus-prometheus-operator-prometheus-0 3/3 Running 1 78s