一、helm是什么?
helm是一个kubernetes包管理工具,类似于centos中的yum,用于简化应用的安装部署。
在实际工作中,开发、测试、运维等职位是由不同的员工进行分工,所以通常开发同学开发完一款应用,如果需要在kubernetes进行发布,那么需要编写yaml文件,然后测试同学拿到这个配置文件在kubernetes测试环境进行测试,测试通过之后,运维同事在kubernetes生产环境进行发布,如果这个应用有多个组件,那么可能需要分解成多个步骤,编写一份部署手册,这降低了效率且增加了出错率,比如我们要在kubernetes发布nginx,需要编写下面的yaml配置文件。
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-nginx-deployment
labels:
app: nginx
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: my-nginx-service
spec:
type: NodePort
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
但如果开发通过helm对应用进行打包,那么只需要一个tgz文件即可,比如my-nginx.tgz,无论是测试还是运维只需要在kubernetes环境上执行:helm install my-nginx my-nginx.tgz 即可完成应用发布。
可见helm可以屏蔽掉一些细节,对应用进行快速安装。
helm架构如下:
helm V3版本与V2版本的架构上发生比较大的变化,V3版本删除了部署在kubernetes上的Tiller组件,helm通过kube-config与kube-apiserver进行交互,在helm有三个比较重要的概念,分别如下:
(1)helm:Helm的命令行客户端工具
(2)Chart:可以理解成一系列的yaml文件打包
(3)Release:基于Chart进行部署实体,应用级别的版本管理
二、helm安装
helm的安装可以查看官方文档:https://helm.sh/zh/docs/intro/install/
1、根据kubernetes版本查看helm对应的版本:https://helm.sh/zh/docs/topics/version_skew/
由于我本地kubernetes使用的是1.21版本,因此我这边选择了helm 3.9.3版本
[root@test-99 linux-amd64]# kubectl version
Client Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.0", GitCommit:"cb303e613a121a29364f75cc67d3d580833a7479", GitTreeState:"clean", BuildDate:"2021-04-08T16:31:21Z", GoVersion:"go1.16.1", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.0", GitCommit:"cb303e613a121a29364f75cc67d3d580833a7479", GitTreeState:"clean", BuildDate:"2021-04-08T16:25:06Z", GoVersion:"go1.16.1", Compiler:"gc", Platform:"linux/amd64"}
2、安装
(1)在helm的github仓库上找到合适的版本https://github.com/helm/helm/releases
(2)上传到服务器并解压:tar -zxvf helm-v3.9.3-linux-amd64.tar.gz
[root@test-99 linux-amd64]# tree
.
├── helm
├── LICENSE
├── my-nginx-deploy.yml
└── README.md
0 directories, 4 files
(3)拷贝helm文件到/usr/bin下: cp help /usr/bin
(4)测试:helm version
[root@test-99 helm]# helm version
version.BuildInfo{Version:"v3.9.3", GitCommit:"414ff28d4029ae8c8b05d62aa06c7fe3dee2bc58", GitTreeState:"clean", GoVersion:"go1.17.13"}
三、helm简单使用
1、 添加helm仓库
由于环境的原因,官方的仓库在国内并不能访问,因此需要添加其他仓库,比如阿里云的,其中
(1)阿里云仓库:https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
(2)bitnami仓库:https://charts.bitnami.com/bitnami
具体操作如下:
(1)添加阿里云仓库
helm repo add aliyun https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
(2)添加bitnami仓库
helm repo add bitnami https://charts.bitnami.com/bitnam
(3)更新仓库
helm repo update
(4)查看仓库列表
helm repo list
(5)删除仓库
helm repo remove 仓库名
(6)查看Chart应用
helm search repo 应用名
[root@test-99 helm]# helm search repo nginx
NAME CHART VERSION APP VERSION DESCRIPTION
aliyun/nginx-ingress 0.9.5 0.10.2 An nginx Ingress controller that uses ConfigMap...
aliyun/nginx-lego 0.3.1 Chart for nginx-ingress-controller and kube-lego
bitnami/nginx 13.2.23 1.23.3 NGINX Open Source is a web server that can be a...
bitnami/nginx-ingress-controller 9.3.28 1.6.2 NGINX Ingress Controller is an Ingress controll...
bitnami/nginx-intel 2.1.15 0.4.9 DEPRECATED NGINX Open Source for Intel is a lig...
aliyun/gcloud-endpoints 0.1.0 Develop, deploy, protect and monitor your APIs ...
2、安装Chart应用
这里以安装nginx为例子
(1)从helm仓库中查询可以按照的nginx应用
helm search repo nginx
(2)选择合适版本进行安装
helm install my-nginx --version 13.2.23 bitnami/nginx
my-nginx:应用名
–version:指定版本,默认为最新版本
[root@test-99 helm]# helm install my-nginx --version 13.2.23 bitnami/nginx
NAME: my-nginx
LAST DEPLOYED: Sun Feb 12 19:40:42 2023
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: nginx
CHART VERSION: 13.2.23
APP VERSION: 1.23.3
** Please be patient while the chart is being deployed **
NGINX can be accessed through the following DNS name from within your cluster:
my-nginx.default.svc.cluster.local (port 80)
To access NGINX from outside the cluster, follow the steps below:
1. Get the NGINX URL by running these commands:
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace default -w my-nginx'
export SERVICE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].port}" services my-nginx)
export SERVICE_IP=$(kubectl get svc --namespace default my-nginx -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo "http://${SERVICE_IP}:${SERVICE_PORT}"
(3)查看安装情况
[root@test-99 helm]# kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 48d
my-nginx LoadBalancer 10.100.87.23 <pending> 80:31535/TCP 3m27s
[root@test-99 helm]# kubectl get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
my-nginx 1/1 1 1 3m48s
[root@test-99 helm]# kubectl get pods
NAME READY STATUS RESTARTS AGE
my-nginx-66d69fd876-l9zwh 1/1 Running 0 3m57s
(4)测试
通过浏览器访问:http://172.16.1.17:31535/
(3)卸载Chart应用
helm uninstall my-nginx
四、自定义Chart
对于我们自己开发的应用,如果需要通过helm进行安装的话,则需要通过helm把应用打包成功tgz文件。
1、自定义一个Chart
helm create mynginx
[root@test-99 helm]# helm create mynginx
Creating mynginx
[root@test-99 helm]#
[root@test-99 helm]# ls
helm-v3.9.3-linux-amd64.tar.gz linux-amd64 mynginx
[root@test-99 helm]#
[root@test-99 helm]# tree mynginx/
mynginx/
├── charts
├── Chart.yaml
├── templates
│ ├── deployment.yaml
│ ├── _helpers.tpl
│ ├── hpa.yaml
│ ├── ingress.yaml
│ ├── NOTES.txt
│ ├── serviceaccount.yaml
│ ├── service.yaml
│ └── tests
│ └── test-connection.yaml
└── values.yaml
3 directories, 10 files
[root@test-99 helm]#
通过helm create命令创建的Chart应用,其目录结构如下
├── charts
├── Chart.yaml # 用于描述应用相关信息
├── templates # 创建应用的模板文件
│ ├── deployment.yaml # deployment资源模板
│ ├── _helpers.tpl # 模板助手文件,其配置的值可以用于模板文件
│ ├── hpa.yaml # 水平扩缩容配置
│ ├── ingress.yaml # ingress配置
│ ├── NOTES.txt
│ ├── serviceaccount.yaml # ServiceAccount配置
│ ├── service.yaml
│ └── tests
│ └── test-connection.yaml
└── values.yaml # templates下模板文件用到的值配置
2、Chart.yml文件
[root@test-99 mynginx]# cat Chart.yaml | grep -v "^$" | grep -v "^#"
apiVersion: v2
name: mynginx
description: A Helm chart for Kubernetes
type: application
version: 0.1.0
appVersion: "1.16.0"
可以根据应用实际情况修改上面的配置信息。
3、 values.yml文件
[root@test-99 mynginx]# cat values.yaml
# Default values for mynginx.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
image:
repository: nginx
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: ""
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
service:
type: ClusterIP
port: 80
ingress:
enabled: false
className: ""
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths:
- path: /
pathType: ImplementationSpecific
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}
根据实际情况修改values.yml文件中的配置值,例如可以把镜像配置项tag改为实际配置latest,service.type改为NodePort。
4、执行安装
helm install mynginx ./mynginx
[root@test-99 helm]# helm install mynginx ./mynginx
NAME: mynginx
LAST DEPLOYED: Sun Feb 12 20:00:02 2023
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
1. Get the application URL by running these commands:
export NODE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].nodePort}" services mynginx)
export NODE_IP=$(kubectl get nodes --namespace default -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
5、查看安装情况
[root@test-99 helm]# kubectl get deployment
NAME READY UP-TO-DATE AVAILABLE AGE
mynginx 1/1 1 1 29s
[root@test-99 helm]# kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 48d
mynginx NodePort 10.98.18.60 <none> 80:30596/TCP 35s
[root@test-99 helm]# kubectl get pod
NAME READY STATUS RESTARTS AGE
mynginx-764dc4ccc7-m2hpz 1/1 Running 0 40s
6、测试
7、 打包
执行Chart应用完成之后,可以使用命令helm package 打包成tgz文件,用于测试和部署。
[root@test-99 helm]# helm package mynginx/
Successfully packaged chart and saved it to: /home/k8s/helm/mynginx-0.1.0.tgz
[root@test-99 helm]# ll
total 13704
-rw-r--r-- 1 root root 14025325 Feb 12 14:54 helm-v3.9.3-linux-amd64.tar.gz
drwxr-xr-x 2 3434 3434 77 Feb 12 16:04 linux-amd64
drwxr-xr-x 4 root root 93 Feb 12 19:59 mynginx
-rw-r--r-- 1 root root 3761 Feb 12 20:02 mynginx-0.1.0.tgz
如上,打包成mynginx-0.1.0.tgz文件,测试/运维同学拿到这个文件后,可以通过如下命令进行安装:helm install mynginx mynginx-0.1.0.tgz
