簡單介紹:
Helm其實就是一個基於Kubernetes的程序包(資源包)管理器,它將一個應用的相關資源組織成為Charts,並通過Charts管理程序包。再簡單點說,可以當做RHEL/CentOS系統中的yum機制,有yum install,也有helm install等等。具體可以參考網上其他介紹。
GitHub:https://github.com/helm/helm
官網:https://helm.sh/docs/using_helm/#quickstart-guide
測試環境:
同之前部署的集群環境,如下
| System | Hostname | IP | Helm |
| CentOS 7.6 | k8s-master | 138.138.82.14 | helm命令安裝在主節點上 |
| CentOS 7.6 | k8s-node1 | 138.138.82.15 | — |
| CentOS 7.6 | k8s-node2 | 138.138.82.16 | — |
具體步驟:
1. 安裝客戶端Helm命令(https://github.com/helm/helm/releases)
[root@k8s-master ~]# wget https://storage.googleapis.com/kubernetes-helm/helm-v2.13.1-linux-amd64.tar.gz
解壓,將其中的helm文件移至 /usr/local/bin/
[root@k8s-master ~]# mv linux-amd64/helm /usr/local/bin/
helm的命令安裝完成,如需查看命令怎么使用,使用 ~]# helm help 即可。
2. 安裝Tiller服務
Tiller是helm的服務器端,一般運行於kubernetes集群之上,當然少不了RBAC授權,事先創建相關的ServiceAccount才能進行安裝。
下面給出了一個樣例yaml清單,定義了一個名為tiller的ServiceAccount,並通過ClusterRoleBinding將其綁定至集群管理員角色cluster-admin,從而使得它擁有集群級別所有的最高權限:
[root@k8s-master ~]# cat till-rbac-config.yaml apiVersion: v1 kind: ServiceAccount metadata: name: tiller namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: tiller roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: tiller namespace: kube-system
發布到kubernetes集群中去:
[root@k8s-master ~]# kubectl apply -f till-rbac-config.yaml serviceaccount/tiller created clusterrolebinding.rbac.authorization.k8s.io/tiller created
接下來,初始化Tiller服務:
[root@k8s-master ~]# helm init --upgrade --service-account tiller --tiller-image registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.13.1 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts Creating /root/.helm Creating /root/.helm/repository Creating /root/.helm/repository/cache Creating /root/.helm/repository/local Creating /root/.helm/plugins Creating /root/.helm/starters Creating /root/.helm/cache/archive Creating /root/.helm/repository/repositories.yaml Adding stable repo with URL: https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts Adding local repo with URL: http://127.0.0.1:8879/charts $HELM_HOME has been configured at /root/.helm. Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster. Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy. To prevent this, run `helm init` with the --tiller-tls-verify flag. For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation Happy Helming!
如上顯示,初始化成功!
注意:helm init命令進行初始化時,Kubernetes集群會到gcr.io/kubernetes-helm/上獲取所需的鏡像,不出意外,被牆了,故指定替代鏡像可以解決。同時還要將repo源更換成阿里的鏡像,更快更便捷。
3. helm命令使用
①更新使用的默認倉庫元數據信息
[root@k8s-master ~]# helm repo update Hang tight while we grab the latest from your chart repositories... ...Skip local chart repository ...Successfully got an update from the "stable" chart repository Update Complete. ⎈ Happy Helming!⎈
②搜索列出
[root@k8s-master ~]# helm search redis NAME CHART VERSION APP VERSION DESCRIPTION stable/redis 1.1.15 4.0.8 Open source, advanced key-value store. It is often referr... stable/redis-ha 2.0.1 Highly available Redis cluster with multiple sentinels an... stable/sensu 0.2.0 Sensu monitoring framework backed by the Redis transport
③打印指定Charts詳細信息
[root@k8s-master ~]# helm inspect stable/redis
④安裝
[root@k8s-master ~]# helm install stable/redis -n redis // -n 給個名字;也可以在安裝前加個 --dry-run 用作測試
⑤查看已經安裝
[root@k8s-master ~]# helm list
⑥刪除已經安裝的
[root@k8s-master ~]# helm delete redis
⑦其他
[root@k8s-master ~]# helm upgrade [root@k8s-master ~]# helm rollback [root@k8s-master ~]# helm history
至此,Helm的安裝和簡單使用到此完成。
結束.