在學習Helm之前,你需要先對k8s的deployment/pod/service/ingress/pv/pvc/statefulset/configmap/vxlan/flannel/daemonset等要能夠比較熟練的使用。
什么是Helm
helm的官網https://helm.sh/ ,上面講了
The package manager for Kubernetes.
Helm is the best way to find, share, and use software built for Kubernetes.
Helm helps you manage Kubernetes applications — Helm Charts help you define, install, and upgrade even the most complex Kubernetes application.
Charts are easy to create, version, share, and publish — so start using Helm and stop the copy-and-paste.
Helm is a graduated project in the CNCF and is maintained by the Helm community.
包管理,helm是一個k8s包管理工具,好了,怎么理解?
舉個例子,yum我們知道吧,它是rpm包管理工具,我們執行yum install mysql時,它會自動幫我們安裝mysql和mysql需要的依賴,那helm的包管理了?
我再舉個例子,我們在k8s部署一個mysql時,是不是要先編寫deployment、services、ingress、pv、pvc、configmap等文件,當然我也可以把它們編寫到一個文件,然后執行kubectl apply -f mysql.yml,而helm怎么安裝mysql了? helm install mysql repo/mysql即可,如歌就這么理解了helm,其實還不對,因為你執行helm install時,helm怎么知道mysql的版本、要映射的端口、要配置的域名等,這些還是需要你去寫helm格式的配置文件,這些文件的內容甚至比kubectl apply的文件還要多,所以那helm到底有哪些好處了?
我再舉個例子,如果我們不同的項目也需要mysql時,我們是不是復制一下上面的mysql.yml然后修改一下里面的內容。比如service/ingress/pv/pvc等,如何有更新的項目,我們是不是繼續復制修改復制修改,而helm了?helm只需編寫一個helm模板的配置文件,然后多個項目應用部署時,只需要項目自己的參數即可。模板功能方便了我們部署k8s服務,這才是我們需要helm的地方,helm具體如何使用,我們繼續看下面的內容。
安裝Helm
下載鏈接,https://github.com/helm/helm/releases ,下載完后,解壓即可
本文檔是將helm安裝在k8s主機
# tar -zxvf helm-v3.2.1-linux-amd64.tar.gz
# cp linux-amd64/helm /usr/local/bin/
# helm version
version.BuildInfo{Version:"v3.2.1", GitCommit:"fe51cd1e31e6a202cba7dead9552a6d418ded79a", GitTreeState:"clean", GoVersion:"go1.13.10"}
Helm基本架構
這里的kube-config就是連接kube-apiserver的配置信息。我的helm安裝在k8s主機且是root賬戶,所以我不用再配置kube-config,下面是helm配置文件和連接kube-apiserver配置文件相關說明,helm --help可以看到
Environment variables:
| Name | Description |
|------------------------------------|-----------------------------------------------------------------------------------|
| $XDG_CACHE_HOME | set an alternative location for storing cached files. |
| $XDG_CONFIG_HOME | set an alternative location for storing Helm configuration. |
| $XDG_DATA_HOME | set an alternative location for storing Helm data. |
| $HELM_DRIVER | set the backend storage driver. Values are: configmap, secret, memory, postgres |
| $HELM_DRIVER_SQL_CONNECTION_STRING | set the connection string the SQL storage driver should use. |
| $HELM_NO_PLUGINS | disable plugins. Set HELM_NO_PLUGINS=1 to disable plugins. |
| $KUBECONFIG | set an alternative Kubernetes configuration file (default "~/.kube/config") |
Helm stores configuration based on the XDG base directory specification, so
- cached files are stored in $XDG_CACHE_HOME/helm
- configuration is stored in $XDG_CONFIG_HOME/helm
- data is stored in $XDG_DATA_HOME/helm
By default, the default directories depend on the Operating System. The defaults are listed below:
| Operating System | Cache Path | Configuration Path | Data Path |
|------------------|---------------------------|--------------------------------|-------------------------|
| Linux | $HOME/.cache/helm | $HOME/.config/helm | $HOME/.local/share/helm |
| macOS | $HOME/Library/Caches/helm | $HOME/Library/Preferences/helm | $HOME/Library/helm |
| Windows | %TEMP%\helm | %APPDATA%\helm | %APPDATA%\helm |
使用helm部署mysql
我們先使用外部倉庫定義的Charts來安裝一個mysql開始,逐步揭開helm的面紗。
添加倉庫
# helm repo add stable http://mirror.azure.cn/kubernetes/charts
# helm repo add aliyun https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
# helm repo list
NAME URL
elastic https://helm.elastic.co
stable http://mirror.azure.cn/kubernetes/charts
aliyun https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
查找charts
# helm search repo mysql
NAME CHART VERSION APP VERSION DESCRIPTION
aliyun/mysql 0.3.5 Fast, reliable, scalable, and easy to use open-...
stable/mysql 1.6.3 5.7.28 Fast, reliable, scalable, and easy to use open-...
stable/mysqldump 2.6.0 2.4.1 A Helm chart to help backup MySQL databases usi...
...
安裝mysql
# helm install aliyun aliyun/mysql
Error: unable to build kubernetes objects from release manifest: unable to recognize "": no matches for kind "Deployment" in version "extensions/v1beta1"
居然報錯了,deploument不支持的版本
把charts下載下來,看看里面的內容
# helm pull aliyun/mysql
# tar -zxvf mysql-0.3.5.tgz
# more mysql/templates/deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
...(省略輸出)
# kubectl api-resources
NAME SHORTNAMES APIGROUP NAMESPACED KIND
deployments deploy apps true Deployment
這個說明deployment只支持apps的版本(沒找到官方說明論證),這也就是外部倉庫的charts不一定會及時更新,我們拿來不一定能夠直接使用,下面我改為安裝stable/mysql。
# helm install db stable/mysql
NAME: db
LAST DEPLOYED: Sun May 17 17:03:59 2020
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
MySQL can be accessed via port 3306 on the following DNS name from within your cluster:
db-mysql.default.svc.cluster.local
To get your root password run:
MYSQL_ROOT_PASSWORD=$(kubectl get secret --namespace default db-mysql -o jsonpath="{.data.mysql-root-password}" | base64 --decode; echo)
To connect to your database:
1. Run an Ubuntu pod that you can use as a client:
kubectl run -i --tty ubuntu --image=ubuntu:16.04 --restart=Never -- bash -il
2. Install the mysql client:
$ apt-get update && apt-get install mysql-client -y
3. Connect using the mysql cli, then provide your password:
$ mysql -h db-mysql -p
To connect to your database directly from outside the K8s cluster:
MYSQL_HOST=127.0.0.1
MYSQL_PORT=3306
# Execute the following command to route the connection:
kubectl port-forward svc/db-mysql 3306
mysql -h ${MYSQL_HOST} -P${MYSQL_PORT} -u root -p${MYSQL_ROOT_PASSWORD}
查看安裝
# helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
db default 1 2020-05-17 17:03:59.299616407 +0800 CST deployed mysql-1.6.3 5.7.28
# kubectl get pod
NAME READY STATUS RESTARTS AGE
db-mysql-8564f79ccb-gg9tw 0/1 Pending 0 100s
pending狀態,我們再繼續查看狀態,下面省略部分輸出
# kubectl describe pod db-mysql-8564f79ccb-gg9tw
Name: db-mysql-8564f79ccb-gg9tw
Namespace: default
Priority: 0
Node: <none>
Labels: app=db-mysql
pod-template-hash=8564f79ccb
release=db
Annotations: <none>
Status: Pending
Conditions:
Type Status
PodScheduled False
Volumes:
data:
Type: PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
ClaimName: db-mysql
ReadOnly: false
default-token-plkbj:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-plkbj
Optional: false
QoS Class: Burstable
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning FailedScheduling <unknown> default-scheduler pod has unbound immediate PersistentVolumeClaims (repeated 2 times)
Warning FailedScheduling <unknown> default-scheduler pod has unbound immediate PersistentVolumeClaims (repeated 2 times)
創建pvc失敗,查看pvc
# kubectl get pvc
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
db-mysql Pending 3m32s
# kubectl get pvc/db-mysql -o yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
annotations:
meta.helm.sh/release-name: db
meta.helm.sh/release-namespace: default
creationTimestamp: "2020-05-17T09:03:59Z"
finalizers:
- kubernetes.io/pvc-protection
labels:
app: db-mysql
app.kubernetes.io/managed-by: Helm
chart: mysql-1.6.3
heritage: Helm
release: db
name: db-mysql
namespace: default
resourceVersion: "14924757"
selfLink: /api/v1/namespaces/default/persistentvolumeclaims/db-mysql
uid: a7b438a3-9513-410d-ae8c-6cbb083fcc1e
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 8Gi
volumeMode: Filesystem
status:
phase: Pending
需要8G的PV,那我創建PV,
# cat pv.yml
apiVersion: v1
kind: PersistentVolume
metadata:
name: dbdata # 修改PV名稱
spec:
capacity:
storage: 8Gi # 修改大小
accessModes:
- ReadWriteOnce
nfs:
path: /data/nfs/dbdata # 修改目錄名
server: x.x.x.x
# kubectl apply -f pv.yml
再查看安裝
# kubectl get pvc
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
db-mysql Bound dbdata 8Gi RWO 6m8s
# kubectl get pod (安裝需要一定的時間,可以通過下面的命令查看狀態)
# kubectl describe pod db-mysql-8564f79ccb-gg9tw
# kubectl logs db-mysql-8564f79ccb-gg9tw
# kubectl get pod
NAME READY STATUS RESTARTS AGE
db-mysql-8564f79ccb-gg9tw 1/1 Running 0 9m43s
直接進入容器,查看mysql可以使用
# 查看mysql密碼
# kubectl get secret --namespace default db-mysql -o jsonpath="{.data.mysql-root-password}" | base64 --decode; echo
# kubectl exec -it db-mysql-8564f79ccb-gg9tw bash
# mysql -uroot -p
幾個概念
通過上面的安裝,我們需要了解下面幾個概念
| 名字 | 描述 |
|---|---|
| Charts | 應用部署配置模板集 |
| Release | 將charts應用到本地的實例 |
| Repo | Charts倉庫 |
Helm命令解析
| 命令 | 描述 |
|---|---|
| create | 創建應用模板 |
| install | 安裝charts |
| list | 列出本地release |
| pull | 下載charts到本地目錄 |
| package | 將chart目錄打包為chart歸檔包 |
| show | 查看cahrts內容 |
| uninstall | 卸載release |
| upgrade | 更新releasr |
| version | 查看helm版本號 |
Chart模板
可參考 https://helm.sh/docs/chart_template_guide/
# helm create nginx
# tree .
.
├── charts
├── Chart.yaml
├── templates
│ ├── deployment.yaml
│ ├── _helpers.tpl
│ ├── hpa.yaml
│ ├── ingress.yaml
│ ├── NOTES.txt
│ ├── serviceaccount.yaml
│ ├── service.yaml
│ └── tests
│ └── test-connection.yaml
└── values.yaml
3 directories, 10 files
編寫中...
使用Harbor作為Helm Cahrts倉庫
# helm package nginx/
Successfully packaged chart and saved it to: /root/nginx-0.1.0.tgz
# ll
total 8
drwxr-xr-x 4 root root 4096 May 17 19:10 nginx
-rw-r--r-- 1 root root 3572 May 17 21:38 nginx-0.1.0.tgz
# tar -tvf nginx-0.1.0.tgz
-rw-r--r-- 0/0 120 2020-05-17 21:38 nginx/Chart.yaml
-rw-r--r-- 0/0 1798 2020-05-17 21:38 nginx/values.yaml
-rw-r--r-- 0/0 1573 2020-05-17 21:38 nginx/templates/NOTES.txt
-rw-r--r-- 0/0 1800 2020-05-17 21:38 nginx/templates/_helpers.tpl
-rw-r--r-- 0/0 1818 2020-05-17 21:38 nginx/templates/deployment.yaml
-rw-r--r-- 0/0 902 2020-05-17 21:38 nginx/templates/hpa.yaml
-rw-r--r-- 0/0 1048 2020-05-17 21:38 nginx/templates/ingress.yaml
-rw-r--r-- 0/0 355 2020-05-17 21:38 nginx/templates/service.yaml
-rw-r--r-- 0/0 316 2020-05-17 21:38 nginx/templates/serviceaccount.yaml
-rw-r--r-- 0/0 381 2020-05-17 21:38 nginx/templates/tests/test-connection.yaml
-rw-r--r-- 0/0 349 2020-05-17 21:38 nginx/.helmignore
我們的Harbor需要在安裝的時候指定安裝Helm模塊,helm也需要安裝push插件。
編寫中...