Kubernetes 之 Helm
helm 把 kubernetes 资源打包到一个 chart 中,制作并完成各个 chart 和 chart 本身依赖关系并利用
chart 仓库实现对外分发,而 helm 还可通过 values.yaml 文件完成可配置的发布,如果 chart 版本更新
了,helm 自动支持滚更更新机制,还可以一键回滚,但是不是适合在生产环境使用,除非具有定义自制
chart 的能力。
Helm 链接:https://github.com/helm/helm/releases
Helm v3 版本变化
安装Helm
https://helm.sh/zh/docs/topics/version_skew/
[root@xianchaomaster1 ~]# tar zxvf helm-v3.6.3-linux-amd64.tar.gz
[root@xianchaomaster1 ~]# mv linux-amd64/helm /usr/bin/
#查看 helm 版本:
[root@xianchaomaster1 ~]# helm version
version.BuildInfo{Version:"v3.6.3", GitCommit:"d506314abfb5d21419df8c7e7e68012379db2354",
GitTreeState:"clean", GoVersion:"go1.16.5"}
#添加阿里云的 chart 仓库
[root@xianchaomaster1 ~]# helm repo add aliyun https://kubernetes.oss-cnhangzhou.aliyuncs.com/charts
#显示如下:
"aliyun" has been added to your repositories
#添加 bitnami 的 chart 仓库
[root@xianchaomaster1 ~]# helm repo add bitnami https://charts.bitnami.com/bitnami
#更新 chart 仓库
[root@xianchaomaster1 ~]# helm repo update
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "aliyun" chart repository
...Successfully got an update from the "bitnami" chart repository
Update Complete. ⎈Happy Helming!⎈
#查看配置的 chart 仓库有哪些
[root@xianchaomaster1 ~]# helm repo list
NAME URL
aliyun https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
bitnami https://charts.bitnami.com/bitnami
#删除 chart 仓库地址
[root@xianchaomaster1 ~]# helm repo remove aliyun
"aliyun" has been removed from your repositories
#重新添加阿里云的 chart 仓库
[root@xianchaomaster1 ~]# helm repo add aliyun https://kubernetes.oss-cnhangzhou.aliyuncs.com/charts
#更新 chart 仓库
[root@xianchaomaster1 ~]# helm repo update
#从指定 chart 仓库地址搜索 chart
[root@xianchaomaster1 ~]# helm search repo aliyunHelm 基本使用
#查看阿里云 chart 仓库中的 memcached
[root@xianchaomaster1 ~]# helm search repo aliyun |grep memcached
aliyun/mcrouter 0.1.0 0.36.0 Mcrouter is a
aliyun/memcached 2.0.1 Free & open
#查看 chart 信息
[root@xianchaomaster1 ~]# helm show chart aliyun/memcached
apiVersion: v1
description: Free & open source, high-performance, distributed memory object caching
system.
home: http://memcached.org/
icon: https://upload.wikimedia.org/wikipedia/en/thumb/2/27/Memcached.svg/1024pxMemcached.svg.png
keywords:
- memcached
- cache
maintainers:
- email: gtaylor@gc-taylor.com
name: Greg Taylor
name: memcached
sources:
- https://github.com/docker-library/memcached
version: 2.0.1
#下载 chart 包到本地
[root@xianchaomaster1 ~]# helm pull aliyun/memcached
[root@xianchaomaster1 ~]# tar zxvf memcached-2.0.1.tgz
[root@xianchaomaster1 ~]# cd memcached
[root@xianchaomaster1 memcached]# ll
total 12
-rwxr-xr-x 1 root root 415 Jan 1 1970 Chart.yaml
-rwxr-xr-x 1 root root 2804 Jan 1 1970 README.md
drwxr-xr-x 2 root root 99 Apr 11 19:31 templates
-rwxr-xr-x 1 root root 882 Jan 1 1970 values.yaml
#Chart.yaml: chart 的基本信息,包括版本名字之类
#templates: 存放 k8s 的部署资源模板,通过渲染变量得到部署文件
#values.yaml:存放全局变量,templates 下的文件可以调用
[root@xianchaomaster1 memcached]# cd templates/
[root@xianchaomaster1 templates]# ll
total 20
-rwxr-xr-x 1 root root 536 Jan 1 1970 _helpers.tpl
-rwxr-xr-x 1 root root 570 Jan 1 1970 NOTES.txt
-rwxr-xr-x 1 root root 373 Jan 1 1970 pdb.yaml
-rwxr-xr-x 1 root root 2305 Jan 1 1970 statefulset.yaml
-rwxr-xr-x 1 root root 420 Jan 1 1970 svc.yaml
#_helpers.tpl 存放能够复用的模板
#NOTES.txt 为用户提供一个关于 chart 部署后使用说明的文件部署 chart
helm 部署 memcached 服务
#安装 memcached 的 Chart
[root@xianchaonode1 ~]# docker load -i memcache_1_4_36.tar.gz
#修改 statefulset.yaml 文件
[root@xianchaomaster1 ~]# cd memcached
[root@xianchaomaster1 memcached]# cat templates/statefulset.yaml
apiVersion 后面的 value 值变成 apps/v1删除affinity 亲和性配置
[root@xianchaomaster1 memcached]# helm install memcached ./
NAME: memcached
LAST DEPLOYED: Fri Jul 16 07:58:54 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
Memcached can be accessed via port 11211 on the following DNS name from within your cluster:
memcached-memcached.default.svc.cluster.local
If you'd like to test your instance, forward the port locally:
export POD_NAME=$(kubectl get pods --namespace default -l "app=memcached-memcached" -o
jsonpath="{.items[0].metadata.name}")
kubectl port-forward $POD_NAME 11211
In another tab, attempt to set a key:
$ echo -e 'set mykey 0 60 5\r\nhello\r' | nc localhost 11211
You should see:
STORED
#验证 memcache 是否部署成功:
[root@xianchaomaster1 memcached]# kubectl get pods
NAME READY STATUS RESTARTS AGE
memcached-memcached-0 1/1 Running 0 56s
memcached-memcached-1 1/1 Running 0 50s
memcached-memcached-2 1/1 Running 0 37s
[root@xianchaomaster1 memcached]# yum install nc -y
#测试 memecached 服务是否正常:
[root@xianchaomaster1 memcached]# export POD_NAME=$(kubectl get pods --namespace default -l
"app=memcached-memcached" -o jsonpath="{.items[0].metadata.name}")
er1 memcached]# -bash: [root@xianchaomaster1: command not found
-bash: -bash:: command not found
[root@xianchaomaster1 memcached]# kubectl port-forward $POD_NAME 11211
Forwarding from 127.0.0.1:11211 -> 11211
Forwarding from [::1]:11211 -> 11211
Handling connection for 11211
Handling connection for 11211
[root@xianchaonode1 memcached]# echo -e 'set mykey 0 60 5\r\nhello\r' | nc localhost 11211
#release 相关操作
#查看 release 发布状态
[root@xianchaomaster1 memcached]# helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART
APP VERSION
memcached default 1 2021-07-16 08:04:44.172578607 +0800 CST deployed memcached2.0.1
#删除 release
[root@xianchaomaster1 memcached]# helm delete memcached
release "memcached" uninstalled
#删除 release 会把 release 下对应的资源也删除
[root@xianchaomaster1 memcached]# kubectl get pods
memecached 的 pod 也被删除了
自定义 Chart 模板
我们安装好 helm 之后我们可以开始自定义 chart,那么我们需要先创建出一个模板如下:
[root@xianchaomaster1 ~]# helm create myapp
[root@xianchaomaster1 ~]# cd myapp/
[root@xianchaomaster1 myapp]# yum install tree -y
[root@xianchaomaster1 myapp]# tree ./
./
├── charts #用于存放所依赖的子 chart
├── Chart.yaml # 描述这个 Chart 的相关信息、包括名字、描述信息、版本等
├── templates #模板目录,保留创建 k8s 的资源清单文件
│ ├── deployment.yaml #deployment 资源的 go 模板文件
│ ├── _helpers.tpl # # 模板助手文件,定义的值可在模板中使用
│ ├── hpa.yaml #水平 pod 自动扩缩容 go 模板文件
│ ├── ingress.yaml #七层代理 go 模板文件
│ ├── NOTES.txt
│ ├── serviceaccount.yaml
│ ├── service.yaml #service 的 go 模板文件
│ └── tests
│ └── test-connection.yaml
└── values.yaml #模板的值文件,这些值会在安装时应用到 GO 模板生成部署文件
# Chart.yaml 编写规则
[root@xianchaomaster1 myapp]# cat Chart.yaml
apiVersion: v2
name: myapp
description: A Helm chart for Kubernetes
version: 0.0.1
appVersion: "latest"
type: application
maintainer:
- name: xianchao
wechat: luckylucky421302
appVersion: "1.16.0"
#
#解释说明:Chart.yaml 文件主要用来描述对应 chart 的相关属性信息,
#apiVersion 字段用于描述对应 chart 使用的 api 版本,默认是 v2 版本;
#name 字段用于描述对应 chart 的名称;
#description 字段用于描述对应 chart 的说明简介;
#type 字段用户描述对应 chart 是应用程序还是库文件,应用程序类型的chart,它可以运行为一个 release,但库类型的 chart 不能运行为 release,它只能作为依赖被
#application 类型的 chart 所使用;
#version 字段用于描述对应 chart 版本;
#appVersion 字段用于描述对应 chart 内部程序的版本信息;
# go 模板文件渲染
[root@xianchaomaster1 myapp]# cat templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "myapp.fullname" . }}
labels:
{{- include "myapp.labels" . | nindent 4 }}
spec:
{{- if not .Values.autoscaling.enabled }}
replicas: {{ .Values.replicaCount }}
{{- end }}
selector:
matchLabels:
{{- include "myapp.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "myapp.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "myapp.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http
containerPort: 80
protocol: TCP
livenessProbe:
httpGet:
path: /
port: http
readinessProbe:
httpGet:
path: /
port: http
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
#解释:
#该部署清单模板文件,主要用 go 模板语言来写的,其中{{ include "myapp.fullname" . }}就表示取 myapp 的全名;
#{{ .Values.image.repository }}这段代码表示读取当前目录下的 values 文件中的image.repository 字段的值;
#{{ .Values.image.tag | default .Chart.AppVersion }}表示对于 values文件中 image.tag 的值或者读取 default.chart 文件中的 AppVersion 字段的值;
#简单讲 go 模板就是应用对应 go 模板语法来定义关属性的的值;
#一般都是从 values.yaml 文件中加载对应字段的值作为模板文件相关属性的值。
#nindent 4:表示首行缩进 4 个字母
#TRUNC(NUMBER)表示截断数字
#values.yaml 文件编写
[root@xianchaomaster1 myapp]# cat values.yaml
# Default values for myapp.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
image:
repository: nginx
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: ""
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
service:
type: ClusterIP
port: 80
ingress:
enabled: false
className: ""
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths:
- path: /
pathType: ImplementationSpecific
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}
#解释:
#比如我们要引用 values.yaml 文件中的 image 字段下的 tag 字段的值,我们可以在模板文件中写成{{ .Values.image.tag }};
#如果在命令行使用--set 选项来应用我们可以写成 image.tag;修改对应的值可以直接编辑对应 values.yaml 文件中对应字段的值,也可以直接使用--set 指定对应字段的对应值即可;
#默认情况在命令行使用--set 选项给出的值,都会直接被替换,没有给定的值,默认还是使用values.yaml 文件中给定的默认值;
#安装自定义helm
[root@xianchaomaster1 myapp]# helm install myapp .
NAME: myapp
LAST DEPLOYED: Wed Apr 12 22:57:35 2023
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
1. Get the application URL by running these commands:
export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=myapp,app.kubernetes.io/instance=myapp" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace default $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl --namespace default port-forward $POD_NAME 8080:$CONTAINER_PORT
#Helm常用命令
#检查 values 语法格式
[root@xianchaomaster1 myapp]# helm lint /root/myapp/
==> Linting /root/myapp/
[INFO] Chart.yaml: icon is recommended
1 chart(s) linted, 0 chart(s) failed
#通过上面可看到语法正确
7.2 upgrade 升级 release
[root@xianchaomaster1 myapp]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
myapp ClusterIP 10.106.231.94 <none> 80/TCP
[root@xianchaomaster1 myapp]# helm upgrade --set service.type="NodePort" myapp .
Release "myapp" has been upgraded. Happy Helming!
NAME: myapp
LAST DEPLOYED: Fri Jul 16 13:12:11 2021
NAMESPACE: default
STATUS: deployed
REVISION: 2
NOTES:
1. Get the application URL by running these commands:
export NODE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].nodePort}"
services myapp)
export NODE_IP=$(kubectl get nodes --namespace default -o
jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
[root@xianchaomaster1 myapp]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
myapp NodePort 10.106.231.94 <none> 80:30334/TCP 5m2s
#通过上面可以看到 Service 的 type 类型已经变成了 nodePort
7.3 回滚 release
#查看历史版本
[root@xianchaomaster1 myapp]# helm history myapp
REVISION UPDATED STATUS CHART APP VERSION DESCRIPTION
1 Fri Jul 16 13:07:32 2021 superseded myapp-0.0.1 latest Install
complete
2 Fri Jul 16 13:12:11 2021 deployed myapp-0.0.1 latest Upgrade
complete
#把 myapp 回滚到版本 1
[root@xianchaomaster1 myapp]# helm rollback myapp 1
[root@xianchaomaster1 myapp]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
myapp ClusterIP 10.106.231.94 <none> 80/TCP
#可以看到 service 已经完成回滚了
7.4 打包 Chart
[root@xianchaomaster1 myapp]# helm package /root/myapp/
Successfully packaged chart and saved it to: /root/myapp/myapp-0.0.1.tgz
7.5 操作 release 命令
升级 release 版本
helm upgrade
回滚 release 版本
helm rollback
创建一个 release 实例
7.5 操作 release 命令
升级 release 版本
helm upgrade
回滚 release 版本
helm rollback
创建一个 release 实例
版权声明,本文档全部内容及版权归韩先超所有,只可用于自己学习使用,禁止私自传阅,违者依法
追责。
helm install
卸载 release
helm uninstall
查看历史版本
helm history
7.6 操作 Chart 命令
#检查 Chat 的语法
helm lint
chart 相关的
查看 chart 的详细信息
helm inspect
把 chart 下载下来
helm pull
把 chart 打包
helm package
浙公网安备 33010602011771号