什么是 Helm

在没使用 helm 之前,向 kubernetes 部署应用,我们要依次部署 deployment、svc 等,步骤较繁琐。况且随着很多项目微服务化,复杂的应用在容器中部署以及管理显得较为复杂,helm 通过打包的方式,支持发布的版本管理和控制,很大程度上简化了 Kubernetes 应用的部署和管理Helm 本质就是让 K8s 的应用管理(Deployment,Service 等 ) 可配置,能动态生成。通过动态生成 K8s 资源清单文件(deployment.yaml,service.yaml)。然后调用 Kubectl 自动执行 K8s 资源部署Helm 是官方提供的类似于 YUM 的包管理器,是部署环境的流程封装。Helm 有两个重要的概念:chart 和 release

  • Helm使用的包格式称为 chart。
    chart 是创建一个应用的信息集合,包括各种 Kubernetes 对象的配置模板、参数定义、依赖关系、文档说
    明等。chart 是应用部署的自包含逻辑单元。可以将 chart 想象成 apt、yum 中的软件安装包。
  • Chart 文件结构
    chart是一个组织在文件目录中的集合。目录名称就是chart名称(没有版本信息)。因而描述WordPress的chart可以存储在wordpress/目录中。

在这个目录中,Helm 期望可以匹配以下结构:

wordpress/
  Chart.yaml          # 包含了chart信息的YAML文件
  LICENSE             # 可选: 包含chart许可证的纯文本文件
  README.md           # 可选: 可读的README文件
  values.yaml         # chart 默认的配置值
  values.schema.json  # 可选: 一个使用JSON结构的values.yaml文件
  charts/             # 包含chart依赖的其他chart
  crds/               # 自定义资源的定义
  templates/          # 模板目录, 当和values 结合时,可生成有效的Kubernetes manifest文件
  templates/NOTES.txt # 可选: 包含简要使用说明的纯文本文件
  • 几个Helm涉及的概念
  • Repositry: 集中存储和分发Chart的仓库,类似于Perl的CPAN, 或者Python的PyPI等。
  • Config: Chart实例化安装运行时使用的配置信息。
  • Release: Chart实例化配置后运行于Kubernetes集群中的一个应用实例;在同一个集群上,一个Chart可以使用不同的Config重复安装多次,每次安装都会创建一 个新的发布 (Release)
  • Helm 包含两个组件:Helm 客户端和 Tiller 服务器,如下图所示
  • Helm 客户端负责 chart 和 release 的创建和管理以及和 Tiller 的交互。Tiller 服务器运行在 Kubernetes 集群
    中,它会处理 Helm 客户端的请求,与 Kubernetes API Server 交互

Helm 部署

helm v3版本不需要部Tiller 可直接使用
官网下载适合版本:

https://helm.sh/zh/docs/intro...
[root@k8s-master helm]# ls
helm-v3.6.1-linux-amd64.tar.gz
[root@k8s-master helm]# tar -xf helm-v3.6.1-linux-amd64.tar.gz 
l[root@k8s-master helm]# ls
helm-v3.6.1-linux-amd64.tar.gz  linux-amd64
[root@k8s-master helm]# cd linux-amd64/
[root@k8s-master linux-amd64]# ls
helm  LICENSE  README.md
  • helm为可执行二进制文件 直接拷贝到
[root@k8s-master linux-amd64]# cp helm /usr/local/bin/helm  

[root@k8s-master linux-amd64]# helm --help
The Kubernetes package manager

Common actions for Helm:

- helm search:    search for charts
- helm pull:      download a chart to your local directory to view
- helm install:   upload the chart to Kubernetes
- helm list:      list releases of charts

Environment variables:
......

Helm 常用命令

[root@k8s-master helm]# helm list -A   #查看所有helm 或指明 namespace
[root@k8s-master helm]# helm repo list   #查看仓库
[root@k8s-master helm]# helm search hub  grafana   #hup搜索 
[root@k8s-master helm]# helm search repo  grafana   #仓库搜索 
NAME                          CHART VERSION    APP VERSION    DESCRIPTION                                       
grafana/grafana               6.13.6           8.0.3          The leading tool for querying and visualizing t...
grafana/enterprise-metrics    1.3.5            v1.3.0         Grafana Enterprise Metrics                       

[root@k8s-master helm]#  helm pull grafana/grafana   #下载Chart到本地

Helm Hub、Repositry仓库的添加

helm search hub

https://artifacthub.io/
  • helm hub仓库中搜索redis

image.png

  • 点击右侧install 按提示添加仓库地址

  • 通过helm search hub搜索仓库地址 找到适合的版本直接安装
[root@k8s-master repository]# helm search hub redis -o yaml
- app_version: 6.2.5
  description: A Helm chart for Redis on Kubernetes
  url: https://artifacthub.io/packages/helm/groundhog2k/redis
  version: 0.4.7
- app_version: 6.0.11
  description: Open source, advanced key-value store. It is often referred to as a
    data structure server since keys can contain strings, hashes, lists, sets and
    sorted sets.
  url: https://artifacthub.io/packages/helm/taalhuizen-service/redis
  version: 12.7.7
- app_version: 1.16.0
  description: Redis with metrics compatible with ARM
  url: https://artifacthub.io/packages/helm/mmontes/redis
  version: 0.1.0
- app_version: 6.2.5
  description: Open source, advanced key-value store. It is often referred to as a
    data structure server since keys can contain strings, hashes, lists, sets and
    sorted sets.
  url: https://artifacthub.io/packages/helm/wenerme/redis
  version: 15.3.2
- app_version: ""
  description: A Redis database for use inside a Kubernetes cluster.
  url: https://artifacthub.io/packages/helm/drycc-canary/redis
  version: 1.0.0

Helm Repositry仓库

[root@k8s-master ~]# helm repo list 
Error: no repositories to show
  • 添加helm仓库
[root@k8s-master ~]# helm repo add bitnami https://charts.bitnami.com/bitnami
[root@k8s-master ~]# helm repo add stable https://charts.helm.sh/stable
"stable" has been added to your repositories
[root@k8s-master ~]# helm repo list
NAME       URL                               
bitnami    https://charts.bitnami.com/bitnami
stable     https://charts.helm.sh/stable
[root@k8s-master ~]# helm repo update  #添加和删除仓库后更新索引信息 
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "stable" chart repository
...Successfully got an update from the "bitnami" chart repository
Update Complete. ⎈Happy Helming!⎈
  • 搜索char
[root@k8s-master ~]# helm search repo redis 
NAME                                CHART VERSION    APP VERSION    DESCRIPTION                                       
bitnami/redis                       15.3.2           6.2.5          Open source, advanced key-value store. It is of...
bitnami/redis-cluster               6.3.6            6.2.5          Open source, advanced key-value store. It is of...
stable/prometheus-redis-exporter    3.5.1            1.3.4          DEPRECATED Prometheus exporter for Redis metrics  
stable/redis                        10.5.7           5.0.7          DEPRECATED Open source, advanced key-value stor...
stable/redis-ha                     4.4.6            5.0.6          DEPRECATED - Highly available Kubernetes implem...
stable/sensu                        0.2.5            0.28           DEPRECATED Sensu monitoring framework backed by...

下载chart到本地 2种方法

  1. 方法1 pull直接下载
[root@k8s-master ~]# cd mag/helm/
[root@k8s-master helm]# helm pull bitnami/redis  #把chart下载到本地
[root@k8s-master helm]# ls
helm-v3.6.1-linux-amd64.tar.gz  redis-15.3.2.tgz
[root@k8s-master helm]# tar -xf redis-15.3.2.tgz 
[root@k8s-master helm]# cd redis/
[root@k8s-master redis]# ls   
Chart.lock  charts  Chart.yaml  ci  img  README.md  templates  values.schema.json  values.yaml
[root@k8s-master redis]#
  1. 方法2 缓冲文件中到找 chart
    当执行过安装过命令后,helm会在家目录生成.cache的缓存文件 里面也会包含chart
[root@k8s-master repository]# helm install db  bitnami/redis
[root@k8s-master repository]# pwd
/root/.cache/helm/repository

[root@k8s-master repository]# ll
total 19080
-rw-r--r-- 1 root root    1094 Sep 16 17:45 bitnami-charts.txt
-rw-r--r-- 1 root root 9570808 Sep 16 17:45 bitnami-index.yaml
-rw-r--r-- 1 root root   28227 Jul  1 17:40 grafana-6.13.6.tgz
-rw-r--r-- 1 root root    3908 Jul  7 21:41 myweb
-rw-r--r-- 1 root root    3872 Jul  7 03:13 nginx
-rw-r--r-- 1 root root   77619 Sep 17 11:53 redis-15.3.2.tgz  #redis chart文件
-rw-r--r-- 1 root root    3370 Sep 16 17:44 stable-charts.txt
-rw-r--r-- 1 root root 9839197 Sep 16 17:44 stable-index.yaml
[root@k8s-master repository]# tar -xf redis-15.3.2.tgz 
[root@k8s-master repository]# ls
bitnami-charts.txt  bitnami-index.yaml  grafana-6.13.6.tgz  myweb  nginx  redis  redis-15.3.2.tgz  stable-charts.txt  stable-index.yaml
[root@k8s-master repository]# cd redis/   #进入到redis缓存文件中
[root@k8s-master redis]# ls
Chart.lock  charts  Chart.yaml  ci  img  README.md  templates  values.schema.json  values.yaml
  • 查看redis chart的详细信息
[root@k8s-master helm]# helm show all bitnami/redis  #显示chart的所有信息
[root@k8s-master helm]# helm show readme  bitnami/redis   #显示chart的自述信息 可以查看示例、配置、每个版本的更新详情等信息

NAME    NAMESPACE    REVISION    UPDATED    STATUS    CHART    APP VERSION
[root@k8s-master helm]# helm install db  bitnami/redis
NAME: db
LAST DEPLOYED: Fri Sep 17 11:44:05 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
** Please be patient while the chart is being deployed **

#以下是对应用的描述信息  包括使用的端口 连接方式等
Redis™ can be accessed on the following DNS names from within your cluster:

    db-redis-master.default.svc.cluster.local for read/write operations (port 6379)  #端口
    db-redis-replicas.default.svc.cluster.local for read-only operations (port 6379)

To get your password run:

    export REDIS_PASSWORD=$(kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode)  #获取密码

To connect to your Redis™ server:
#不同的连接到redis的方法
1. Run a Redis™ pod that you can use as a client:    

   kubectl run --namespace default redis-client --restart='Never'  --env REDIS_PASSWORD=$REDIS_PASSWORD  --image docker.io/bitnami/redis:6.2.5-debian-10-r34 --command -- sleep infinity

   Use the following command to attach to the pod:

   kubectl exec --tty -i redis-client \
   --namespace default -- bash

2. Connect using the Redis™ CLI: 
   redis-cli -h db-redis-master -a $REDIS_PASSWORD
   redis-cli -h db-redis-replicas -a $REDIS_PASSWORD

To connect to your database from outside the cluster execute the following commands:

    kubectl port-forward --namespace default svc/db-redis-master 6379:6379 &
    redis-cli -h 127.0.0.1 -p 6379 -a $REDIS_PASSWORD


[root@k8s-master helm]# kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode
usubChTbCD

[root@k8s-master helm]# kubectl get pod  #查看部署状态
NAME                  READY   STATUS             RESTARTS   AGE
db-redis-master-0     0/1     Pending            0          3m44s  #挂起状态
db-redis-replicas-0   0/1     Pending            0          3m44s
mypod-env             0/1     CrashLoopBackOff   506        42h


[root@k8s-master helm]# kubectl describe pod db-redis-master-0    #查看描述信息
.....
Events:
  Type     Reason            Age   From               Message
  ----     ------            ----  ----               ------- 
  Warning  FailedScheduling  6m2s  default-scheduler  0/4 nodes are available: 4 pod has unbound immediate PersistentVolumeClaims.   #无法申请到PVC资源
  Warning  FailedScheduling  6m1s  default-scheduler  0/4 nodes are available: 4 pod has unbound immediate PersistentVolumeClaims.

示例2: redis部署

  • 根据自己的实际情况 修改chart
  • 进入之前下载的chart 修改values.yaml文件 测试环境关闭PVC需求
[root@k8s-master redis]# pwd  
/root/mag/helm/redis
[root@k8s-master redis]# ls
Chart.lock  charts  Chart.yaml  ci  img  README.md  templates  values.schema.json  values.yaml
[root@k8s-master redis]# vim values.yaml

persistence:
    ## @param master.persistence.enabled Enable persistence on Redis™ master nodes using Persistent Volume Claims
    ##
    enabled: false  #关闭master数据持久化 测试环境没有搭建PVC
    ## @param master.persistence.path The path the volume will be mounted at on Redis™ master containers
    ## NOTE: Useful when using different Redis™ images
    ##
    path: /data
    ## @param master.persistence.subPath The subdirectory of the volume to mount on Redis™ master containers
    ## NOTE: Useful in dev environments
    ##
    subPath: ""
    ## @param master.persistence.storageClass Persistent Volume storage class
    ## If defined, storageClassName: <storageClass>
    ## If set to "-", storageClassName: "", which disables dynamic provisioning
    ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
    ##
    storageClass: ""  #之前有部署longhorn的可以选择longhorn
    ## @param master.persistence.accessModes [array] Persistent Volume access modes
    ##
    accessModes:
      - ReadWriteOnce
    ## @param master.persistence.size Persistent Volume size
    ##
    size: 8Gi


  persistence:
    ## @param replica.persistence.enabled Enable persistence on Redis&trade; replicas nodes using Persistent Volume Claims
    ##
    enabled: false #关闭slave数据持久化 测试环境没有搭建PVC
    ## @param replica.persistence.path The path the volume will be mounted at on Redis&trade; replicas containers
    ## NOTE: Useful when using different Redis&trade; images
    ##
    path: /data
    ## @param replica.persistence.subPath The subdirectory of the volume to mount on Redis&trade; replicas containers
    ## NOTE: Useful in dev environments
    ##
    subPath: ""
    ## @param replica.persistence.storageClass Persistent Volume storage class
    ## If defined, storageClassName: <storageClass>
    ## If set to "-", storageClassName: "", which disables dynamic provisioning
    ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
    ##
    storageClass: ""
    ## @param replica.persistence.accessModes [array] Persistent Volume access modes
    ##
    accessModes:
      - ReadWriteOnce
    ## @param replica.persistence.size Persistent Volume size
    ##
    size: 8Gi
    
#修改副本数为1 根据自己需求修改默认为3
replica:
  ## @param replica.replicaCount Number of Redis&trade; replicas to deploy
  ##
  replicaCount: 1
  • 重新部署安装

    helm 传递参数 3种变量的引用方式

  • 方式1 还是上repo仓库中的chart 但指定变量配置文件
[root@k8s-master helm]# helm install db bitnami/redis -f ./redis/values.yaml  
  • 方式2 安装时命令直接关闭
[root@k8s-master helm]# helm install db bitnami/redis --set master.persistence.enabled=false --set replica.persistence.enabled=false --set replice.replicaCount=1
  • 方式3 直接使用修改后的chart
[root@k8s-master helm]# helm install db redis 
NAME: db
LAST DEPLOYED: Fri Sep 17 15:46:50 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
** Please be patient while the chart is being deployed **

Redis&trade; can be accessed on the following DNS names from within your cluster:

    db-redis-master.default.svc.cluster.local for read/write operations (port 6379)
    db-redis-replicas.default.svc.cluster.local for read-only operations (port 6379)

To get your password run:

    export REDIS_PASSWORD=$(kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode)

To connect to your Redis&trade; server:

1. Run a Redis&trade; pod that you can use as a client:

   kubectl run --namespace default redis-client --restart='Never'  --env REDIS_PASSWORD=$REDIS_PASSWORD  --image docker.io/bitnami/redis:6.2.5-debian-10-r34 --command -- sleep infinity

   Use the following command to attach to the pod:

   kubectl exec --tty -i redis-client \
   --namespace default -- bash

2. Connect using the Redis&trade; CLI:
   redis-cli -h db-redis-master -a $REDIS_PASSWORD
   redis-cli -h db-redis-replicas -a $REDIS_PASSWORD

To connect to your database from outside the cluster execute the following commands:

    kubectl port-forward --namespace default svc/db-redis-master 6379:6379 &
    redis-cli -h 127.0.0.1 -p 6379 -a $REDIS_PASSWORD
  • 以上连接方式信息不需要保存 可通过status再次查看
[root@k8s-master helm]# helm status  db
[root@k8s-master helm]# kubectl get pod
NAME                  READY   STATUS    RESTARTS   AGE
db-redis-master-0     1/1     Running   0          39s
db-redis-replicas-0   0/1     Running   0          39s
  • 获取redis密码
[root@k8s-master helm]# kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode
0Wf7jcy379[root@k8s-master helm]#  
  • 登录主节点
[root@k8s-master helm]# kubectl exec db-redis-master-0 -it -- /bin/sh
$ redis-cli -a 0Wf7jcy379
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
127.0.0.1:6379> set mykey www.google.com
OK
127.0.0.1:6379> set mykey2 www.baidu.com
OK
127.0.0.1:6379> get mykey2
"www.baidu.com"
127.0.0.1:6379> exit

$ redis-cli -h db-redis-replicas -a 0Wf7jcy379  #登录slave节点  看数据是否同步过去
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
db-redis-replicas:6379> get mykey
"www.google.com"
db-redis-replicas:6379> get mykey2
"www.baidu.com"
db-redis-replicas:6379> 

[root@k8s-master helm]# helm  install   db2 redis -n dev  #再dev 名称空间部署redis

[root@k8s-master helm]# helm  delete  db2 redis -n dev #删除db2

Bigyong
28 声望13 粉丝