Helm——kubernetes的yum或者apt
目录:
Helm客户端
$ curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get | bash
$ helm version
Client: &version.Version{SemVer:"v2.12.0", GitCommit:"d325d2a9c179b33af1a024cdb5a4472b6288016a", GitTreeState:"clean"}
Error: could not find tiller
通常建议安装helm的bash命令补全脚本,方法如下:
$ helm completion bash > .helmrc
$ echo "source .helmrc" >> .bashrc
重新登录后就可以通过Tab键补全helm子命令和参数了
Helm 客户端是终端用户使用的命令行工具
- 在本地开发chart
- 管理chart仓库
- 与Tiller服务器交互
- 在远程Kubernetes集群上安装chart
- 查看release信息
- 升级或卸载已有的release
Tiller服务器
$ helm init
Creating /home/why/.helm
Creating /home/why/.helm/repository
Creating /home/why/.helm/repository/cache
Creating /home/why/.helm/repository/local
Creating /home/why/.helm/plugins
Creating /home/why/.helm/starters
Creating /home/why/.helm/cache/archive
Creating /home/why/.helm/repository/repositories.yaml
Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com
Adding local repo with URL: http://127.0.0.1:8879/charts
$HELM_HOME has been configured at /home/why/.helm.
Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.
Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.
To prevent this, run `helm init` with the --tiller-tls-verify flag.
For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation
Happy Helming!
Tiller本身也是作为容器化应用运行在Kubernetes集群
$ kubectl get --namespace=kube-system svc tiller-deploy
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
tiller-deploy ClusterIP 10.102.247.151 <none> 44134/TCP 51s
[why@why-01 ~]$ kubectl get --namespace=kube-system deployments tiller-deploy
NAME READY UP-TO-DATE AVAILABLE AGE
tiller-deploy 1/1 1 1 69s
Tiller服务器会处理Helm客户端的请求,与Kubernetes API Server
交互。
- 监听来自Helm客户端的请求
- 通过chart构建release
- 在Kubernetes中安装chart,并跟踪release的状态
- 通过
API Server
升级或卸载已有的release
可执行helm search
查看当前可安装的chart
[why@why-01 ~]$ helm search
NAME CHART VERSION APP VERSION DESCRIPTION
stable/acs-engine-autoscaler 2.2.1 2.1.1 Scales worker nodes within agent pools
stable/aerospike 0.1.7 v3.14.1.2 A Helm chart for Aerospike in Kubernetes
stable/airflow 0.9.0 1.10.0 Airflow is a platform to programmatically author, schedul...
stable/anchore-engine 0.9.0 0.3.0 Anchore container analysis and policy evaluation engine s...
stable/apm-server 0.1.0 6.2.4 The server receives data from the Elastic APM agents and ...
stable/ark 1.2.3 0.9.1 A Helm chart for ark
stable/artifactory 7.3.1 6.1.0 DEPRECATED Universal Repository Manager supporting all ma...
stable/artifactory-ha 0.4.1 6.2.0 DEPRECATED Universal Repository Manager supporting all ma...
stable/auditbeat 0.4.0 6.5.1 A lightweight shipper to audit the activities of users an...
stable/aws-cluster-autoscaler 0.3.3 Scales worker nodes within autoscaling groups.
stable/bitcoind 0.1.3 0.15.1 Bitcoin is an innovative payment network and a new kind o...
stable/bookstack 0.1.2 0.24.2 BookStack is a simple, self-hosted, easy-to-use platform ...
Helm可以像apt和yum管理软件包一样管理chart。
apt和yum的软件包存放在仓库中,Helm也有仓库,可以通过helm repo add
添加更多的仓库,详情参考官方文档
添加权限
$ kubectl create serviceaccount --namespace kube-system tiller
serviceaccount/tiller created
$ kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
clusterrolebinding.rbac.authorization.k8s.io/tiller-cluster-rule created
$ kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
deployment.extensions/tiller-deploy patched
安装chart
$ helm install stable/mysql
NAME: kneeling-puffin
LAST DEPLOYED: Mon Dec 10 23:51:05 2018
NAMESPACE: default
STATUS: DEPLOYED
RESOURCES:
==> v1/ConfigMap
NAME DATA AGE
kneeling-puffin-mysql-test 1 0s
==> v1/PersistentVolumeClaim
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
kneeling-puffin-mysql Pending 0s
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kneeling-puffin-mysql ClusterIP 10.99.240.42 <none> 3306/TCP 0s
==> v1beta1/Deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
kneeling-puffin-mysql 1 0 0 0 0s
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
kneeling-puffin-mysql-5cd8b94cd5-5tvsj 0/1 Pending 0 0s
==> v1/Secret
NAME TYPE DATA AGE
kneeling-puffin-mysql Opaque 2 0s
NOTES:
MySQL can be accessed via port 3306 on the following DNS name from within your cluster:
kneeling-puffin-mysql.default.svc.cluster.local
To get your root password run:
MYSQL_ROOT_PASSWORD=$(kubectl get secret --namespace default kneeling-puffin-mysql -o jsonpath="{.data.mysql-root-password}" | base64 --decode; echo)
To connect to your database:
1. Run an Ubuntu pod that you can use as a client:
kubectl run -i --tty ubuntu --image=ubuntu:16.04 --restart=Never -- bash -il
2. Install the mysql client:
$ apt-get update && apt-get install mysql-client -y
3. Connect using the mysql cli, then provide your password:
$ mysql -h kneeling-puffin-mysql -p
To connect to your database directly from outside the K8s cluster:
MYSQL_HOST=127.0.0.1
MYSQL_PORT=3306
# Execute the following command to route the connection:
kubectl port-forward svc/kneeling-puffin-mysql 3306
mysql -h ${MYSQL_HOST} -P${MYSQL_PORT} -u root -p${MYSQL_ROOT_PASSWORD}
前四行为chart的部署的信息
- NAME是release的名字,如果没用
-n
参数指定,Helm随机生成了一个 - NAMESPACE是release部署的namespace,默认是default,也可以通过
--namespace
指定。 - STATUS为DEPLOYED,表示已经将chart部署到集群。
然后RESOURCES开始是包含的资源,名字统一为kneeling-puffin-mysql
- ConfigMap
- PersistentVolumeClaim
- Service
- Deployment
- Pod
- Secret
最后NOTES开始是chart的一些用法
$ kubectl get pvc kneeling-puffin-mysql
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
kneeling-puffin-mysql Pending 14m
由于没有准备PV所以release不可用
[why@why-01 ~]$ helm list
NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE
kneeling-puffin 1 Mon Dec 10 23:51:05 2018 DEPLOYED mysql-0.10.2 5.7.14 default
[why@why-01 ~]$ helm delete kneeling-puffin
release "kneeling-puffin" deleted
helm list
显示已经部署的release而helm delete
可以删除release
chart
chart是Helm的应用打包格式。chart由一系列文件组成,这些文件描述了Kubernetes部署应用时所需要的资源,比如Service、Deployment、PersistentVolumeClaim、Secret、ConfigMap等。
chart可以很简单,例如只是部署一个简单的Memcache。复杂的可部署一整套包含Web,Database,Cache等的一套服务。
chart的目录结构
chart将这些文件放置在预定义的目录结构中,通常整个chart被打成tar包,而且标注上版本信息,便于Helm部署
[why@why-01 ~]$ ls ~/.helm/cache/archive/mysql-0.10.2.tgz
/home/why/.helm/cache/archive/mysql-0.10.2.tgz
[why@why-01 ~]$ tar xf ~/.helm/cache/archive/mysql-0.10.2.tgz
[why@why-01 ~]$ tree mysql
mysql
|-- Chart.yaml
|-- README.md
|-- templates
| |-- configurationFiles-configmap.yaml
| |-- deployment.yaml
| |-- _helpers.tpl
| |-- initializationFiles-configmap.yaml
| |-- NOTES.txt
| |-- pvc.yaml
| |-- secrets.yaml
| |-- svc.yaml
| `-- tests
| |-- test-configmap.yaml
| `-- test.yaml
`-- values.yaml
2 directories, 13 files
Chart.yaml
appVersion: 5.7.14
description: Fast, reliable, scalable, and easy to use open-source relational database
system.
engine: gotpl
home: https://www.mysql.com/
icon: https://www.mysql.com/common/logos/logo-mysql-170x115.png
keywords:
- mysql
- database
- sql
maintainers:
- email: o.with@sportradar.com
name: olemarkus
- email: viglesias@google.com
name: viglesiasce
name: mysql
sources:
- https://github.com/kubernetes/charts
- https://github.com/docker-library/mysql
version: 0.10.2
name和version是必填项,其他都是可选
README.md
README.md相当于chart的使用文档,文件可选
LICENSE
文本文件,描述chart的许可信息,文件可选
requirements.yaml
chart可能依赖其他的chart,这些依赖关系可通过requirements.yaml指定
dependencies:
- name: rabbitmq
version: 1.2.3
repository: http://rabbitmq.example.com/chart
- name: memcached
version: 3.2.1
repository: http://memcached.example.com/chart
在安装过程中,依赖的chart也会被一起安装
values.yaml
## mysql image version
## ref: https://hub.docker.com/r/library/mysql/tags/
##
image: "mysql"
imageTag: "5.7.14"
...省略部分
chart支持在安装的时根据参数进行定制化配置,而values.yaml则提供了这些配置参数的默认值
templates目录
各类Kubernetes资源的配置模板都放置在这里。Helm会将values.yaml中的参数值注入到模板中生成标准的YAML配置文件。
模板是chart最重要的部分,也是Helm最强大的地方。模板增加了应用部署的灵活性,能够适用不同的环境
templates/NOTES.txt
MySQL can be accessed via port 3306 on the following DNS name from within your cluster:
{{ template "mysql.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
{{- if .Values.existingSecret }}
If you have not already created the mysql password secret:
kubectl create secret generic {{ .Values.existingSecret }} --namespace {{ .Release.Namespace }} --from-file=./mysql-root-password --from-file=./mysql-password
{{ else }}
To get your root password run:
MYSQL_ROOT_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "mysql.fullname" . }} -o jsonpath="{.data.mysql-root-password}" | base64 --decode; echo)
{{- end }}
To connect to your database:
1. Run an Ubuntu pod that you can use as a client:
kubectl run -i --tty ubuntu --image=ubuntu:16.04 --restart=Never -- bash -il
2. Install the mysql client:
$ apt-get update && apt-get install mysql-client -y
3. Connect using the mysql cli, then provide your password:
$ mysql -h {{ template "mysql.fullname" . }} -p
To connect to your database directly from outside the K8s cluster:
{{- if contains "NodePort" .Values.service.type }}
MYSQL_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath='{.items[0].status.addresses[0].address}')
MYSQL_PORT=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "mysql.fullname" . }} -o jsonpath='{.spec.ports[0].nodePort}')
{{- else if contains "ClusterIP" .Values.service.type }}
MYSQL_HOST=127.0.0.1
MYSQL_PORT={{ .Values.service.port }}
# Execute the following command to route the connection:
kubectl port-forward svc/{{ template "mysql.fullname" . }} {{ .Values.service.port }}
{{- end }}
mysql -h ${MYSQL_HOST} -P${MYSQL_PORT} -u root -p${MYSQL_ROOT_PASSWORD}
与模板一样,可以在NOTE.txt中插入配置参数,Helm会动态注入参数值
charn模板
templates/secrets.yaml {{- if not .Values.existingSecret }} apiVersion: v1 kind: Secret metadata: name: {{ template "mysql.fullname" . }} labels: app: {{ template "mysql.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" type: Opaque data: {{ if .Values.mysqlRootPassword }} mysql-root-password: {{ .Values.mysqlRootPassword | b64enc | quote }} {{ else }} mysql-root-password: {{ randAlphaNum 10 | b64enc | quote }} {{ end }} {{ if .Values.mysqlPassword }} mysql-password: {{ .Values.mysqlPassword | b64enc | quote }} {{ else }} mysql-password: {{ randAlphaNum 10 | b64enc | quote }} {{ end }} {{- if .Values.ssl.enabled }} {{ if .Values.ssl.certificates }}
{{- range .Values.ssl.certificates }}
apiVersion: v1 kind: Secret metadata: name: {{ .name }} labels: app: {{ template "mysql.fullname" $ }} chart: "{{ $.Chart.Name }}-{{ $.Chart.Version }}" release: "{{ $.Release.Name }}" heritage: "{{ $.Release.Service }}" type: Opaque data: ca.pem: {{ .ca | b64enc }} server-cert.pem: {{ .cert | b64enc }} server-key.pem: {{ .key | b64enc }} {{- end }} {{- end }} {{- end }} {{- end }}
Helm的模板使用的是Go的模板语言
{{ template "mysql.fullname" . }}
定义Secret的name
关键字 template 的作用是引用一个子模板 mysql.fullname。这个子模板是在 templates/_helpers.tpl 文件中定义的
templates/_helpers.tpl
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "mysql.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "mysql.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- printf .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Generate chart secret name
*/}}
{{- define "mysql.secretName" -}}
{{ default (include "mysql.fullname" .) .Values.existingSecret }}
如果存在一些信息多个模板都会用到,则可在templates/_helpers.tpl
中将其定义为子模板,然后通过templates
函数引用,这里 mysql.fullname是由release与chart二者名字拼接组成
Chart和Release是Helm预定义的对象,每个对象都有自己的属性,可以在模板中使用。如果使用下面命令安装chart:
helm install stable/mysql -n my
那么:
{{ .Chart.Name }}
的值为mysql{{ .Chart.Version }}
的值为0.3.0{{ .Release.Name }}
的值为my{{ .Release.Service }}
始终取值为Tiller{{ template "mysql.fullname" . }}
计算结果为my-mysql
这里指定 mysql-root-password 的值,不过使用了 if-else 的流控制,其逻辑为: 如果 .Values.mysqlRootPassword 有值,则对其进行 base64 编码;否则随机生成一个 10 位的字符串并编码。
Values 也是预定义的对象,代表的是 values.yaml 文件。而 .Values.mysqlRootPassword 则是 values.yaml 中定义的 mysqlRootPassword 参数:
对于后边的passport
因为 mysqlRootPassword 被注释掉了,没有赋值,所以逻辑判断会走 else,即随机生成密码。
randAlphaNum、b64enc、quote 都是 Go 模板语言支持的函数,函数之间可以通过管道 | 连接。{{ randAlphaNum 10 | b64enc | quote }} 的作用是首先随机产生一个长度为 10 的字符串,然后将其 base64 编码,最后两边加上双引号。
templates/secrets.yaml 这个例子展示了 chart 模板主要的功能,我们最大的收获应该是:模板将 chart 参数化了,通过 values.yaml 可以灵活定制应用。
无论多复杂的应用,用户都可以用 Go 模板语言编写出 chart。无非是使用到更多的函数、对象和流控制。对于初学者,我的建议是尽量参考官方的 chart。根据二八定律,这些 chart 已经覆盖了绝大部分情况,而且采用了最佳实践。如何遇到不懂的函数、对象和其他语法,可参考官网文档 https://docs.helm.sh
chart安装
chart安装之前需要先清楚chart的使用方法
$ helm inspect values stable/mysql
## mysql image version
## ref: https://hub.docker.com/r/library/mysql/tags/
##
image: "mysql"
imageTag: "5.7.14"
## Specify password for root user
##
## Default: random 10 character string
# mysqlRootPassword: testing
...省略部分
输出的实际上是values.yaml的内容
## Persist data to a persistent volume
persistence:
enabled: true
## database data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessMode: ReadWriteOnce
size: 8Gi
annotations: {}
chart 定义了一个 PersistentVolumeClaim,申请 8G 的 PersistentVolume,所以需要预先创建好PV
apiVersion: v1
kind: PersistentVolume
metadata:
name: mypv1
spec:
capacity:
storage: 16Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs
nfs:
path: /data/nfs
server: 172.19.0.4
定制化安装 chart
除了接受 values.yaml 的默认值,我们还可以定制化 chart,比如设置 mysqlRootPassword。
Helm 有两种方式传递配置参数:
指定自己的 values 文件。 通常的做法是首先通过 helm inspect values mysql > myvalues.yaml生成 values 文件,然后设置 mysqlRootPassword,之后执行 helm install --values=myvalues.yaml mysql。
通过 --set 直接传入参数值,比如:
$ helm install stable/mysql --set mysqlRootPassword=abc123 -n my
通过 helm list 和 helm status 可以查看 chart 的最新状态
$ helm list
NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE
my 1 Tue Dec 11 20:52:19 2018 DEPLOYED mysql-0.10.2 5.7.14 default
$ helm status my
LAST DEPLOYED: Tue Dec 11 20:52:19 2018
NAMESPACE: default
STATUS: DEPLOYED
RESOURCES:
==> v1/ConfigMap
NAME DATA AGE
my-mysql-test 1 4m6s
==> v1/PersistentVolumeClaim
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
my-mysql Pending 4m6s
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
my-mysql ClusterIP 10.99.170.223 <none> 3306/TCP 4m6s
==> v1beta1/Deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
my-mysql 1 1 1 0 4m6s
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
my-mysql-7cbb466875-2478r 0/1 Pending 0 4m6s
==> v1/Secret
NAME TYPE DATA AGE
my-mysql Opaque 2 4m6s
升级和回滚release
release发布后可以执行helm upgrade
对其升级,通过--values
或--set
应用新的配置
$ kubectl get deployments my-mysql -o wide
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
my-mysql 0/1 1 0 6m56s my-mysql mysql:5.7.14 app=my-mysql
$ helm upgrade --set imageTag=5.7.15 my stable/mysql
$ kubectl get deployments my-mysql -o wide
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
my-mysql 0/1 1 0 7m41s my-mysql mysql:5.7.15 app=my-mysql
查看执行历史
$ helm history my
REVISION UPDATED STATUS CHART DESCRIPTION
1 Tue Dec 11 20:52:19 2018 SUPERSEDED mysql-0.10.2 Install complete
2 Tue Dec 11 20:59:24 2018 DEPLOYED mysql-0.10.2 Upgrade complete
helm history 可以查看 release 所有的版本。通过 helm rollback 可以回滚到任何版本。
$ helm history my
REVISION UPDATED STATUS CHART DESCRIPTION
1 Tue Dec 11 20:52:19 2018 SUPERSEDED mysql-0.10.2 Install complete
2 Tue Dec 11 20:59:24 2018 DEPLOYED mysql-0.10.2 Upgrade complete
$ helm rollback my 1
Rollback was a success! Happy Helming!
$ helm history my
REVISION UPDATED STATUS CHART DESCRIPTION
1 Tue Dec 11 20:52:19 2018 SUPERSEDED mysql-0.10.2 Install complete
2 Tue Dec 11 20:59:24 2018 SUPERSEDED mysql-0.10.2 Upgrade complete
3 Tue Dec 11 21:01:03 2018 DEPLOYED mysql-0.10.2 Rollback to 1
$ kubectl get deployments my-mysql -o wide
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
my-mysql 0/1 1 0 9m my-mysql mysql:5.7.14 app=my-mysql
创建chart
$ helm create mychart
Creating mychart
Helm会帮着创建各类的Helm的chart文件
$ tree mychart/
mychart/
|-- charts
|-- Chart.yaml
|-- templates
| |-- deployment.yaml
| |-- _helpers.tpl
| |-- ingress.yaml
| |-- NOTES.txt
| |-- service.yaml
| `-- tests
| `-- test-connection.yaml
`-- values.yaml
3 directories, 8 files
默认会有一个nginx的配置
$ cat mychart/values.yaml
# Default values for mychart.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
image:
repository: nginx
tag: stable
pullPolicy: IfNotPresent
nameOverride: ""
fullnameOverride: ""
service:
type: ClusterIP
port: 80
ingress:
enabled: false
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
paths: []
hosts:
- chart-example.local
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector: {}
tolerations: []
affinity: {}
调试chart
helm lint
会检测chart的语法,报告错误以及给出建议helm install --dry-run --debug
会模拟安装chart,并输出每个模板生成的YAML内容
随便删掉一点
$ helm lint mychart
==> Linting mychart
[INFO] Chart.yaml: icon is recommended
[ERROR] values.yaml: unable to parse YAML
error converting YAML to JSON: yaml: line 11: could not find expected ':'
Error: 1 chart(s) linted, 1 chart(s) failed
可以看到报错11行少一个:
而正常情况下
$ helm lint mychart
==> Linting mychart
[INFO] Chart.yaml: icon is recommended
1 chart(s) linted, no failures
模拟安装
$ helm install --dry-run --debug mychart
[debug] Created tunnel using local port: '35871'
[debug] SERVER: "127.0.0.1:35871"
[debug] Original chart version: ""
[debug] CHART PATH: /home/why/mychart
NAME: precise-grizzly
REVISION: 1
RELEASED: Fri Dec 14 00:09:10 2018
CHART: mychart-0.1.0
USER-SUPPLIED VALUES:
{}
COMPUTED VALUES:
affinity: {}
fullnameOverride: ""
image:
pullPolicy: IfNotPresent
repository: nginx
tag: stable
ingress:
annotations: {}
enabled: false
hosts:
- chart-example.local
paths: []
tls: []
nameOverride: ""
nodeSelector: {}
replicaCount: 1
resources: {}
service:
port: 80
type: ClusterIP
tolerations: []
HOOKS:
---
# precise-grizzly-mychart-test-connection
apiVersion: v1
kind: Pod
metadata:
name: "precise-grizzly-mychart-test-connection"
labels:
app.kubernetes.io/name: mychart
helm.sh/chart: mychart-0.1.0
app.kubernetes.io/instance: precise-grizzly
app.kubernetes.io/managed-by: Tiller
annotations:
"helm.sh/hook": test-success
spec:
containers:
- name: wget
image: busybox
command: ['wget']
args: ['precise-grizzly-mychart:80']
restartPolicy: Never
MANIFEST:
---
# Source: mychart/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: precise-grizzly-mychart
labels:
app.kubernetes.io/name: mychart
helm.sh/chart: mychart-0.1.0
app.kubernetes.io/instance: precise-grizzly
app.kubernetes.io/managed-by: Tiller
spec:
type: ClusterIP
ports:
- port: 80
targetPort: http
protocol: TCP
name: http
selector:
app.kubernetes.io/name: mychart
app.kubernetes.io/instance: precise-grizzly
---
# Source: mychart/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: precise-grizzly-mychart
labels:
app.kubernetes.io/name: mychart
helm.sh/chart: mychart-0.1.0
app.kubernetes.io/instance: precise-grizzly
app.kubernetes.io/managed-by: Tiller
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: mychart
app.kubernetes.io/instance: precise-grizzly
template:
metadata:
labels:
app.kubernetes.io/name: mychart
app.kubernetes.io/instance: precise-grizzly
spec:
containers:
- name: mychart
image: "nginx:stable"
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 80
protocol: TCP
livenessProbe:
httpGet:
path: /
port: http
readinessProbe:
httpGet:
path: /
port: http
resources:
{}
安装chart的方式
- 安装仓库中的chart,例如:
helm install stable/nginx
- 通过tar包安装,例如:
helm install ./nginx-1.2.3.tgz
- 通过chart本地目录安装,例如:
helm install ./nginx
- 通过URL安装,例如:
helm install https://example.com/charts/nginx-1.2.3.tgz
将chart添加到仓库
1.使用容器启动一个httpd服务
$ mkdir /var/www/
$ docker run -d -p 9999:80 -v /var/www/:/usr/local/apache2/htdocs/ httpd
2.打包chart
$ helm package mychart
Successfully packaged chart and saved it to: /home/why/mychart-0.1.0.tgz
3.生成仓库的index文件
$ mkdir myrepo
$ mv mychart-0.1.0.tgz myrepo/
$ helm repo index myrepo/ --url http://172.19.0.9:9999/charts
$ ls myrepo/
index.yaml mychart-0.1.0.tgz
4.上传
$ cp -r myrepo /var/www/charts
$ ls /var/www/charts
index.yaml mychart-0.1.0.tgz
5.将新仓库添加到 Helm
$ helm repo add newrepo http://172.19.0.9:9999/charts
"newrepo" has been added to your repositories
$ helm repo list
NAME URL
stable https://kubernetes-charts.storage.googleapis.com
local http://127.0.0.1:8879/charts
coreos https://s3-eu-west-1.amazonaws.com/coreos-charts/stable/
newrepo http://172.19.0.9:9999/charts
$ helm search mychart
NAME CHART VERSION APP VERSION DESCRIPTION
local/mychart 0.1.0 1.0 A Helm chart for Kubernetes
newrepo/mychart 0.1.0 1.0 A Helm chart for Kubernetes
6.更新
$ helm repo update