目录
helm
部署helm
封装chart包
上传chart到OCI仓库
部署wordpress博客系统
helm部署storageclass
helm部署ingress-nginx
helm部署metrics-server
kubeapps
更新
helm
部署helm
官网: Helm | 快速入门指南
https://github.com/helm/helm/releases
[root@k8s2 ~]# tar zxf helm-v3.11.0-linux-amd64.tar.gz
[root@k8s2 ~]# cd linux-amd64/
[root@k8s2 linux-amd64]# mv helm /usr/local/bin/
配置helm命令补齐
[root@k8s2 ~]# echo "source <(helm completion bash)" >> ~/.bashrc
[root@k8s2 ~]# source ~/.bashrc
[root@k8s2 ~]# helm version
查询官方应用中心
[root@k8s2 ~]# helm search hub nginx
添加第三方repo源
[root@k8s2 ~]# helm repo add my-repo https://charts.bitnami.com/bitnami
"my-repo" has been added to your repositories
[root@k8s2 ~]# helm repo list
拉取应用
[root@k8s2 helm]# helm pull my-repo/nginx
[root@k8s2 helm]# tar zxf nginx-13.2.29.tgz
[root@k8s2 helm]# cd nginx/
按需修改
[root@k8s2 nginx]# vim values.yaml
上传镜像
[root@k8s1 ~]# docker pull bitnami/nginx:1.23.3-debian-11-r33
[root@k8s1 ~]# docker tag bitnami/nginx:1.23.3-debian-11-r33 reg.westos.org/bitnami/nginx:1.23.3-debian-11-r33
[root@k8s1 ~]# docker push reg.westos.org/bitnami/nginx:1.23.3-debian-11-r33
部署应用
[root@k8s2 nginx]# helm install myapp .
再次修改配置
[root@k8s2 nginx]# vim values.yaml
更新应用
[root@k8s2 nginx]# helm upgrade myapp .
查看应用
[root@k8s2 nginx]# helm list
查看应用历史
[root@k8s2 helm]# helm history myapp
回滚应用
[root@k8s2 nginx]# helm rollback myapp 1
回收
[root@k8s2 helm]# helm uninstall myapp
封装chart包
[root@k8s2 helm]# helm create mychart //创建一个名为mychart的Helm chart
[root@k8s2 mychart]# vim Chart.yaml //元数据文件
[root@k8s2 mychart]# vim values.yaml //默认配置文件
检测语法
[root@k8s2 helm]# helm lint mychart/ //检测语法
[root@k8s2 helm]# helm package mychart/ //打包
[root@k8s2 helm]# helm install myapp mychart-0.1.0.tgz //部署应用
[root@k8s2 helm]# helm list //列出当前安装的所有Helm chart
[root@k8s2 helm]# helm uninstall myapp //回收
测试
更新
查看历史、回滚
上传chart到OCI仓库
复制仓库证书
[root@k8s2 helm]# cp /etc/docker/certs.d/reg.westos.org/ca.crt /etc/pki/tls/certs/
登录仓库
[root@k8s2 helm]# helm registry login reg.westos.org -u admin -p shg12345
查看默认缓存信息
[root@k8s2 helm]# helm env
提前在harbor仓库创建charts项目,这个仓库专门存放chart包
上传chart
helm push mychart-0.2.0.tgz oci://reg.westos.org/charts
下载chart,默认下载最新版本
helm pull oci://reg.westos.org/charts/mychart
helm pull oci://reg.westos.org/charts/mychart --version 0.2.0
安装chart
helm install myapp oci://reg.westos.org/charts/mychart --version 0.2.0
升级
helm upgrade myapp oci://reg.westos.org/charts/mychart --version 0.3.0
部署wordpress博客系统
部署mysql数据库集群
vim mysql-values.yaml
global:
imageRegistry: reg.westos.org
architecture: replication
auth:
rootPassword: westos
database: wordpress
username: wordpress
password: wordpress
replicationUser: replicator
replicationPassword: westos
helm install --wait mydbcluster -f mysql-values.yaml mysql-9.14.2.tgz
查看部署信息
helm get manifest mydbcluster |kubectl get -f -
连接数据库
MYSQL_ROOT_PASSWORD=$(kubectl get secret --namespace default mydbcluster-mysql -o jsonpath="{.data.mysql-root-password}" | base64 -d)
echo $MYSQL_ROOT_PASSWORD
kubectl run mydbcluster-mysql-client --rm --tty -i --restart='Never' --image reg.westos.org/bitnami/mysql:8.0.35-debian-11-r0 --namespace default --env MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD --command -- bash
连接主库
mysql -h mydbcluster-mysql-primary.default.svc.cluster.local -uroot -p"$MYSQL_ROOT_PASSWORD"
连接从库
mysql -h mydbcluster-mysql-secondary.default.svc.cluster.local -uroot -p"$MYSQL_ROOT_PASSWORD"
部署wordpress
vim wordpress-values.yaml
global:
imageRegistry: reg.westos.org
wordpressUsername: james
wordpressPassword: james
mariadb:
enabled: false
externalDatabase:
host: mydbcluster-mysql-primary
user: wordpress
password: wordpress
database: wordpress
helm install myblog -f wordpress-values.yaml wordpress-18.1.6.tgz
等待myblog初始化完毕
kubectl logs myblog-wordpress-* -f
获取myblog 外部IP
helm get manifest myblog |kubectl get -f -
使用浏览器访问wordpress
http://EXTERNAL-IP/admin
登录用户、密码: james/james
升级mydbcluster
vim mysql-values-update.yaml
global:
imageRegistry: reg.westos.org
architecture: replication
auth:
rootPassword: westos
database: wordpress
username: wordpress
password: wordpress
replicationUser: replicator
replicationPassword: westos
secondary:
replicaCount: 2
helm upgrade --atomic --timeout 10m mydbcluster -f mysql-values-update.yaml mysql-9.14.2.tgz
查看历史修订
helm history mydbcluster
helm get manifest mydbcluster --revision 1
回滚版本
helm rollback mydbcluster 1
helm history mydbcluster
helm部署storageclass
删除原有的部署
[root@k8s2 nfs]# ls
class.yaml deployment.yaml pod.yaml pvc.yaml rbac.yaml
[root@k8s2 nfs]# kubectl delete -f .
添加repo
[root@k8s2 helm]# helm repo add nfs-subdir-external-provisioner https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner/
[root@k8s2 ~]# helm search repo nfs-subdir-external-provisioner
[root@k8s2 helm]# helm pull nfs-subdir-external-provisioner/nfs-subdir-external-provisioner
[root@k8s2 helm]# tar zxf nfs-subdir-external-provisioner-4.0.18.tgz
[root@k8s2 helm]# cd nfs-subdir-external-provisioner/
[root@k8s2 nfs-subdir-external-provisioner]# vim values.yaml
创建namespace
[root@k8s2 nfs-subdir-external-provisioner]# kubectl create namespace nfs-provisioner
部署应用
[root@k8s2 nfs-subdir-external-provisioner]# helm install nfs-provisioner . -n nfs-provisioner
方法二
[root@k8s2 helm]#vim nfs-client-values.yaml
image:
repository: sig-storage/nfs-subdir-external-provisioner
tag: v4.0.2
nfs:
server: 192.168.81.10
path: /nfsdata
storageClass:
defaultClass: true
reclaimPolicy: Delete
archiveOnDelete: false
kubectl create namespace nfs-provisioner
helm -n nfs-provisioner install nfs-client --wait -f charts/values/nfs-client-values.yaml nfs-subdir-external-provisioner/nfs-subdir-external-provisioner --version 4.0.18
测试
[root@k8s2 nfs]# kubectl apply -f pvc.yaml
[root@k8s2 nfs]# kubectl get pvc
helm部署ingress-nginx
回收原有部署
[root@k8s2 ingress]# kubectl delete -f deploy.yaml
[root@k8s2 helm]# helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
[root@k8s2 ~]# helm search repo ingress-nginx
[root@k8s2 helm]# helm pull ingress-nginx/ingress-nginx
[root@k8s2 helm]# tar zxf ingress-nginx-4.8.3.tgz
[root@k8s2 helm]# cd ingress-nginx/
[root@k8s2 ingress-nginx]# vim values.yaml
创建namespace
[root@k8s2 ingress-nginx]# kubectl create namespace ingress-nginx
部署应用
[root@k8s2 ingress-nginx]# helm install ingress-nginx . -n ingress-nginx
方法二
vim ingress-nginx-values.yaml
controller:
image:
registry: reg.westos.org
image: ingress-nginx/controller
tag: "v1.9.4"
digest: ""
digestChroot: ""
ingressClassResource:
name: nginx
default: true
service:
type: LoadBalancer
admissionWebhooks:
patch:
image:
registry: reg.westos.org
image: ingress-nginx/kube-webhook-certgen
tag: v20231011-8b53cabe0
digest: ""
kubectl create namespace ingress-nginx
helm -n ingress-nginx install ingress-nginx -f ingress-nginx-values.yaml ingress-nginx-4.8.3.tgz
helm -n ingress-nginx get manifest ingress-nginx |kubectl get -f -
测试
helm部署metrics-server
回收原有部署
[root@k8s2 metrics]# kubectl delete -f components.yaml
[root@k8s2 helm]# helm repo add metrics-server
[root@k8s2 dashboard]# helm search repo metrics-server
[root@k8s2 helm]# helm pull metrics-server/metrics-server
[root@k8s2 helm]# tar zxf metrics-server-3.8.4.tgz
[root@k8s2 helm]# cd metrics-server
[root@k8s2 metrics-server]# vim values.yaml
创建namespace
[root@k8s2 metrics-server]# kubectl create namespace metrics-server
部署应用
[root@k8s2 metrics-server]# helm install metrics-server . -n metrics-server
方法二:
vim metrics-server-values.yaml
image:
repository: metrics-server/metrics-server
tag: "v0.6.4"
defaultArgs:
- --cert-dir=/tmp
- --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
- --kubelet-use-node-status-port
- --metric-resolution=15s
- --kubelet-insecure-tls
kubectl create namespace metrics-server
helm -n metrics-server install metrics-server -f charts/values/metrics-server-values.yaml metrics-server-3.11.0.tgz
kubeapps
更新
上传镜像
vim kubeapps-values.yaml
global:
imageRegistry: reg.westos.org
ingress:
enabled: true
hostname: kubeapps.westos.org
ingressClassName: nginx
postgresql:
primary:
persistence:
enabled: true
redis:
master:
persistence:
enabled: true
kubectl create namespace kubeapps
helm -n kubeapps install kubeapps -f kubeapps-values.yaml kubeapps-14.0.2.tgz
kubectl -n kubeapps edit svc kubeapps
kubectl create serviceaccount kubeapps-operator -n kubeapps
kubectl create clusterrolebinding kubeapps-operator --clusterrole=cluster-admin --serviceaccount=kubeapps:kubeapps-operator
kubectl -n kubeapps create token kubeapps-operator
用token访问192.168.81.102
