什么是helm?在没有这个helm之前,deployment service ingress
helm的作用
通过打包的方式,把deployment service ingress等打包在一块,一键式的部署服务,类似yum安装
官方提供的一个类似与安装仓库额功能,可以实现一键化部署应用
helm的概念
三个部分组成
1、chartL helm的软件包,部署包,service ingress,定义好的yaml资源,类似于yum的rpm包
2、Release 可以理解为版本,也可以理解为在安装过程中,给这个部署的应用起一个名字
3、Repository 仓库,提供一个服务器,这个服务器中包含chartL的资源,yaml的资源保存的地址
版本
helm3 命令行
helm3 纯命令行方式
把源码包拖到helm
helm-v3.12.0-linux-amd64.tar.gz
解压
tar -xf helm-v3.12.0-linux-amd64.tar.gz
进入linux-amd64/
cd linux-amd64/
把helm拖到usr/local/bin下
mv helm /usr/local/bin/helm
添加自动补全
vim /etc/profile
source <(helm completion bash)
立刻生效
source /etc/profile
搜索资源
helm search repo aliyun | grep nginx
查看chart的详细信息
helm show chart bitnami/nginx(一般)
helm show all bitnami/nginx(所有)
安装
helm install my-nginx bitnami/nginx
helm install 安装
my-nginx 安装的名称或者版本
bitnami/nginx bitnami仓库名,nginx就是chart一系列yaml资源的集合
删除
helm uninstall my-nginx
helm install bitnami/nginx --generate-name
--generate-name 随机指定Release名称
helm ls 查看所有安装Releasehelm自定义模版
根据自己的需求,自定义chart,然后部署到集群当中
拉取包(mysql)
helm pull stable/mysql
解压
tar -xf mysql-1.6.9.tgz
创建nginx
helm create nginx
查看创建的nginx的目录
tree nginx
nginx/
├── charts
├── Chart.yaml
├── templates
│ ├── deployment.yaml
│ ├── _helpers.tpl
│ ├── hpa.yaml
│ ├── ingress.yaml
│ ├── NOTES.txt
│ ├── serviceaccount.yaml
│ ├── service.yaml
│ └── tests
│ └── test-connection.yaml
└── values.yaml
charts 用于存储依赖,如果这个chart依赖于其他的chart,依赖文件保存在这个目录
Chart.yaml helm chart的元数据文件,包含了这个chart的名称,版本,维护者信息等等
Template 包含清单模版目录
deployment.yaml 部署应用的模版文件
helpers.tpl 帮助文档,告诉用户如何来定义模版的值
hpa.yaml 定义了应用程序副本数的扩缩容行为
ingress.yaml 定义了外部流量如何转发到应用程序
NOTES.txt 注意事项
serviceaccount.yaml 应用程序的服务账号
service.yaml 集群内部的访问
tests test-connection.yaml 测试的目录和文件,部署完chart之后,用来测试的文件
values.yaml 核心文件,自定义的值,都是通过values.yaml,把我们数据覆盖到安装的chart
修改values.yaml
# Default values for nginx.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 3
#创建的副本数
image:
repository: nginx
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: "1.22"
#指向镜像的版本
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
service:
type: ClusterIP
port: 80
ingress:
enabled: true
className: ""
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: www.lucky-cloud.yaml
paths:
- path: /
pathType: Prefix
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
limits:
cpu: "1"
memory: 512Mi
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}
验证语法
[root@master01 linux-amd64]# helm lint nginx
==> Linting nginx
[INFO] Chart.yaml: icon is recommended
1 chart(s) linted, 0 chart(s) failed
打包
helm package nginx
Successfully packaged chart and saved it to: /opt/helm/linux-amd64/nginx-0.1.0.tgz
部署
helm install nginx-11 ./nginx --dry-run --debug
helm install 安装chart
nginx-11 Release版本号
./nginx 当前目录下的nginx的chart
--dry-run --debug 这个chart不会被部署到集群当中,参数验证,测试chart的配置是否正确
安装
方法一
helm install nginx-11 ./nginx -n default
方法二
helm install nginx-11 /opt/helm/linux-amd64/nginx-0.1.0.tgz -n default
删除
helm uninstall nginx-11修改chart之后重新部署
修改values.yaml
.......
service:
type: NodePort
port: 80
nodePort: 31000
ingress:
enabled: false
className: ""
annotations: {}
......
修改service.yaml
apiVersion: v1
kind: Service
metadata:
name: {{ include "nginx.fullname" . }}
labels:
{{- include "nginx.labels" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
nodePort: {{.Values.service.nodePort}}
selector:
{{- include "nginx.selectorLabels" . | nindent 4 }}
检测
helm lint nginx
更新
helm upgrade nginx-11 nginx回滚
查看回滚
helm history nginx-11
REVISION UPDATED STATUS CHART APP VERSION DESCRIPTION
1 Sun Jan 21 21:17:54 2024 superseded nginx-0.1.0 1.16.0 Install complete
2 Sun Jan 21 21:46:04 2024 deployed nginx-0.2.0 1.16.0 Upgrade complete
helm rollback nginx-11 1上传Harbor
修改Harbor
.....
harbor_admin_password: 123456
chart:
absolute_url: enabled
......
运行脚本
./install.sh
mkdir -p ~/.local/share/helm/plugins/helm-push
tar -xf helm-push_0.8.1_linux_amd64.tar.gz -C ~/.local/share/helm/plugins/helm-push
docker login -u admin -p 123456 https://hub.test.com
上传
helm push nginx-0.2.0.tgz oci://hub.test.com/charts --insecure-skip-tls-verif
