Helm v3从入门到实战


在学习Helm之前,你需要先对k8s的deployment/pod/service/ingress/pv/pvc/statefulset/configmap/vxlan/flannel/daemonset等要能够比较熟练的使用。

什么是Helm

helm的官网https://helm.sh/ ,上面讲了

The package manager for Kubernetes.
Helm is the best way to find, share, and use software built for Kubernetes.
Helm helps you manage Kubernetes applications — Helm Charts help you define, install, and upgrade even the most complex Kubernetes application.
Charts are easy to create, version, share, and publish — so start using Helm and stop the copy-and-paste.
Helm is a graduated project in the CNCF and is maintained by the Helm community.

包管理,helm是一个k8s包管理工具,好了,怎么理解?
举个例子,yum我们知道吧,它是rpm包管理工具,我们执行yum install mysql时,它会自动帮我们安装mysql和mysql需要的依赖,那helm的包管理了?
我再举个例子,我们在k8s部署一个mysql时,是不是要先编写deployment、services、ingress、pv、pvc、configmap等文件,当然我也可以把它们编写到一个文件,然后执行kubectl apply -f mysql.yml,而helm怎么安装mysql了? helm install mysql repo/mysql即可,如歌就这么理解了helm,其实还不对,因为你执行helm install时,helm怎么知道mysql的版本、要映射的端口、要配置的域名等,这些还是需要你去写helm格式的配置文件,这些文件的内容甚至比kubectl apply的文件还要多,所以那helm到底有哪些好处了?
我再举个例子,如果我们不同的项目也需要mysql时,我们是不是复制一下上面的mysql.yml然后修改一下里面的内容。比如service/ingress/pv/pvc等,如何有更新的项目,我们是不是继续复制修改复制修改,而helm了?helm只需编写一个helm模板的配置文件,然后多个项目应用部署时,只需要项目自己的参数即可。模板功能方便了我们部署k8s服务,这才是我们需要helm的地方,helm具体如何使用,我们继续看下面的内容。

安装Helm

下载链接,https://github.com/helm/helm/releases ,下载完后,解压即可

本文档是将helm安装在k8s主机
# tar -zxvf helm-v3.2.1-linux-amd64.tar.gz
# cp linux-amd64/helm /usr/local/bin/
# helm version
version.BuildInfo{Version:"v3.2.1", GitCommit:"fe51cd1e31e6a202cba7dead9552a6d418ded79a", GitTreeState:"clean", GoVersion:"go1.13.10"}

Helm基本架构


这里的kube-config就是连接kube-apiserver的配置信息。我的helm安装在k8s主机且是root账户,所以我不用再配置kube-config,下面是helm配置文件和连接kube-apiserver配置文件相关说明,helm --help可以看到

Environment variables:

| Name                               | Description                                                                       |
|------------------------------------|-----------------------------------------------------------------------------------|
| $XDG_CACHE_HOME                    | set an alternative location for storing cached files.                             |
| $XDG_CONFIG_HOME                   | set an alternative location for storing Helm configuration.                       |
| $XDG_DATA_HOME                     | set an alternative location for storing Helm data.                                |
| $HELM_DRIVER                       | set the backend storage driver. Values are: configmap, secret, memory, postgres   |
| $HELM_DRIVER_SQL_CONNECTION_STRING | set the connection string the SQL storage driver should use.                      |
| $HELM_NO_PLUGINS                   | disable plugins. Set HELM_NO_PLUGINS=1 to disable plugins.                        |
| $KUBECONFIG                        | set an alternative Kubernetes configuration file (default "~/.kube/config")       |

Helm stores configuration based on the XDG base directory specification, so

- cached files are stored in $XDG_CACHE_HOME/helm
- configuration is stored in $XDG_CONFIG_HOME/helm
- data is stored in $XDG_DATA_HOME/helm

By default, the default directories depend on the Operating System. The defaults are listed below:

| Operating System | Cache Path                | Configuration Path             | Data Path               |
|------------------|---------------------------|--------------------------------|-------------------------|
| Linux            | $HOME/.cache/helm         | $HOME/.config/helm             | $HOME/.local/share/helm |
| macOS            | $HOME/Library/Caches/helm | $HOME/Library/Preferences/helm | $HOME/Library/helm      |
| Windows          | %TEMP%\helm               | %APPDATA%\helm                 | %APPDATA%\helm          |

使用helm部署mysql

我们先使用外部仓库定义的Charts来安装一个mysql开始,逐步揭开helm的面纱。

添加仓库

# helm repo add stable http://mirror.azure.cn/kubernetes/charts
# helm repo add aliyun https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts 
# helm repo list
NAME   	URL                                                   
elastic	https://helm.elastic.co                               
stable 	http://mirror.azure.cn/kubernetes/charts              
aliyun 	https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts

查找charts

# helm search repo mysql
NAME                            	CHART VERSION	APP VERSION	DESCRIPTION                                       
aliyun/mysql                    	0.3.5        	           	Fast, reliable, scalable, and easy to use open-...
stable/mysql                    	1.6.3        	5.7.28     	Fast, reliable, scalable, and easy to use open-...
stable/mysqldump                	2.6.0        	2.4.1      	A Helm chart to help backup MySQL databases usi...
...

安装mysql

# helm install aliyun aliyun/mysql
Error: unable to build kubernetes objects from release manifest: unable to recognize "": no matches for kind "Deployment" in version "extensions/v1beta1"

居然报错了,deploument不支持的版本
把charts下载下来,看看里面的内容

# helm pull aliyun/mysql
# tar -zxvf mysql-0.3.5.tgz
# more mysql/templates/deployment.yaml 
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
...(省略输出)
# kubectl api-resources
NAME                              SHORTNAMES   APIGROUP                       NAMESPACED   KIND
deployments                       deploy       apps                           true         Deployment

这个说明deployment只支持apps的版本(没找到官方说明论证),这也就是外部仓库的charts不一定会及时更新,我们拿来不一定能够直接使用,下面我改为安装stable/mysql。

# helm install db stable/mysql
NAME: db
LAST DEPLOYED: Sun May 17 17:03:59 2020
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
MySQL can be accessed via port 3306 on the following DNS name from within your cluster:
db-mysql.default.svc.cluster.local

To get your root password run:

    MYSQL_ROOT_PASSWORD=$(kubectl get secret --namespace default db-mysql -o jsonpath="{.data.mysql-root-password}" | base64 --decode; echo)

To connect to your database:

1. Run an Ubuntu pod that you can use as a client:

    kubectl run -i --tty ubuntu --image=ubuntu:16.04 --restart=Never -- bash -il

2. Install the mysql client:

    $ apt-get update && apt-get install mysql-client -y

3. Connect using the mysql cli, then provide your password:
    $ mysql -h db-mysql -p

To connect to your database directly from outside the K8s cluster:
    MYSQL_HOST=127.0.0.1
    MYSQL_PORT=3306

    # Execute the following command to route the connection:
    kubectl port-forward svc/db-mysql 3306

    mysql -h ${MYSQL_HOST} -P${MYSQL_PORT} -u root -p${MYSQL_ROOT_PASSWORD}

查看安装

# helm list
NAME	NAMESPACE	REVISION	UPDATED                                	STATUS  	CHART      	APP VERSION
db  	default  	1       	2020-05-17 17:03:59.299616407 +0800 CST	deployed	mysql-1.6.3	5.7.28
# kubectl get pod
NAME                          READY   STATUS             RESTARTS   AGE
db-mysql-8564f79ccb-gg9tw     0/1     Pending            0          100s

pending状态,我们再继续查看状态,下面省略部分输出

# kubectl describe pod db-mysql-8564f79ccb-gg9tw
Name:           db-mysql-8564f79ccb-gg9tw
Namespace:      default
Priority:       0
Node:           <none>
Labels:         app=db-mysql
                pod-template-hash=8564f79ccb
                release=db
Annotations:    <none>
Status:         Pending

Conditions:
  Type           Status
  PodScheduled   False 
Volumes:
  data:
    Type:       PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
    ClaimName:  db-mysql
    ReadOnly:   false
  default-token-plkbj:
    Type:        Secret (a volume populated by a Secret)
    SecretName:  default-token-plkbj
    Optional:    false
QoS Class:       Burstable
Node-Selectors:  <none>
Tolerations:     node.kubernetes.io/not-ready:NoExecute for 300s
                 node.kubernetes.io/unreachable:NoExecute for 300s
Events:
  Type     Reason            Age        From               Message
  ----     ------            ----       ----               -------
  Warning  FailedScheduling  <unknown>  default-scheduler  pod has unbound immediate PersistentVolumeClaims (repeated 2 times)
  Warning  FailedScheduling  <unknown>  default-scheduler  pod has unbound immediate PersistentVolumeClaims (repeated 2 times)

创建pvc失败,查看pvc

# kubectl get pvc
NAME                       STATUS    VOLUME   CAPACITY   ACCESS MODES   STORAGECLASS   AGE
db-mysql                   Pending                                                     3m32s
# kubectl get pvc/db-mysql -o yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  annotations:
    meta.helm.sh/release-name: db
    meta.helm.sh/release-namespace: default
  creationTimestamp: "2020-05-17T09:03:59Z"
  finalizers:
  - kubernetes.io/pvc-protection
  labels:
    app: db-mysql
    app.kubernetes.io/managed-by: Helm
    chart: mysql-1.6.3
    heritage: Helm
    release: db
  name: db-mysql
  namespace: default
  resourceVersion: "14924757"
  selfLink: /api/v1/namespaces/default/persistentvolumeclaims/db-mysql
  uid: a7b438a3-9513-410d-ae8c-6cbb083fcc1e
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 8Gi
  volumeMode: Filesystem
status:
  phase: Pending

需要8G的PV,那我创建PV,

# cat pv.yml
apiVersion: v1
kind: PersistentVolume
metadata:
  name: dbdata       # 修改PV名称
spec:
  capacity:
    storage: 8Gi   # 修改大小
  accessModes:
    - ReadWriteOnce
  nfs:
    path: /data/nfs/dbdata   # 修改目录名
    server: x.x.x.x

# kubectl apply -f pv.yml

再查看安装

# kubectl get pvc
NAME                       STATUS   VOLUME   CAPACITY   ACCESS MODES   STORAGECLASS   AGE
db-mysql                   Bound    dbdata   8Gi        RWO                           6m8s
# kubectl get pod (安装需要一定的时间,可以通过下面的命令查看状态)
# kubectl describe pod db-mysql-8564f79ccb-gg9tw
# kubectl logs db-mysql-8564f79ccb-gg9tw

# kubectl get pod
NAME                          READY   STATUS             RESTARTS   AGE
db-mysql-8564f79ccb-gg9tw     1/1     Running            0          9m43s

直接进入容器,查看mysql可以使用

# 查看mysql密码
# kubectl get secret --namespace default db-mysql -o jsonpath="{.data.mysql-root-password}" | base64 --decode; echo
# kubectl exec -it db-mysql-8564f79ccb-gg9tw bash
# mysql -uroot -p

几个概念

通过上面的安装,我们需要了解下面几个概念

名字 描述
Charts 应用部署配置模板集
Release 将charts应用到本地的实例
Repo Charts仓库

Helm命令解析

命令 描述
create 创建应用模板
install 安装charts
list 列出本地release
pull 下载charts到本地目录
package 将chart目录打包为chart归档包
show 查看cahrts内容
uninstall 卸载release
upgrade 更新releasr
version 查看helm版本号

Chart模板

可参考 https://helm.sh/docs/chart_template_guide/

# helm create nginx
# tree .
.
├── charts
├── Chart.yaml
├── templates
│   ├── deployment.yaml
│   ├── _helpers.tpl
│   ├── hpa.yaml
│   ├── ingress.yaml
│   ├── NOTES.txt
│   ├── serviceaccount.yaml
│   ├── service.yaml
│   └── tests
│       └── test-connection.yaml
└── values.yaml

3 directories, 10 files

编写中...

使用Harbor作为Helm Cahrts仓库

# helm package nginx/
Successfully packaged chart and saved it to: /root/nginx-0.1.0.tgz

# ll
total 8
drwxr-xr-x 4 root root 4096 May 17 19:10 nginx
-rw-r--r-- 1 root root 3572 May 17 21:38 nginx-0.1.0.tgz

# tar -tvf nginx-0.1.0.tgz 
-rw-r--r-- 0/0             120 2020-05-17 21:38 nginx/Chart.yaml
-rw-r--r-- 0/0            1798 2020-05-17 21:38 nginx/values.yaml
-rw-r--r-- 0/0            1573 2020-05-17 21:38 nginx/templates/NOTES.txt
-rw-r--r-- 0/0            1800 2020-05-17 21:38 nginx/templates/_helpers.tpl
-rw-r--r-- 0/0            1818 2020-05-17 21:38 nginx/templates/deployment.yaml
-rw-r--r-- 0/0             902 2020-05-17 21:38 nginx/templates/hpa.yaml
-rw-r--r-- 0/0            1048 2020-05-17 21:38 nginx/templates/ingress.yaml
-rw-r--r-- 0/0             355 2020-05-17 21:38 nginx/templates/service.yaml
-rw-r--r-- 0/0             316 2020-05-17 21:38 nginx/templates/serviceaccount.yaml
-rw-r--r-- 0/0             381 2020-05-17 21:38 nginx/templates/tests/test-connection.yaml
-rw-r--r-- 0/0             349 2020-05-17 21:38 nginx/.helmignore

我们的Harbor需要在安装的时候指定安装Helm模块,helm也需要安装push插件。
编写中...

posted @ 2020-05-17 17:27  电神  阅读(3663)  评论(0编辑  收藏  举报