k8s helm基础
Helm 介绍
Helm是一款将Kubernetes应用打包为“图表”格式,并基于该格式完成应用管理的工具。类似于Linux系统上的yum或apt-get等包管理器,可以帮助用户查找、分享及管理Kubernetes应用程序。Helm 概念
Chart: 代表着 Helm 包。它包含在 Kubernetes 集群内部运行应用程序,工具或服务所需的所有资源定义。你可以把它看作是 Homebrew formula,Apt dpkg,或 Yum RPM 在Kubernetes 中的等价物。
Repository(仓库): 是用来存放和共享 charts 的地方。它就像 Perl 的 CPAN 档案库网络 或是 Fedora 的 软件包仓库,只不过它是供 Kubernetes 包所使用的。
Release: 是运行在 Kubernetes 集群中的 chart 的实例。一个 chart 通常可以在同一个集群中安装多次。每一次安装都会创建一个新的 release。以 MySQL chart为例,如果你想在你的集群中运行两个数据库,你可以安装该chart两次。每一个数据库都会拥有它自己的 release 和 release name。Helm 优势
▪ 管理复杂应用:Chart能够描述哪怕是最复杂的程序结构,提供了可重复使用的应用安装的定义。
▪ 易于升级:使用就地升级和自定义钩子来解决更新的难题。
▪ 简单分享:Chart易于通过公共或私有服务完成版本化、共享及主机构建,且目前有众多成熟的Chart可供使用。
▪ 回滚:使用helm rollback命令轻松实现快速回滚。Helm 版本支持
Helm 安装
先决条件
1. 使用Helm,需要一个Kubernetes集群。对于Helm的最新版本,我们建议使用Kubernetes的最新稳定版, 在大多数情况下,它是倒数第二个次版本。
2. 部署节点需要有运行 kubectl。Helm 下载
# wget https://get.helm.sh/helm-v3.12.3-linux-amd64.tar.gzHelm 解压
# tar xf helm-v3.12.3-linux-amd64.tar.gz
# mv linux-amd64/helm /usr/local/bin/Helm 验证信息
# helm versionversion.BuildInfo{Version:"v3.12.3", GitCommit:"3a31588ad33fe3b89af5a2a54ee1d25bfe6eaa5e", GitTreeState:"clean", GoVersion:"go1.20.7"}Helm 管理应用示例
helm repo 仓库管理
helm repo 提供了一组命令用于添加、列出和移除仓库。helm repo add - add a chart repository
helm repo index - generate an index file given a directory containing packaged charts
helm repo list - list chart repositories
helm repo remove - remove one or more chart repositories
helm repo update - update information of available charts locally from chart repositories示例
# helm repo add prometheus-community https://prometheus-community.github.io/helm-charts"prometheus-community" has been added to your repositories# helm repo updateHang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "prometheus-community" chart repository
Update Complete. ⎈Happy Helming!⎈# helm repo listNAME URL
prometheus-community https://prometheus-community.github.io/helm-chartshelm search 查找 Charts
Helm 自带一个强大的搜索命令,可以用来从两种来源中进行搜索:
helm search hub 从 Artifact Hub 中查找并列出 helm charts。 Artifact Hub中存放了大量不同的仓库。
helm search repo 从你添加(使用 helm repo add)到本地 helm 客户端中的仓库中进行查找。该命令基于本地数据进行搜索,无需连接互联网。示例
# helm search hub prometheusURL CHART VERSION APP VERSION DESCRIPTION
https://artifacthub.io/packages/helm/prometheus... 24.3.0 v2.46.0 Prometheus is a monitoring system and time seri...
https://artifacthub.io/packages/helm/truecharts... 12.1.2 2.46.0 kube-prometheus-stack collects Kubernetes manif...
...# helm search repo prometheusNAME CHART VERSION APP VERSION DESCRIPTION
prometheus-community/kube-prometheus-stack 50.3.1 v0.67.1 kube-prometheus-stack collects Kubernetes manif...
prometheus-community/prometheus 24.3.0 v2.46.0 Prometheus is a monitoring system and time seri...
prometheus-community/prometheus-adapter 4.4.1 v0.11.0 A Helm chart for k8s prometheus adapter
prometheus-community/prometheus-blackbox-exporter 8.3.0 v0.24.0 Prometheus Blackbox Exporter
prometheus-community/prometheus-cloudwatch-expo... 0.25.1 0.15.4 A Helm chart for prometheus cloudwatch-exporter
prometheus-community/prometheus-conntrack-stats... 0.5.7 v0.4.15 A Helm chart for conntrack-stats-exporter
prometheus-community/prometheus-consul-exporter 1.0.0 0.4.0 A Helm chart for the Prometheus Consul Exporter
prometheus-community/prometheus-couchdb-exporter 1.0.0 1.0 A Helm chart to export the metrics from couchdb...
prometheus-community/prometheus-druid-exporter 1.1.0 v0.11.0 Druid exporter to monitor druid metrics with Pr...
prometheus-community/prometheus-elasticsearch-e... 5.2.0 1.5.0 Elasticsearch stats exporter for Prometheus
prometheus-community/prometheus-fastly-exporter 0.1.2 7.2.4 A Helm chart for the Prometheus Fastly Exporter
prometheus-community/prometheus-json-exporter 0.7.1 v0.5.0 Install prometheus-json-exporter
prometheus-community/prometheus-kafka-exporter 2.4.0 v1.6.0 A Helm chart to export the metrics from Kafka i...
prometheus-community/prometheus-modbus-exporter 0.1.0 0.4.0 A Helm chart for prometheus-modbus-exporter
prometheus-community/prometheus-mongodb-exporter 3.3.0 0.31.0 A Prometheus exporter for MongoDB metrics
prometheus-community/prometheus-mysql-exporter 2.0.0 v0.15.0 A Helm chart for prometheus mysql exporter with...
prometheus-community/prometheus-nats-exporter 2.13.0 0.12.0 A Helm chart for prometheus-nats-exporter
prometheus-community/prometheus-nginx-exporter 0.1.1 0.11.0 A Helm chart for the Prometheus NGINX Exporter
prometheus-community/prometheus-node-exporter 4.23.0 1.6.1 A Helm chart for prometheus node-exporter
prometheus-community/prometheus-operator 9.3.2 0.38.1 DEPRECATED - This chart will be renamed. See ht...
prometheus-community/prometheus-operator-admiss... 0.6.0 0.67.0 Prometheus Operator Admission Webhook
prometheus-community/prometheus-operator-crds 5.1.0 0.67.0 A Helm chart that collects custom resource defi...
prometheus-community/prometheus-pgbouncer-exporter 0.1.1 1.18.0 A Helm chart for prometheus pgbouncer-exporter
prometheus-community/prometheus-pingdom-exporter 2.5.0 20190610-1 A Helm chart for Prometheus Pingdom Exporter
prometheus-community/prometheus-pingmesh-exporter 0.3.0 v1.1.0 Prometheus Pingmesh Exporter
prometheus-community/prometheus-postgres-exporter 5.0.0 v0.13.2 A Helm chart for prometheus postgres-exporter
prometheus-community/prometheus-pushgateway 2.4.0 v1.6.0 A Helm chart for prometheus pushgateway
prometheus-community/prometheus-rabbitmq-exporter 1.8.0 v0.29.0 Rabbitmq metrics exporter for prometheus
prometheus-community/prometheus-redis-exporter 5.5.0 v1.44.0 Prometheus exporter for Redis metrics
prometheus-community/prometheus-smartctl-exporter 0.6.0 v0.11.0 A Helm chart for Kubernetes
prometheus-community/prometheus-snmp-exporter 1.8.0 v0.21.0 Prometheus SNMP Exporter
prometheus-community/prometheus-stackdriver-exp... 4.3.0 0.13.0 Stackdriver exporter for Prometheus
prometheus-community/prometheus-statsd-exporter 0.10.0 v0.24.0 A Helm chart for prometheus stats-exporter
prometheus-community/prometheus-to-sd 0.4.2 0.5.2 Scrape metrics stored in prometheus format and ...
prometheus-community/prometheus-windows-exporter 0.1.1 0.22.0 A Helm chart for prometheus windows-exporter
prometheus-community/alertmanager 1.6.0 v0.26.0 The Alertmanager handles alerts sent by client ...
prometheus-community/alertmanager-snmp-notifier 0.1.2 v1.4.0 The SNMP Notifier handles alerts coming from Pr...
prometheus-community/jiralert 1.6.0 v1.3.0 A Helm chart for Kubernetes to install jiralert
prometheus-community/kube-state-metrics 5.13.0 2.10.0 Install kube-state-metrics to generate and expo...
prometheus-community/prom-label-proxy 0.5.0 v0.6.0 A proxy that enforces a given label in a given ...helm show 查看chart信息
helm show all - 显示chart的所有信息
helm show chart - 显示chart定义
helm show crds - 显示chart的CRD
helm show readme - 显示chart的README
helm show values - 显示chart的values示例
# helm show all prometheus-community/prometheushelm install 安装一个 helm 包
使用 helm install 命令来安装一个新的 helm 包。最简单的使用方法只需要传入两个参数:你命名的release名字和你想安装的chart的名称。有六种不同的方式来标识需要安装的chart:
通过chart引用: helm install mymaria example/mariadb
通过chart包: helm install mynginx ./nginx-1.2.3.tgz
通过未打包chart目录的路径: helm install mynginx ./nginx
通过URL绝对路径: helm install mynginx https://example.com/charts/nginx-1.2.3.tgz
通过chart引用和仓库url: helm install --repo https://example.com/charts/ mynginx nginx
通过OCI注册中心: helm install mynginx --version 1.2.3 oci://example.com/charts/nginx要重写chart中的值,使用'--values'/'-f'参数传递一个文件或者使用'--set'参数在命令行传递配置,强制使用字符串要用'--set-string'。 当值本身对于命令行太长或者是动态生成的时候,可以使用 '--set-file' 设置独立的值。也可以在命令行使用'--set-json'参数设置json值(scalars/objects/arrays)。helm install [NAME] [CHART] [flags]为了检测生成的清单,但并不安装到chart,可以将'--debug'和'--dry-run'组合使用。示例
$ helm install -f myvalues.yaml myredis ./redis或者
$ helm install --set name=prod myredis ./redis或者
$ helm install --set-string long_int=1234567890 myredis ./redis或者
$ helm install --set-file my_script=dothings.sh myredis ./redis或者
$ helm install --set-json 'master.sidecars=[{"name":"sidecar","image":"myImage","imagePullPolicy":"Always",ports":[{"name":"portname","containerPort":1234}]}]' myredis ./redis你可以多次指定'--values'/'-f'参数。最右侧指定的文件优先级最高。比如,如果两个文件myvalues.yaml和override.yaml 都包含名为'Test'的可以,override.yaml中的值优先:
$ helm install -f myvalues.yaml -f override.yaml myredis ./redis可以指定'--set'参数多次,最右边的参数优先级最高,比如,'bar'和'newbar'都设置了一个名为'foo'的可以,'newbar'的值优先:
$ helm install --set foo=bar --set foo=newbar myredis ./redis类似地,下面的示例中'foo'被设置成了'["four"]':
$ helm install --set-json='foo=["one", "two", "three"]' --set-json='foo=["four"]' myredis ./redis下面的示例中,'foo'被设置成了'{"key1":"value1","key2":"bar"}':
$ helm install --set-json='foo={"key1":"value1","key2":"value2"}' --set-json='foo.key2="bar"' myredis ./redishelm list
列出的已经安装生成的Release.
如果未找到结果,'helm list'会退出,但是没有输出(或者使用'-q',只返回头部)。
默认情况下,最多返回256项,使用'--max'限制数量,'--max'设置为0不会返回所有结果,而是返回服务器默认值,可能要比256更多。 同时使用'--max'和'--offset'参数可以翻页显示。示例
$ helm list --filter 'ara[a-z]+'helm upgrade
当你想升级到 chart 的新版本,或是修改 release 的配置,你可以使用 helm upgrade 命令。示例
$ helm upgrade -f panda.yaml happy-panda bitnami/wordpress在上面的例子中,happy-panda 这个 release 使用相同的 chart 进行升级,但是使用了一个新的 YAML 文件:
mariadb.auth.username: user1helm get
对于运行中的Release,我们可以使用helm get命令获取相关的钩子、最终资源配置清单、注意事项和用户自定义的模板参数值信息,相关信息的获取各自依赖于相关的子命令,或者直接使用子命令all一次性地列出所有这些信息。helm get all - download all information for a named release
helm get hooks - download all hooks for a named release
helm get manifest - download the manifest for a named release
helm get notes - download the notes for a named release
helm get values - download the values file for a named release示例
$ helm get values happy-pandamariadb:
auth:
username: user1helm rollback
假如在一次发布过程中,发生了不符合预期的事情,也很容易通过 helm rollback [RELEASE] [REVISION] 命令回滚到之前的发布版本。$ helm rollback happy-panda 1helm uninstall
使用 helm uninstall 命令从集群中卸载一个 release。
在 Helm 3 中,删除也会移除 release 的记录。 如果你想保留删除记录,使用 helm uninstall --keep-history。使用 helm list --uninstalled 只会展示使用了 --keep-history 删除的 release。示例
$ helm uninstall happy-pandaHelm 帮助信息
The Kubernetes package manager
Common actions for Helm:
- helm search: search for charts
- helm pull: download a chart to your local directory to view
- helm install: upload the chart to Kubernetes
- helm list: list releases of charts
Environment variables:
| Name | Description |
|------------------------------------|---------------------------------------------------------------------------------------------------|
| $HELM_CACHE_HOME | set an alternative location for storing cached files. |
| $HELM_CONFIG_HOME | set an alternative location for storing Helm configuration. |
| $HELM_DATA_HOME | set an alternative location for storing Helm data. |
| $HELM_DEBUG | indicate whether or not Helm is running in Debug mode |
| $HELM_DRIVER | set the backend storage driver. Values are: configmap, secret, memory, sql. |
| $HELM_DRIVER_SQL_CONNECTION_STRING | set the connection string the SQL storage driver should use. |
| $HELM_MAX_HISTORY | set the maximum number of helm release history. |
| $HELM_NAMESPACE | set the namespace used for the helm operations. |
| $HELM_NO_PLUGINS | disable plugins. Set HELM_NO_PLUGINS=1 to disable plugins. |
| $HELM_PLUGINS | set the path to the plugins directory |
| $HELM_REGISTRY_CONFIG | set the path to the registry config file. |
| $HELM_REPOSITORY_CACHE | set the path to the repository cache directory |
| $HELM_REPOSITORY_CONFIG | set the path to the repositories file. |
| $KUBECONFIG | set an alternative Kubernetes configuration file (default "~/.kube/config") |
| $HELM_KUBEAPISERVER | set the Kubernetes API Server Endpoint for authentication |
| $HELM_KUBECAFILE | set the Kubernetes certificate authority file. |
| $HELM_KUBEASGROUPS | set the Groups to use for impersonation using a comma-separated list. |
| $HELM_KUBEASUSER | set the Username to impersonate for the operation. |
| $HELM_KUBECONTEXT | set the name of the kubeconfig context. |
| $HELM_KUBETOKEN | set the Bearer KubeToken used for authentication. |
| $HELM_KUBEINSECURE_SKIP_TLS_VERIFY | indicate if the Kubernetes API server's certificate validation should be skipped (insecure) |
| $HELM_KUBETLS_SERVER_NAME | set the server name used to validate the Kubernetes API server certificate |
| $HELM_BURST_LIMIT | set the default burst limit in the case the server contains many CRDs (default 100, -1 to disable)|
Helm stores cache, configuration, and data based on the following configuration order:
- If a HELM_*_HOME environment variable is set, it will be used
- Otherwise, on systems supporting the XDG base directory specification, the XDG variables will be used
- When no other location is set a default location will be used based on the operating system
By default, the default directories depend on the Operating System. The defaults are listed below:
| Operating System | Cache Path | Configuration Path | Data Path |
|------------------|---------------------------|--------------------------------|-------------------------|
| Linux | $HOME/.cache/helm | $HOME/.config/helm | $HOME/.local/share/helm |
| macOS | $HOME/Library/Caches/helm | $HOME/Library/Preferences/helm | $HOME/Library/helm |
| Windows | %TEMP%\helm | %APPDATA%\helm | %APPDATA%\helm |
Usage:
helm [command]
Available Commands:
completion generate autocompletion scripts for the specified shell
create create a new chart with the given name
dependency manage a chart's dependencies
env helm client environment information
get download extended information of a named release
help Help about any command
history fetch release history
install install a chart
lint examine a chart for possible issues
list list releases
package package a chart directory into a chart archive
plugin install, list, or uninstall Helm plugins
pull download a chart from a repository and (optionally) unpack it in local directory
push push a chart to remote
registry login to or logout from a registry
repo add, list, remove, update, and index chart repositories
rollback roll back a release to a previous revision
search search for a keyword in charts
show show information of a chart
status display the status of the named release
template locally render templates
test run tests for a release
uninstall uninstall a release
upgrade upgrade a release
verify verify that a chart at the given path has been signed and is valid
version print the client version information
Flags:
--burst-limit int client-side default throttling limit (default 100)
--debug enable verbose output
-h, --help help for helm
--kube-apiserver string the address and the port for the Kubernetes API server
--kube-as-group stringArray group to impersonate for the operation, this flag can be repeated to specify multiple groups.
--kube-as-user string username to impersonate for the operation
--kube-ca-file string the certificate authority file for the Kubernetes API server connection
--kube-context string name of the kubeconfig context to use
--kube-insecure-skip-tls-verify if true, the Kubernetes API server's certificate will not be checked for validity. This will make your HTTPS connections insecure
--kube-tls-server-name string server name to use for Kubernetes API server certificate validation. If it is not provided, the hostname used to contact the server is used
--kube-token string bearer token used for authentication
--kubeconfig string path to the kubeconfig file
-n, --namespace string namespace scope for this request
--registry-config string path to the registry config file (default "/root/.config/helm/registry/config.json")
--repository-cache string path to the file containing cached repository indexes (default "/root/.cache/helm/repository")
--repository-config string path to the file containing repository names and URLs (default "/root/.config/helm/repositories.yaml")
Use "helm [command] --help" for more information about a command.参考文档
https://github.com/helm/helm
helm hub: https://artifacthub.io/
