Helm 基本概念
Helm 能夠理解爲 Kubernetes 的包管理工具,能夠方便地發現、共享和使用爲Kubernetes構建的應用,它包含幾個基本概念node
- Chart:一個 Helm 包,其中包含了運行一個應用所須要的鏡像、依賴和資源定義等,還可能包含 Kubernetes 集羣中的服務定義,相似 Homebrew 中的 formula,APT 的 dpkg 或者 Yum 的 rpm 文件,
- Release: 在 Kubernetes 集羣上運行的 Chart 的一個實例。在同一個集羣上,一個 Chart 能夠安裝不少次。每次安裝都會建立一個新的 release。例如一個 MySQL Chart,若是想在服務器上運行兩個數據庫,就能夠把這個 Chart 安裝兩次。每次安裝都會生成本身的 Release,會有本身的 Release 名稱。
- Repository:用於發佈和存儲 Chart 的倉庫。
Helm 組件
Helm 採用客戶端/服務器架構,有以下組件組成:linux
- Helm CLI 是 Helm 客戶端,能夠在本地執行
- Tiller 是服務器端組件,在 Kubernetes 羣集上運行,並管理 Kubernetes 應用程序的生命週期
- Repository 是 Chart 倉庫,Helm客戶端經過HTTP協議來訪問倉庫中Chart的索引文件和壓縮包。
安裝步驟nginx
一、 下載helm安裝包數據庫
wget https://storage.googleapis.com/kubernetes-helm/helm-v2.10.0-rc.3-linux-amd64.tar.gz
二、建立tiller的serviceaccount和clusterrolebindingjson
kubectl create serviceaccount --namespace kube-system tiller kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
3. 安裝helm服務端tillerapi
[root@master1 gateway]# helm init -i 192.168.200.10/source/kubernetes-helm/tiller:v2.10.0-rc.3 --service-account tiller --skip-refresh Creating /root/.helm Creating /root/.helm/repository Creating /root/.helm/repository/cache Creating /root/.helm/repository/local Creating /root/.helm/plugins Creating /root/.helm/starters Creating /root/.helm/cache/archive Creating /root/.helm/repository/repositories.yaml Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com Adding local repo with URL: http://127.0.0.1:8879/charts $HELM_HOME has been configured at /root/.helm. Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster. Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy. To prevent this, run `helm init` with the --tiller-tls-verify flag. For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation Happy Helming!
四、 查看是否安裝服務器
[root@master1 gateway]# kubectl -n kube-system get pods|grep tiller tiller-deploy-849c444cff-h9zw2 1/1 Running 0 46s
5. 替換helm 的repo源架構
[root@kubernetes-1 ~]# helm repo list NAME URL stable https://kubernetes-charts.storage.googleapis.com local http://127.0.0.1:8879/charts [root@kubernetes-1 ~]# helm repo remove stable "stable" has been removed from your repositories [root@kubernetes-1 ~]# helm repo add stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts "stable" has been added to your repositories [root@kubernetes-1 ~]# helm repo update Hang tight while we grab the latest from your chart repositories... ...Skip local chart repository ...Successfully got an update from the "stable" chart repository Update Complete. ⎈ Happy Helming!⎈ [root@kubernetes-1 ~]# helm repo list NAME URL local http://127.0.0.1:8879/charts stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
六、建立chart併發
helm create gateway
7. 測試修改是否正確app
[root@master1 helm]# ls gateway helm-v2.10.0-rc.3-linux-amd64.tar.gz linux-amd64 [root@master1 helm]# helm install --dry-run --debug ./gateway [debug] Created tunnel using local port: '46252' [debug] SERVER: "127.0.0.1:46252" [debug] Original chart version: "" [debug] CHART PATH: /root/helm/gateway NAME: imprecise-sabertooth REVISION: 1 RELEASED: Tue Aug 14 14:42:14 2018 CHART: gateway-0.1.0 USER-SUPPLIED VALUES: {} COMPUTED VALUES: affinity: {} image: pullPolicy: IfNotPresent repository: 192.168.200.10/source/nginx tag: latest ingress: {} nodeSelector: {} replicaCount: 1 resources: limits: cpu: 100m memory: 128Mi requests: cpu: 100m memory: 128Mi service: port: 80 type: ClusterIP tolerations: [] HOOKS: MANIFEST: --- # Source: gateway/templates/service.yaml apiVersion: v1 kind: Service metadata: name: imprecise-sabertooth-gateway labels: app: gateway chart: gateway-0.1.0 release: imprecise-sabertooth heritage: Tiller spec: type: ClusterIP ports: - port: 80 targetPort: http protocol: TCP name: http selector: app: gateway release: imprecise-sabertooth --- # Source: gateway/templates/deployment.yaml apiVersion: apps/v1beta2 kind: Deployment metadata: name: imprecise-sabertooth-gateway labels: app: gateway chart: gateway-0.1.0 release: imprecise-sabertooth heritage: Tiller spec: replicas: 1 selector: matchLabels: app: gateway release: imprecise-sabertooth template: metadata: labels: app: gateway release: imprecise-sabertooth spec: containers: - name: gateway image: "192.168.200.10/source/nginx:latest" imagePullPolicy: IfNotPresent ports: - name: http containerPort: 80 protocol: TCP livenessProbe: httpGet: path: / port: http readinessProbe: httpGet: path: / port: http resources: limits: cpu: 100m memory: 128Mi requests: cpu: 100m memory: 128Mi
部署到kubernetes
[root@master1 gateway]# helm install . NAME: riotous-crab LAST DEPLOYED: Tue Aug 14 14:43:21 2018 NAMESPACE: default STATUS: DEPLOYED RESOURCES: ==> v1/Service NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE riotous-crab-gateway ClusterIP 10.254.26.20 <none> 80/TCP 0s ==> v1beta2/Deployment NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE riotous-crab-gateway 1 1 1 0 0s ==> v1/Pod(related) NAME READY STATUS RESTARTS AGE riotous-crab-gateway-fd7465cc8-frcmd 0/1 ContainerCreating 0 0s NOTES: 1. Get the application URL by running these commands: export POD_NAME=$(kubectl get pods --namespace default -l "app=gateway,release=riotous-crab" -o jsonpath="{.items[0].metadata.name}") echo "Visit http://127.0.0.1:8080 to use your application" kubectl port-forward $POD_NAME 8080:80
查看部署的relaese
helm list
刪除relaese
helm delete gateway
將應用打包
[root@master1 gateway]# helm package . Successfully packaged chart and saved it to: /root/helm/gateway/gateway-0.1.0.tgz
gateway目錄會被打包爲一個 gateway-0.1.0.tgz 格式的壓縮包,該壓縮包會被放到當前目錄下,並同時被保存到了 Helm 的本地缺省倉庫目錄中。
若是你想看到更詳細的輸出,能夠加上 --debug 參數來查看打包的輸出,輸出內容應該相似以下:
helm package gateway --debug Successfully packaged chart and saved it to: /root/gateway/gateway-0.1.0.tgz [debug] Successfully saved /root/gateway/mychart-0.1.0.tgz to /root/.helm/repository/local
將應用發佈到 Repository
雖然咱們已經打包了 Chart 併發布到了 Helm 的本地目錄中,但經過 helm search 命令查找,並不能找不到剛纔生成的 mychart包
helm search gateway No results found
這是由於 Repository 目錄中的 Chart 包尚未被 Helm 管理。經過 helm repo list命令能夠看到目前 Helm 中已配置的 Repository 的信息。
helm repo list NAME URL stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
咱們能夠在本地啓動一個 Repository Server,並將其加入到 Helm Repo 列表中。Helm Repository 必須以 Web 服務的方式提供,這裏咱們就使用 helm serve 命令啓動一個 Repository Server,該 Server 缺省使用 $HOME/.helm/repository/local目錄做爲 Chart 存儲,並在 8879 端口上提供服務。
chart經過HTTP server方式提供
helm serve #默認是 127.0.0.1:8879 能夠添加參數 helm serve --address 192.168.20.171:80
若是你想使用指定目錄來作爲 Helm Repository 的存儲目錄,能夠加上 --repo-path參數:
$ helm serve --address 192.168.20.171:8879 --repo-path /data/helm/repository/ --url http://192.168.20.171:8879/charts/
經過 helm repo index 命令將 Chart 的 Metadata 記錄更新在 index.yaml 文件中:
# 更新 Helm Repository 的索引文件 cd /home/k8s/.helm/repository/local helm repo index --url=http://192.168.20.171:8879 .
完成啓動本地 Helm Repository Server 後,就能夠將本地 Repository 加入 Helm 的 Repo 列表。
helm repo add local http://127.0.0.1:8879 "local" has been added to your repositories
如今再次查找 mychart 包,就能夠搜索到了。
helm repo update helm search gateway NAME CHART VERSION APP VERSION DESCRIPTION local/gateway 0.1.0 1.0 A Helm chart for Kubernetes
注:helm install 默認會用到 socat,須要在全部節點上安裝 socat 軟件包。
部署一個應用 經過 helm install 命令部署該 Chart
當使用 helm install 命令部署應用時,實際上就是將 templates 目錄下的模板文件渲染成 Kubernetes 可以識別的 YAML 格式。
在部署前咱們可使用 helm install --dry-run --debug <chart_dir> --name <release_name>命令來驗證 Chart 的配置。該輸出中包含了模板的變量配置與最終渲染的 YAML 文件。
[root@master1 helm]# helm install istio --name istio --namespace istio-system Error: a release named istio already exists. Run: helm ls --all istio; to check the status of the release Or run: helm del --purge istio; to delete it [root@master1 helm]# helm ls --all istio NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE istio 1 Tue Aug 14 10:48:26 2018 DELETED istio-1.0.0 1.0.0 istio-system [root@master1 helm]# helm ls --all NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE garish-lion 1 Mon Aug 13 14:22:15 2018 DELETED gateway-0.1.2 1.2 default istio 1 Tue Aug 14 10:48:26 2018 DELETED istio-1.0.0 1.0.0 istio-system opining-kudu 1 Mon Aug 6 17:48:14 2018 DELETED fengjian-0.1.0 1.0 default riotous-crab 1 Tue Aug 14 14:43:21 2018 DELETED gateway-0.1.0 1.0 default undercooked-alpaca 1 Mon Aug 13 12:13:26 2018 DELETED gateway-0.1.0 1.0 default virtuous-hamster 1 Mon Aug 6 17:07:44 2018 DELETED hello-helm-0.1.0 1.0 default [root@master1 helm]# helm del --purge istio release "istio" deleted
升級和回退一個應用
從上面 helm list 輸出的結果中咱們能夠看到有一個 Revision(更改歷史)字段,該字段用於表示某一個 Release 被更新的次數,咱們能夠用該特性對已部署的 Release 進行回滾。
修改 Chart.yaml 文件
將版本號從 0.1.0 修改成 0.2.0, 而後使用 helm package 命令打包併發布到本地倉庫。
cat gateay/Chart.yaml apiVersion: v1 appVersion: "1.0" description: A Helm chart for Kubernetes name: mychart version: 0.2.0 $ helm package gateway Successfully packaged chart and saved it to: /root/gateway/gateway-0.2.0.tgz
查詢本地倉庫中的 Chart 信息
咱們能夠看到在本地倉庫中 gateway 有兩個版本。
helm search gateway -l NAME CHART VERSION APP VERSION DESCRIPTION local/gateway 0.2.0 1.0 A Helm chart for Kubernetes local/gateway 0.1.0 1.0 A Helm chart for Kubernetes
升級一個應用
如今用 helm upgrade 命令將已部署的 mike-test 升級到新版本。你能夠經過 --version 參數指定須要升級的版本號,若是沒有指定版本號,則缺省使用最新版本。
helm upgrade mike-test local/mychart Release "mike-test" has been upgraded. Happy Helming! LAST DEPLOYED: Mon Jul 23 10:50:25 2018 NAMESPACE: default STATUS: DEPLOYED RESOURCES: ==> v1/Pod(related) NAME READY STATUS RESTARTS AGE mike-test-gateway-6d56f8c8c9-d685v 1/1 Running 0 9m ==> v1/Service NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE mike-test-gateway ClusterIP 10.254.120.177 <none> 80/TCP 9m ==> v1beta2/Deployment NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE mike-test-gateway 1 1 1 1 9m NOTES: 1. Get the application URL by running these commands: export POD_NAME=$(kubectl get pods --namespace default -l "app=gateway,release=mike-test" -o jsonpath="{.items[0].metadata.name}") echo "Visit http://127.0.0.1:8080 to use your application" kubectl port-forward $POD_NAME 8080:80
完成後,能夠看到已部署的 mike-test 被升級到 0.2.0 版本。
helm list NAME REVISION UPDATED STATUS CHART NAMESPACE mike-test 2 Mon Jul 23 10:50:25 2018 DEPLOYED gateway-0.2.0 default
回退一個應用
若是更新後的程序因爲某些緣由運行有問題,須要回退到舊版本的應用。首先咱們可使用 helm history 命令查看一個 Release 的全部變動記錄。
helm history mike-test REVISION UPDATED STATUS CHART DESCRIPTION 1 Mon Jul 23 10:41:20 2018 SUPERSEDED gateway-0.1.0 Install complete 2 Mon Jul 23 10:50:25 2018 DEPLOYED gateway-0.2.0 Upgrade complete
其次,咱們可使用下面的命令對指定的應用進行回退。
helm rollback mike-test 1 Rollback was a success! Happy Helming!
最後,咱們使用 helm list 和 helm history 命令均可以看到 mychart 的版本已經回退到 0.1.0 版本。
helm list NAME REVISION UPDATED STATUS CHART NAMESPACE mike-test 3 Mon Jul 23 10:53:42 2018 DEPLOYED gateway-0.1.0 default $ helm history mike-test REVISION UPDATED STATUS CHART DESCRIPTION 1 Mon Jul 23 10:41:20 2018 SUPERSEDED gateway-0.1.0 Install complete 2 Mon Jul 23 10:50:25 2018 SUPERSEDED gateway-0.2.0 Upgrade complete 3 Mon Jul 23 10:53:42 2018 DEPLOYED gateway-0.1.0 Rollback to 1
刪除一個應用
若是須要刪除一個已部署的 Release,能夠利用 helm delete 命令來完成刪除。
helm delete mike-test release "mike-test" deleted
確認應用是否刪除,該應用已被標記爲 DELETED 狀態。
helm ls -a mike-test NAME REVISION UPDATED STATUS CHART NAMESPACE mike-test 3 Mon Jul 23 10:53:42 2018 DELETED gateway-0.1.0 default
也可使用 --deleted 參數來列出已經刪除的 Release
helm ls --deleted NAME REVISION UPDATED STATUS CHART NAMESPACE mike-test 3 Mon Jul 23 10:53:42 2018 DELETED gateway-0.1.0 default
從上面的結果也能夠看出,默認狀況下已經刪除的 Release 只是將狀態標識爲 DELETED 了 ,但該 Release 的歷史信息仍是繼續被保存的。
helm hist mike-test REVISION UPDATED STATUS CHART DESCRIPTION 1 Mon Jul 23 10:41:20 2018 SUPERSEDED gateway-0.1.0 Install complete 2 Mon Jul 23 10:50:25 2018 SUPERSEDED gateway-0.2.0 Upgrade complete 3 Mon Jul 23 10:53:42 2018 DELETED gateway-0.1.0 Deletion complete
若是要移除指定 Release 全部相關的 Kubernetes 資源和 Release 的歷史記錄,能夠用以下命令:
helm delete --purge mike-test release "mike-test" deleted