Helm 是一个 Kubernetes 应用的包管理工具
介绍
- Charts: 是用来封装 Kubernetes 原生应用程序的 YAML 文件,可以定义应用程序的 metadata 等,便于应用程序分发
- Repository: Charts 仓库,HTTP/s 服务
- Release: Charts 在 Kubernetes 上的实例
helm 和 chart 的主要作用:
helm 软件市场
使用
helm create <chart-name>:创建新的 chart
helm dependency list <chart-name>:管理 chart 依赖
helm install <name> <chart-name>:安装 chart
helm lint <chart-name>:检查 chart 配置是否有误
helm list:列出所有 release
helm package <chart-name>:打包本地 chart
helm repo [list/...]:列出、增加、更新、删除 chart 仓库
helm rollback:回滚 release 到历史版本
helm pull:拉取远程 chart 到本地
helm search:使用关键词搜索 chart
helm uninstall:卸载 release
helm upgrade:升级 release
helm status <name>:查看已经安装 chart 的状态
创建 chart
helm create hugo-chart
# tree hugo-chart
hugo-chart
├── Chart.yaml # 该 Chart 版本信息
├── charts # 依赖chart(子chart)
├── templates # 该 chart 配置模板,用来渲染 kubernetes YAML
│ ├── NOTES.txt # 服务的连接信息
│ ├── _helpers.tpl # 用于创建模板是的帮助类
│ ├── deployment.yaml # kubernetes deployment 配置
│ ├── hpa.yaml # kubernetes autoscaling 配置
│ ├── ingress.yaml # kubernetes ingress 配置
│ ├── service.yaml # kubernetes service 配置
│ ├── serviceaccount.yaml # kubernetes serviceaccount 配置
│ └── tests
│ └── test-connection.yaml # helm 安装后测试
└── values.yaml # chart templates 中自定义配置的默认值
3 directories, 10 files
可以在templates目录加kubernetes其他对象的配置,比如ConfigMap、DaemonSet等
https://helm.sh/docs/chart_template_guide/getting_started/
安装
helm install [NAME] [CHART] [flags]
helm install --debug --dry-run hugo-chart ./hugo-chart
# 安装本地 chart
helm install -f mhugoalues.yaml hugo-chart ./hugo-chart
# 指定变量
helm install --set name=prod hugo-chart ./hugo-chart
# 指定变量的值为 string 类型
helm install --set-string long_int=1234567890 hugo-chart ./hugo-chart
# 指定引用的文件地址
helm install --set-file my_script=dothings.sh hugo-chart ./hugo-chart
# 同时指定多个变量
helm install --set foo=bar --set foo=newbar hugo-chart ./hugo-chart
helm template hugo-chart-server hugo-chart --dry-run
helm dependency list
其中:
- mhugoalues.yaml:自定义变量配置文件
- hugo-chart:release 名称
- ./hugo-chart:本地的 chart 目录
Helm chart 安装后会转化成 Kubernetes 中的资源对象,生成一个 chart release,可以使用 helm list 命令查看。
helm get manifest [name]
Demo
配置 repo 并搜索镜像
# helm version
version.BuildInfo{Version:"v3.4.1", GitCommit:"c4e74854886b2efe3321e185578e6db9be0a6e29", GitTreeState:"dirty", GoVersion:"go1.15.5"}
# helm repo add stable https://charts.helm.sh/stable
"stable" has been added to your repositories
# helm repo list
NAME URL
stable https://charts.helm.sh/stable
# helm search repo stable
NAME CHART VERSION APP VERSION DESCRIPTION
stable/acs-engine-autoscaler 2.2.2 2.1.1 DEPRECATED Scales worker nodes within agent pools
# helm search repo stable/mysql
8NAME CHART VERSION APP VERSION DESCRIPTION
stable/mysql 1.6.9 5.7.30 DEPRECATED - Fast, reliable, scalable, and easy...
stable/mysqldump 2.6.2 2.4.1 DEPRECATED! - A Helm chart to help backup MySQL...
创建 nginx
# helm create nginx
Creating nginx
# helm package nginx
Successfully packaged chart and saved it to: /Users/xiexianbin/work/k8s/helm/nginx-0.1.0.tgz
# ll
total 8
drwxr-xr-x 7 xiexianbin staff 224B Nov 1 11:39 nginx
-rw-r--r-- 1 xiexianbin staff 3.5K Nov 1 11:41 nginx-0.1.0.tgz
# helm install nginx-0.1.0.tgz --generate-name
NAME: nginx-0-1607398959
LAST DEPLOYED: Sun Nov 1 11:42:44 2020
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
1. Get the application URL by running these commands:
export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=nginx,app.kubernetes.io/instance=nginx-0-1607398959" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace default $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl --namespace default port-forward $POD_NAME 8080:$CONTAINER_PORT
# export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=nginx,app.kubernetes.io/instance=nginx-0-1607398959" -o jsonpath="{.items[0].metadata.name}")
# export CONTAINER_PORT=$(kubectl get pod --namespace default $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
# echo "Visit http://127.0.0.1:8080 to use your application"
Visit http://127.0.0.1:8080 to use your application
# kubectl --namespace default port-forward $POD_NAME 8080:$CONTAINER_PORT
Forwarding from 127.0.0.1:8080 -> 80
Forwarding from [::1]:8080 -> 80
Handling connection for 8080
# helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
nginx-0-1607398959 default 1 2020-12-08 11:42:44.176491 +0800 CST deployed nginx-0.1.0 1.16.0
➜ helm git:(master) ✗ helm package nginx
Successfully packaged chart and saved it to: /Users/xiexianbin/work/code/keybase/work.xiexianbin.cn/k8s/helm/nginx-0.1.1.tgz
➜ helm git:(master) ✗ helm upgrade nginx-0-1607398959 nginx-0.1.1.tgz
Release "nginx-0-1607398959" has been upgraded. Happy Helming!
NAME: nginx-0-1607398959
LAST DEPLOYED: Sun Nov 1 11:50:52 2020
NAMESPACE: default
STATUS: deployed
REVISION: 2
NOTES:
1. Get the application URL by running these commands:
export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=nginx,app.kubernetes.io/instance=nginx-0-1607398959" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace default $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl --namespace default port-forward $POD_NAME 8080:$CONTAINER_PORT
➜ helm git:(master) ✗ helm history nginx-0-1607398959
REVISION UPDATED STATUS CHART APP VERSION DESCRIPTION
1 Sun Nov 1 11:42:44 2020 superseded nginx-0.1.0 1.16.0 Install complete
2 Sun Nov 1 11:50:52 2020 deployed nginx-0.1.1 1.16.0 Upgrade complete
➜ helm git:(master) ✗➜ helm git:(master) ✗ helm package nginx
Successfully packaged chart and saved it to: /Users/xiexianbin/work/code/keybase/work.xiexianbin.cn/k8s/helm/nginx-0.1.1.tgz
➜ helm git:(master) ✗ helm upgrade nginx-0-1607398959 nginx-0.1.1.tgz
Release "nginx-0-1607398959" has been upgraded. Happy Helming!
NAME: nginx-0-1607398959
LAST DEPLOYED: Sun Nov 1 11:50:52 2020
NAMESPACE: default
STATUS: deployed
REVISION: 2
NOTES:
1. Get the application URL by running these commands:
export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=nginx,app.kubernetes.io/instance=nginx-0-1607398959" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace default $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl --namespace default port-forward $POD_NAME 8080:$CONTAINER_PORT
➜ helm git:(master) ✗ helm history nginx-0-1607398959
REVISION UPDATED STATUS CHART APP VERSION DESCRIPTION
1 Sun Nov 1 11:42:44 2020 superseded nginx-0.1.0 1.16.0 Install complete
2 Sun Nov 1 11:50:52 2020 deployed nginx-0.1.1 1.16.0 Upgrade complete
➜ helm git:(master) ✗ helm rollback nginx-0-1607398959 1
Rollback was a success! Happy Helming!
➜ helm git:(master) ✗ helm history nginx-0-1607398959
REVISION UPDATED STATUS CHART APP VERSION DESCRIPTION
1 Sun Nov 1 11:42:44 2020 superseded nginx-0.1.0 1.16.0 Install complete
2 Sun Nov 1 11:50:52 2020 superseded nginx-0.1.1 1.16.0 Upgrade complete
3 Sun Nov 1 11:51:43 2020 deployed nginx-0.1.0 1.16.0 Rollback to 1
➜ helm git:(master) ✗ helm status nginx-0-1607398959
NAME: nginx-0-1607398959
LAST DEPLOYED: Sun Nov 1 11:51:43 2020
NAMESPACE: default
STATUS: deployed
REVISION: 3
NOTES:
1. Get the application URL by running these commands:
export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=nginx,app.kubernetes.io/instance=nginx-0-1607398959" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace default $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl --namespace default port-forward $POD_NAME 8080:$CONTAINER_PORT
➜ helm git:(master) ✗ helm uninstall nginx-0-1607398959
release "nginx-0-1607398959" uninstalled
➜ helm git:(master) ✗ export HELM_EXPERIMENTAL_OCI=1
➜ helm git:(master) ✗ helm chart list
REF NAME VERSION DIGEST SIZE CREATED
➜ helm git:(master) ✗
➜ helm git:(master) ✗ export HELM_EXPERIMENTAL_OCI=1
➜ helm git:(master) ✗ helm chart list
REF NAME VERSION DIGEST SIZE CREATED
➜ helm git:(master) ✗ helm search repo wordpress
NAME CHART VERSION APP VERSION DESCRIPTION
stable/wordpress 9.0.3 5.3.2 DEPRECATED Web publishing platform for building...
➜ helm git:(master) ✗ helm install stable/wordpress -g
WARNING: This chart is deprecated
NAME: wordpress-1607399648
LAST DEPLOYED: Sun Nov 1 11:54:14 2020
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
This Helm chart is deprecated
Given the `stable` deprecation timeline (https://github.com/helm/charts#deprecation-timeline), the Bitnami maintained Helm chart is now located at bitnami/charts (https://github.com/bitnami/charts/).
The Bitnami repository is already included in the Hubs and we will continue providing the same cadence of updates, support, etc that we've been keeping here these years. Installation instructions are very similar, just adding the _bitnami_ repo and using it during the installation (`bitnami/<chart>` instead of `stable/<chart>`)
$ helm repo add bitnami https://charts.bitnami.com/bitnami
$ helm install my-release bitnami/<chart> # Helm 3
$ helm install --name my-release bitnami/<chart> # Helm 2
To update an exisiting _stable_ deployment with a chart hosted in the bitnami repository you can execute
$ helm repo add bitnami https://charts.bitnami.com/bitnami
$ helm upgrade my-release bitnami/<chart>
helm pull bitnami/wordpress --version 10.1.1
Issues and PRs related to the chart itself will be redirected to `bitnami/charts` GitHub repository. In the same way, we'll be happy to answer questions related to this migration process in this issue (https://github.com/helm/charts/issues/20969) created as a common place for discussion.
** Please be patient while the chart is being deployed **
To access your WordPress site from outside the cluster follow the steps below:
1. Get the WordPress URL by running these commands:
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace default -w wordpress-1607399648'
export SERVICE_IP=$(kubectl get svc --namespace default wordpress-1607399648 --template "{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}")
echo "WordPress URL: http://$SERVICE_IP/"
echo "WordPress Admin URL: http://$SERVICE_IP/admin"
2. Open a browser and access WordPress using the obtained URL.
3. Login with the following credentials below to see your blog:
echo Username: user
echo Password: $(kubectl get secret --namespace default wordpress-1607399648 -o jsonpath="{.data.wordpress-password}" | base64 --decode)
➜ helm git:(master) ✗
chart 私有 repo 搭建
参考:https://github.com/jdolitsky/helm-servecm
安装
$ mkdir -p /data/helm/local-repo
$ helm plugin install https://github.com/jdolitsky/helm-servecm
Installed plugin: servecm
If ChartMuseum is not installed, it will ask to install the latest stable release upon use:
$ helm servecm
ChartMuseum not installed. Install latest stable release? (type "yes"): yes
Attempting to install ChartMuseum server (v0.12.0)...
Detected your os as "linux"
+ curl -LO https://s3.amazonaws.com/chartmuseum/release/v0.12.0/bin/linux/amd64/chartmuseum
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 52.5M 100 52.5M 0 0 947k 0 0:00:56 0:00:56 --:--:-- 1234k
+ chmod +x ./chartmuseum
+ mv ./chartmuseum /usr/local/bin
+ set +x
2020-11-01 11:00:23.191316 I | Missing required flags(s): --storage
Error: plugin "servecm" exited with error
启动本地repo仓库服务
nohup helm servecm --debug --port=8879 \
--storage="local" \
--storage-local-rootdir="/data/helm/local-repo" &
- 通过helm repo add命令添加本地repo:
# helm repo add local-repo http://172.20.0.50:8879
"local-repo" has been added to your repositories
# helm repo list
NAME URL
local-repo http://172.20.0.50:8879
备注:
- helm serve 不指定任何参数的话会在默认的repo目录(
/root/.helm/repository/local)启动服务,根据该目录下的软件包(tgz)信息在该目录下创建index.html文件。
- 可以通过指定
--repo-path参数实现在自定义的目录下启动服务,并在那个目录下创建index.html文件。
向repo中增加软件包
上面步骤中,已经创建了一个本地的repo,接下来讲述如何在repo中增加一个可用来部署的软件包chart。chart须遵循 SemVer 2 规则填写正确的版本格式。各种chart包可以在github下载。
- 将chart文件夹移动到repo目录,并将chart打包:
cd /data/helm/local-repo
helm create hugo-chart
helm package hugo-chart
helm repo index .
备注:
通过helm repo index 命令将chart的metadata记录更新在index.yaml文件中:
cd /data/helm/local-repo
helm repo index --url=http://ip:8879 .
helm repo update
helm repo add local http://127.0.0.1:8879/charts
helm install local/drupal
验证
查找新上传的chart:
# helm search repo hugo
NAME CHART VERSION APP VERSION DESCRIPTION
local-repo/hugo-chart 0.1.0 1.16.0 A Helm chart for Kubernetes
安装chart软件包(即release过程):
# helm install hugo-chart local-repo/hugo-chart --dry-run
NAME: hugo-chart
LAST DEPLOYED: Thu Dec 17 11:08:33 2020
NAMESPACE: default
STATUS: pending-install
REVISION: 1
HOOKS:
---
# Source: hugo-chart/templates/tests/test-connection.yaml
apiVersion: v1
kind: Pod
metadata:
name: "hugo-chart-test-connection"
labels:
helm.sh/chart: hugo-chart-0.1.0
app.kubernetes.io/name: hugo-chart
app.kubernetes.io/instance: hugo-chart
app.kubernetes.io/version: "1.16.0"
app.kubernetes.io/managed-by: Helm
annotations:
"helm.sh/hook": test
spec:
containers:
- name: wget
image: busybox
command: ['wget']
args: ['hugo-chart:80']
restartPolicy: Never
MANIFEST:
---
# Source: hugo-chart/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: hugo-chart
labels:
helm.sh/chart: hugo-chart-0.1.0
app.kubernetes.io/name: hugo-chart
app.kubernetes.io/instance: hugo-chart
app.kubernetes.io/version: "1.16.0"
app.kubernetes.io/managed-by: Helm
---
# Source: hugo-chart/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: hugo-chart
labels:
helm.sh/chart: hugo-chart-0.1.0
app.kubernetes.io/name: hugo-chart
app.kubernetes.io/instance: hugo-chart
app.kubernetes.io/version: "1.16.0"
app.kubernetes.io/managed-by: Helm
spec:
type: ClusterIP
ports:
- port: 80
targetPort: http
protocol: TCP
name: http
selector:
app.kubernetes.io/name: hugo-chart
app.kubernetes.io/instance: hugo-chart
---
# Source: hugo-chart/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: hugo-chart
labels:
helm.sh/chart: hugo-chart-0.1.0
app.kubernetes.io/name: hugo-chart
app.kubernetes.io/instance: hugo-chart
app.kubernetes.io/version: "1.16.0"
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: hugo-chart
app.kubernetes.io/instance: hugo-chart
template:
metadata:
labels:
app.kubernetes.io/name: hugo-chart
app.kubernetes.io/instance: hugo-chart
spec:
serviceAccountName: hugo-chart
securityContext:
{}
containers:
- name: hugo-chart
securityContext:
{}
image: "nginx:1.16.0"
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 80
protocol: TCP
livenessProbe:
httpGet:
path: /
port: http
readinessProbe:
httpGet:
path: /
port: http
resources:
{}
NOTES:
1. Get the application URL by running these commands:
export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=hugo-chart,app.kubernetes.io/instance=hugo-chart" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace default $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl --namespace default port-forward $POD_NAME 8080:$CONTAINER_PORT
备注:helm install会用到socat,需要在所有节点上安装socat
helm hook
pre-install Executes after templates are rendered, but before any resources are created in Kubernetes
post-install Executes after all resources are loaded into Kubernetes
pre-delete Executes on a deletion request before any resources are deleted from Kubernetes
post-delete Executes on a deletion request after all of the release's resources have been deleted
pre-upgrade Executes on an upgrade request after templates are rendered, but before any resources are updated
post-upgrade Executes on an upgrade request after all resources have been upgraded
pre-rollback Executes on a rollback request after templates are rendered, but before any resources are rolled back
post-rollback Executes on a rollback request after all resources have been modified
test Executes when the Helm test subcommand is invoked ( view test docs)