Helm搭建:
[root@node01 ~]# docker load < tiller-v2.14.3.tar
[root@node02 ~]# docker load < tiller-v2.14.3.tar
[root@node01 ~]# systemctl restart kubelet
[root@node02 ~]# systemctl restart kubelet
[root@master ~]# mkdir helm
[root@master ~]# cd helm/
[root@master helm]# wget https://get.helm.sh/helm-v2.14.3-linux-amd64.tar.gz
[root@master helm]# tar -zxvf helm-v2.14.3-linux-amd64.tar.gz
linux-amd64/
linux-amd64/helm
linux-amd64/README.md
linux-amd64/LICENSE
linux-amd64/tiller
[root@master helm]# ls
helm-v2.14.3-linux-amd64.tar.gz linux-amd64
[root@master helm]# mv linux-amd64/helm /usr/local/bin/
[root@master helm]# chmod +x /usr/local/bin/helm
自动补全:
[root@master helm]# source <(helm completion bash)
[root@master ~]# echo "source <(helm completion bash)" >> ~/.bashrc
[root@master helm]# kubectl apply -f tiller-rbac.yaml
serviceaccount/tiller created
clusterrolebinding.rbac.authorization.k8s.io/tiller created
初始化:
[root@master helm]# helm init --service-account=tiller
查看一下:
[root@master helm]# kubectl get deployments. -n kube-system
NAME READY UP-TO-DATE AVAILABLE AGE
coredns 2/2 2 2 21d
tiller-deploy 1/1 1 1 107s
[root@master helm]# kubectl get pod -n kube-system
NAME READY STATUS RESTARTS AGE
coredns-5c98db65d4-jnhjq 1/1 Running 1 21d
coredns-5c98db65d4-kqvsl 1/1 Running 1 21d
etcd-master 1/1 Running 1 21d
kube-apiserver-master 1/1 Running 1 21d
kube-controller-manager-master 1/1 Running 1 21d
kube-flannel-ds-amd64-pqbzl 1/1 Running 2 21d
kube-flannel-ds-amd64-qg8s2 1/1 Running 1 21d
kube-flannel-ds-amd64-z87t7 1/1 Running 1 21d
kube-proxy-4998w 1/1 Running 1 21d
kube-proxy-kppfb 1/1 Running 1 21d
kube-proxy-l4j82 1/1 Running 1 21d
kube-scheduler-master 1/1 Running 1 21d
tiller-deploy-8557598fbc-vjmkk 1/1 Running 0 5m24s
[root@master helm]# helm repo list
NAME URL
stable https://kubernetes-charts.storage.googleapis.com
local http://127.0.0.1:8879/charts
添加阿里镜像源:
[root@master helm]# helm repo add stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
"stable" has been added to your repositories
再查看:
[root@master helm]# helm repo list
NAME URL
stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
local http://127.0.0.1:8879/charts
[root@master helm]# helm repo list
NAME URL
stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
local http://127.0.0.1:8879/charts
[root@master helm]# helm version
Client: &version.Version{SemVer:"v2.14.3", GitCommit:"0e7f3b6637f7af8fcfddb3d2941fcc7cbebb0085", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.14.3", GitCommit:"0e7f3b6637f7af8fcfddb3d2941fcc7cbebb0085", GitTreeState:"clean"}
helm到此就搭建成功了
概念:
包管理工具:
Charts:是一个Helm的程序包,它包含了运行一个kubernets应用程序所需要的镜像、依赖关系和资源定义等。
Release:应用程序运行Charts之后,得到的一个实例。
命令:
1)查找Charts包:
[root@master ~]# helm search
应用:
[root@master ~]# helm search redis
NAME CHART VERSION APP VERSION DESCRIPTION
stable/redis 1.1.15 4.0.8 Open source, advanced key-value store. It is often referr...
stable/redis-ha 2.0.1 Highly available Redis cluster with multiple sentinels an...
stable/sensu 0.2.0 Sensu monitoring framework backed by the Redis transport
2)查看stable/redis包的详细信息:
[root@master ~]# helm inspect stable/redis
3)根据一个包(stable/redis)运行一个实例(redis):
[root@master ~]# helm install stable/redis -n redis --dry-run
NAME: redis
不在后台运行,去掉–dry-run:
[root@master ~]# helm install stable/redis -n redis
下载包:
[root@master archive]# helm fetch stable/prometheus
部署一个实例:helm install + charts -n Release名称。
1、关于Release的描述。
2、关于这个Release资源的描述。
3、怎么使用真个Release。
参考:Helm部署安装一个Mysql服务
查找Charts包:
[root@master ~]# helm search mysql
安装
[root@master ~]# helm install stable/mysql -n mysql
[root@master archive]# pwd
/root/.helm/cache/archive
[root@master archive]# ls
mysql-0.3.5.tgz redis-1.1.15.tgz
[root@master archive]# tar -zxvf mysql-0.3.5.tgz
[root@master archive]# ls
mysql mysql-0.3.5.tgz redis-1.1.15.tgz
[root@master archive]# yum -y install tree
[root@master archive]# tree -C mysql
mysql
├── Chart.yaml
├── README.md
├── templates
│ ├── configmap.yaml
│ ├── deployment.yaml
│ ├── _helpers.tpl
│ ├── NOTES.txt
│ ├── pvc.yaml
│ ├── secrets.yaml
│ └── svc.yaml
└── values.yaml
1 directory, 10 files
Charts包解压过后的目录:
[root@master mysql]# pwd
/root/.helm/cache/archive/mysql
Chart.yaml:
这个chart包的概要信息
name 和 version 这两个是必填项,其他可选。
README.md
是这个chart包的一个使用帮助文档
templates
chart包内各种资源对象的模板。
values.yaml
是这个chart包的默认的值,可以被templet内的yaml文件使用。
Helm部署mysql服务:
另外两台节点导入包:
[root@node01 ~]# docker load < mysql-5.7.14.tar
[root@node01 ~]# docker load < mysql-5.7.15.tar
[root@node02 ~]# docker load < mysql-5.7.14.tar
[root@node02 ~]# docker load < mysql-5.7.15.tar
[root@node01 ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mysql 5.7.15 18f13d72f7f0 3 years ago 383MB
mysql 5.7.14 4b3b6b994512 3 years ago 385MB
删除之前失败的:
[root@master archive]# helm delete mysql --purge
release "mysql" deleted
安装nfs工具:
[root@master archive]# yum -y install rpcbind nfs-utils
[root@node01 ~]# yum -y install rpcbind nfs-utils
[root@node02 ~]# yum -y install rpcbind nfs-utils
设置nfs:
[root@master archive]# mkdir /data
[root@master archive]# vim /etc/exports
/data *(rw,sync,no_root_squash)
[root@master archive]# systemctl restart rpcbind
[root@master archive]# systemctl restart nfs-server
[root@master archive]# showmount -e
Export list for master:
/data *
导入nfs-pv1.yml文件并更改:
[root@master archive]# vim nfs-pv1.yml
apiVersion: v1
kind: PersistentVolume
metadata:
name: mysqlpv
spec:
capacity:
storage: 8Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Recycle
nfs:
path: /data/mysqlpv
server: 192.168.1.10
生成PV:
[root@master archive]# kubectl apply -f nfs-pv1.yml
persistentvolume/mysqlpv created
查看PV:
[root@master archive]# kubectl get pv
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
mysqlpv 8Gi RWO Recycle Available 4s
[root@master archive]# mkdir /data/mysqlpv
在Charts缓存目录下下载chart镜像:
[root@master ~]# cd .helm/cache/archive/
[root@master archive]# helm fetch stable/mysql
解压一下:
[root@master archive]# tar -zxvf mysql-0.3.5.tgz
进到解压后的目录下生成:
[root@master archive]# cd mysql/
[root@master mysql]# helm install stable/mysql -n bdqn-mysql --set mysqlRootPassword=123.com
查看一下:
[root@master mysql]# kubectl get pod
NAME READY STATUS RESTARTS AGE
bdqn-mysql-mysql-7b89c7b99-vdsdh 1/1 Running 0 37s
[root@master mysql]# kubectl get pvc
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
bdqn-mysql-mysql Bound mysqlpv 8Gi RWO 108s
[root@master mysql]# kubectl get deployments.
NAME READY UP-TO-DATE AVAILABLE AGE
bdqn-mysql-mysql 1/1 1 1 2m8s
[root@master mysql]# kubectl get secret --namespace default bdqn-mysql-mysql -o jsonpath="{.data.mysql-root-password}" | base64 --decode; echo
123.com
[root@master mysql]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
bdqn-mysql-mysql ClusterIP 10.96.144.166 <none> 3306/TCP 12m
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 24d
进入mysql:
[root@master mysql]# kubectl exec -it bdqn-mysql-mysql-7b89c7b99-vdsdh -- mysql -u root -p123.com
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.02 sec)
mysql> exit
Bye
再部署mysql的时候,如何开启storageclass,以及如何使用?
[root@master mysql]# vim values.yaml
更改第55行:
基于nfs,创建sc。
创建rbac权限:
[root@master mysql]# vim rbac-rolebind.yaml
kind: Namespace
apiVersion: v1
metadata:
name: bdqn-test
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: nfs-provisioner
namespace: bdqn-test
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: nfs-provisioner-runner
namespace: bdqn-test
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["watch", "create", "update", "patch"]
- apiGroups: [""]
resources: ["services", "endpoints"]
verbs: ["get","create","list", "watch","update"]
- apiGroups: ["extensions"]
resources: ["podsecuritypolicies"]
resourceNames: ["nfs-provisioner"]
verbs: ["use"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: run-nfs-provisioner
subjects:
- kind: ServiceAccount
name: nfs-provisioner
namespace: bdqn-test
roleRef:
kind: ClusterRole
name: nfs-provisioner-runner
apiGroup: rbac.authorization.k8s.io
执行一下:
[root@master mysql]# kubectl apply -f rbac-rolebind.yaml
namespace/bdqn-test created
serviceaccount/nfs-provisioner created
clusterrole.rbac.authorization.k8s.io/nfs-provisioner-runner created
clusterrolebinding.rbac.authorization.k8s.io/run-nfs-provisioner created
基于deployment资源,创建, nfs-client-provisioner
[root@master mysql]# vim deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nfs-client-provisioner
namespace: bdqn-test
spec:
replicas: 3
strategy:
type: Recreate
template:
metadata:
labels:
app: nfs-client-provisioner
spec:
serviceAccount: nfs-provisioner
containers:
- name: nfs-client-provisioner
image: registry.cn-hangzhou.aliyuncs.com/open-ali/nfs-client-provisioner
volumeMounts:
- name: nfs-client-root
mountPath: /persistentvolumes
env:
- name: PROVISIONER_NAME
value: bdqn-test
- name: NFS_SERVER
value: 192.168.1.10
- name: NFS_PATH
value: /data
volumes:
- name: nfs-client-root
nfs:
server: 192.168.1.10
path: /data
执行一下:
[root@master mysql]# kubectl apply -f deployment.yaml
deployment.extensions/nfs-client-provisioner created
创建storageClass:
[root@master mysql]# vim bdqn-storageclass.yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: mysql-sc
namespace: bdqn-test
provisioner: bdqn-test
reclaimPolicy: Retain
执行一下:
[root@master mysql]# kubectl apply -f bdqn-storageclass.yaml
storageclass.storage.k8s.io/mysql-sc created
查看:
[root@master mysql]# kubectl get pod
NAME READY STATUS RESTARTS AGE
bdqn-mysql-mysql-7b89c7b99-nqclx 1/1 Running 0 59m
成功
如果想将service资源对象的类型更改为NodPort,又应该怎么做?
[root@master mysql]# helm delete bdqn-mysql --purge
release "bdqn-mysql" deleted
[root@master mysql]# kubectl get pv
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
mysqlpv 8Gi RWO Recycle Available 37m
[root@master mysql]# helm fetch stable/mysql
[root@master mysql]# tar -zxvf mysql-0.3.5.tgz
[root@master mysql]# cd mysql/
[root@master mysql]# vim values.yaml
更改第79行
[root@master mysql]# helm install stable/mysql -n bdqn-mysql --set mysqlRootPassword=123.com -f values.yaml
服务的升级
[root@master mysql]# helm list
NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE
bdqn-mysql 1 Mon Mar 2 16:40:35 2020 DEPLOYED mysql-0.3.5 default
[root@master mysql]# vim values.yaml
55行注释掉:
[root@master mysql]# helm upgrade --set imageTag=5.7.15 bdqn-mysql stable/mysql -f values.yaml
确认一下:
服务的回滚
[root@master mysql]# helm history bdqn-mysql
REVISION UPDATED STATUS CHART DESCRIPTION
1 Mon Mar 2 16:40:35 2020 SUPERSEDED mysql-0.3.5 Install complete
2 Mon Mar 2 17:50:01 2020 DEPLOYED mysql-0.3.5 Upgrade complete
[root@master mysql]# helm rollback bdqn-mysql 1
Rollback was a success.
确认一下: