安装Helm
[root@k8s-master01 ~]
[root@k8s-master01 plugin]
[root@k8s-master01 plugin]
/usr/local/install-k8s/plugin
[root@k8s-master01 plugin]
2020年 06月 10日 星期三 09:24:53 CST
[root@k8s-master01 plugin]
--2020-06-10 09:26:02-- https://storage.googleapis.com/kubernetes-helm/helm-v2.13.1-linux-amd64.tar.gz
正在解析主机 storage.googleapis.com (storage.googleapis.com)... 34.64.4.112
正在连接 storage.googleapis.com (storage.googleapis.com)|34.64.4.112|:443... 已连接。
无法建立 SSL 连接。
[root@k8s-master01 plugin]
flannel Helm ingress
[root@k8s-master01 plugin]
rz waiting to receive.
[root@k8s-master01 plugin]
linux-amd64/
linux-amd64/LICENSE
linux-amd64/tiller
linux-amd64/helm
linux-amd64/README.md
[root@k8s-master01 plugin]
[root@k8s-master01 linux-amd64]
[root@k8s-master01 linux-amd64]
[root@k8s-master01 linux-amd64]
[root@k8s-master01 plugin]
flannel Helm helm-v2.13.1-linux-amd64.tar.gz ingress linux-amd64
[root@k8s-master01 plugin]
[root@k8s-master01 plugin]
[root@k8s-master01 plugin]
[root@k8s-master01 Helm]
helm-v2.13.1-linux-amd64.tar.gz linux-amd64
[root@k8s-master01 Helm]
[root@k8s-master01 Helm]
apiVersion: v1
kind: ServiceAccount
metadata:
name: tiller
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: tiller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: tiller
namespace: kube-system
[root@k8s-master01 Helm]
serviceaccount/tiller created
clusterrolebinding.rbac.authorization.k8s.io/tiller created
[root@k8s-master01 Helm]
Creating /root/.helm
Creating /root/.helm/repository
Creating /root/.helm/repository/cache
Creating /root/.helm/repository/local
Creating /root/.helm/plugins
Creating /root/.helm/starters
Creating /root/.helm/cache/archive
Creating /root/.helm/repository/repositories.yaml
Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com
Adding local repo with URL: http://127.0.0.1:8879/charts
$HELM_HOME has been configured at /root/.helm.
Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.
Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.
To prevent this, run `helm init` with the --tiller-tls-verify flag.
For more information on securing your installation see: https://docs.helm.sh/using_helm/
Happy Helming!
[root@k8s-master01 Helm]
NAME READY STATUS RESTARTS AGE
coredns-5c98db65d4-g8555 1/1 Running 0 19h
coredns-5c98db65d4-jtmst 1/1 Running 149 7d18h
etcd-k8s-master01 1/1 Running 5 10d
kube-apiserver-k8s-master01 1/1 Running 6 10d
kube-controller-manager-k8s-master01 1/1 Running 11 10d
kube-flannel-ds-amd64-hfq4w 1/1 Running 5 10d
kube-flannel-ds-amd64-s5qdd 1/1 Running 0 17h
kube-flannel-ds-amd64-wwnvz 1/1 Running 2 10d
kube-proxy-4k2k7 1/1 Running 2 7d23h
kube-proxy-4thcv 1/1 Running 3 10d
kube-proxy-bshkp 1/1 Running 5 10d
kube-scheduler-k8s-master01 1/1 Running 11 10d
tiller-deploy-58565b5464-xwz27 0/1 ContainerCreating 0 14s
[root@k8s-master01 Helm]
helm-v2.13.1-linux-amd64.tar.gz linux-amd64 serviceaccount.yaml
[root@k8s-master01 Helm]
rz waiting to receive.
[root@k8s-master01 Helm]
3fc64803ca2d: Loading layer [==================================================>] 4.463MB/4.463MB
79395a173ae6: Loading layer [==================================================>] 6.006MB/6.006MB
c33cd2d4c63e: Loading layer [==================================================>] 37.16MB/37.16MB
d727bd750bf2: Loading layer [==================================================>] 36.89MB/36.89MB
Loaded image: gcr.io/kubernetes-helm/tiller:v2.13.1
[root@k8s-master01 Helm]
NAME READY STATUS RESTARTS AGE
coredns-5c98db65d4-g8555 1/1 Running 0 20h
coredns-5c98db65d4-jtmst 1/1 Running 149 7d20h
etcd-k8s-master01 1/1 Running 5 10d
kube-apiserver-k8s-master01 1/1 Running 6 10d
kube-controller-manager-k8s-master01 1/1 Running 11 10d
kube-flannel-ds-amd64-hfq4w 1/1 Running 5 10d
kube-flannel-ds-amd64-s5qdd 1/1 Running 0 19h
kube-flannel-ds-amd64-wwnvz 1/1 Running 2 10d
kube-proxy-4k2k7 1/1 Running 2 8d
kube-proxy-4thcv 1/1 Running 3 10d
kube-proxy-bshkp 1/1 Running 5 10d
kube-scheduler-k8s-master01 1/1 Running 11 10d
tiller-deploy-58565b5464-xwz27 1/1 Running 0 83m
[root@k8s-master01 Helm]
Client: &version.Version{SemVer:"v2.13.1", GitCommit:"618447cbf203d147601b4b9bd7f8c37a5d39fbb4", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.13.1", GitCommit:"618447cbf203d147601b4b9bd7f8c37a5d39fbb4", GitTreeState:"clean"}
[root@k8s-master01 Helm]
[root@k8s-master01 Helm]
[root@k8s-master01 hello-world]
[root@k8s-master01 hello-world]
name: hello-world
version: 1.0.0
[root@k8s-master01 hello-world]
[root@k8s-master01 hello-world]
[root@k8s-master01 hello-world]
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: hello-world
spec:
replicas: 1
template:
metadata:
labels:
app: hello-world
spec:
containers:
- name: hello-world
image: wangyanglinux/myapp:v1
ports:
- containerPort: 80
protocol: TCP
[root@k8s-master01 hello-world]
[root@k8s-master01 hello-world]
apiVersion: v1
kind: Service
metadata:
name: hello-world
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
protocol: TCP
selector:
app: hello-world
[root@k8s-master01 hello-world]
NAME: punk-chinchilla
LAST DEPLOYED: Wed Jun 10 13:24:37 2020
NAMESPACE: default
STATUS: DEPLOYED
RESOURCES:
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
hello-world-c55d4d7df-ffdzp 0/1 ContainerCreating 0 0s
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
hello-world NodePort 10.102.26.122 <none> 80:32660/TCP 0s
==> v1beta1/Deployment
NAME READY UP-TO-DATE AVAILABLE AGE
hello-world 0/1 1 0 0s
[root@k8s-master01 hello-world]
NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE
punk-chinchilla 1 Wed Jun 10 13:24:37 2020 DEPLOYED hello-world-1.0.0 default
[root@k8s-master01 hello-world]
NAME READY STATUS RESTARTS AGE
hello-world-c55d4d7df-ffdzp 1/1 Running 0 59s
[root@k8s-master01 hello-world]
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>
[root@k8s-master01 hello-world]
Release "punk-chinchilla" has been upgraded. Happy Helming!
LAST DEPLOYED: Wed Jun 10 13:27:32 2020
NAMESPACE: default
STATUS: DEPLOYED
RESOURCES:
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
hello-world-c55d4d7df-ffdzp 1/1 Running 0 2m53s
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
hello-world NodePort 10.102.26.122 <none> 80:32660/TCP 2m53s
==> v1beta1/Deployment
NAME READY UP-TO-DATE AVAILABLE AGE
hello-world 1/1 1 1 2m53s
[root@k8s-master01 Helm]
--snip--
[root@k8s-master01 Helm]
NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE
punk-chinchilla 2 Wed Jun 10 13:27:32 2020 DEPLOYED hello-world-1.0.0 default
[root@k8s-master01 Helm]
REVISION UPDATED STATUS CHART DESCRIPTION
1 Wed Jun 10 13:24:37 2020 SUPERSEDED hello-world-1.0.0 Install complete
2 Wed Jun 10 13:27:32 2020 DEPLOYED hello-world-1.0.0 Upgrade complete
分离镜像配置
[root@k8s-master01 hello-world]
[root@k8s-master01 hello-world]
image:
repository: wangyanglinux/myapp
tag: "v2"
[root@k8s-master01 hello-world]
[root@k8s-master01 hello-world]
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: hello-world
spec:
replicas: 1
template:
metadata:
labels:
app: hello-world
spec:
containers:
- name: hello-world
image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
ports:
- containerPort: 80
protocol: TCP
[root@k8s-master01 hello-world]
Release "punk-chinchilla" has been upgraded. Happy Helming!
LAST DEPLOYED: Wed Jun 10 13:51:31 2020
NAMESPACE: default
STATUS: DEPLOYED
RESOURCES:
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
hello-world-6bf5bd9f56-8djv2 0/1 ContainerCreating 0 1s
hello-world-c55d4d7df-ffdzp 1/1 Terminating 0 26m
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
hello-world NodePort 10.102.26.122 <none> 80:32660/TCP 26m
==> v1beta1/Deployment
NAME READY UP-TO-DATE AVAILABLE AGE
hello-world 0/1 1 0 26m
[root@k8s-master01 hello-world]
NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE
punk-chinchilla 3 Wed Jun 10 13:51:31 2020 DEPLOYED hello-world-1.0.0 default
[root@k8s-master01 hello-world]
NAME READY STATUS RESTARTS AGE
hello-world-6bf5bd9f56-8djv2 1/1 Running 0 16s
[root@k8s-master01 hello-world]
REVISION UPDATED STATUS CHART DESCRIPTION
1 Wed Jun 10 13:24:37 2020 SUPERSEDED hello-world-1.0.0 Install complete
2 Wed Jun 10 13:27:32 2020 SUPERSEDED hello-world-1.0.0 Upgrade complete
3 Wed Jun 10 13:51:31 2020 DEPLOYED hello-world-1.0.0 Upgrade complete
[root@k8s-master01 hello-world]
release "punk-chinchilla" deleted
[root@k8s-master01 hello-world]
[root@k8s-master01 hello-world]
[root@k8s-master01 hello-world]
release "punk-chinchilla" deleted
[root@k8s-master01 hello-world]
[root@k8s-master01 hello-world]
使用Helm部署Dashboard
971 vim kubernetes-dashboard.yaml
mkdir dashboard
cd dashboard/
helm repo update
helm fetch stable/kubernetes-dashboard
rz
tar -zxvf kubernetes-dashboard-1.11.1.tgz
cd kubernetes-dashboard
[root@k8s-master01 kubernetes-dashboard]
Chart.yaml kubernetes-dashboard-amd64-v1.10.1.tar kubernetes-dashboard.yaml README.md templates values.yaml
[root@k8s-master01 kubernetes-dashboard]
image:
repository: k8s.gcr.io/kubernetes-dashboard-amd64
tag: v1.10.1
ingress:
enabled: true
hosts:
- k8s.frognew.com
annotations:
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
tls:
- secretName: frognew-com-tls-secret
hosts:
- k8s.frognew.com
rbac:
clusterAdminRole: true
helm install . -n kubernetes-dashboard --namespace kube-system -f kubernetes-dashboard.yaml
kubectl get pod -n kube-system
kubectl describe pod -n kube-system kubernetes-dashboard-77f54dc48f-q8lpv
rz -E
docker load --input kubernetes-dashboard-amd64-v1.10.1.tar
kubectl get pod -n kube-system
kubectl edit svc kubernetes-dashboard -n kube-system
[root@k8s-master01 kubernetes-dashboard]
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 11d
kubernetes-dashboard NodePort 10.111.74.104 <none> 443:31716/TCP 7h50m
tiller-deploy ClusterIP 10.97.113.147 <none> 44134/TCP 12h
[root@k8s-master01 kubernetes-dashboard]
kubernetes-dashboard-token-bfgkd kubernetes.io/service-account-token 3 8h
[root@k8s-master01 kubernetes-dashboard]
Name: kubernetes-dashboard-token-bfgkd
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: kubernetes-dashboard
kubernetes.io/service-account.uid: a59a7491-2eee-4b7e-8761-999cc912b4e1
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1025 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi1iZmdrZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImE1OWE3NDkxLTJlZWUtNGI3ZS04NzYxLTk5OWNjOTEyYjRlMSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.gpSESzCIL8sVwL1vnGg7lEx4xxdagMWwED3t0cUb0Y72dfkGmvke7etM0jvMVeZfJlUe_XykWyW6Cah64LiyFy02eZbz47lAVc9-bM2wASydqivzx6xVG20ygeH3rYvu48ce-mqHnKT_VDn3mEl7dE2VH_p_J9v5ytqLjS8vF3dgi0tnUdZXPM4aFnFecXs_XHf3_0BuoFWs8qOmdIF_UwKRA2tEJbBhpVlwe2Gs0TDWq-G9mPOfAgZ5kTsdOu6iOcvpIS_Zm3xxg6ykDwk-2tXH0NN8tEsX9hlSQfBhqxjp0RddwP1TrKwF8SxjhvEcXhB1g6OMa_2371GFm8n5vQ