k8s包管理工具-Helm

HoweWWW

于 2024-09-17 13:50:10 发布

阅读量1.2k

点赞数 20

文章标签： kubernetes 容器云原生

本文链接：https://blog.csdn.net/howewww/article/details/142313938

版权

5.1 在harbor仓库中构建一个公开的项目

一 helm简介

Helm是Kubernetes 应用的包管理工具，主要用来管理 Charts，类似Linux系统的yum。
Helm Chart是用来封装Kubernetes原生应用程序的一系列YAML文件。可以在你部署应用的时候自定义应用程序的一些 Metadata，以便于应用程序的分发。
对于应用发布者而言
通过Helm打包应用、管理应用依赖关系、管理应用版本并发布应用到软件仓库。
对于使用者而言
使用Helm后可以以简单的方式在Kubernetes上查找、安装、升级、回滚、卸载应用程序

二部署helm

2.1 官网与资源

官网： Helm | 快速入门指南

软件资源： Releases · helm/helm · GitHub

2.2部署helm

2.2.1 安装helm

[root@k8s-master helm]# ls
helm-push_0.10.4_linux_amd64.tar.gz  helm-v3.15.4-linux-amd64.tar.gz

[root@k8s-master helm]# tar zxf helm-v3.15.4-linux-amd64.tar.gz 
[root@k8s-master helm]# cd linux-amd64/
[root@k8s-master linux-amd64]# ls
helm  LICENSE  README.md
[root@k8s-master linux-amd64]# cp -p helm /usr/local/bin/

2.2.2 配置helm命令补齐

[root@k8s-master linux-amd64]# echo "source <(helm completion bash)" >> ~/.bashrc
[root@k8s-master linux-amd64]# source ~/.bashrc 
[root@k8s-master linux-amd64]# helm version 
version.BuildInfo{Version:"v3.15.4", GitCommit:"fa9efb07d9d8debbb4306d72af76a383895aa8c4", GitTreeState:"clean", GoVersion:"go1.22.6"}

三 helm常用操作

命令	描述
create	创建一个 chart 并指定名字
dependency	管理 chart 依赖
get	下载一个 release。可用子命令：all、hooks、manifest、notes、values
history	获取 release 历史
install	安装一个 chart
list	列出 release
package	将 chart 目录打包到 chart 存档文件中
pull	从远程仓库中下载 chart 并解压到本地 # helm pull stable/mysql -- untar
repo	添加，列出，移除，更新和索引 chart 仓库。可用子命令：add、index、 list、remove、update
rollback	从之前版本回滚
search	根据关键字搜索 chart。可用子命令：hub、repo
show	查看 chart 详细信息。可用子命令：all、chart、readme、values
status	显示已命名版本的状态
template	本地呈现模板
uninstall	卸载一个 release
upgrade	更新一个 release
version	查看 helm 客户端版本

3.1 查询官方应用中心

[root@k8s-master helm]# helm search  hub nginx		#在官方仓库中搜索
[root@k8s-master helm]# helm  search  repo  nginx	#在本地仓库中搜索

3.2 管理第三方repo源

阿里云仓库：https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
bitnami仓库： https://charts.bitnami.com/bitnami
微软仓库：Index of /kubernetes/charts/
官方仓库： https://hub.kubeapps.com/charts/incubator

#添加阿里云仓库
[root@k8s-master helm]# helm repo add aliyun https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
"aliyun" has been added to your repositories

#添加bitnami仓库	
[root@k8s-master helm]# helm repo add bitnami https://charts.bitnami.com/bitnami


#查看仓库信息
[root@k8s-master helm]# helm repo list
NAME    URL
aliyun  https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
bitnami https://charts.bitnami.com/bitnami

#查看仓库存储helm清单
[root@k8s-master helm]# helm search repo  aliyun

#删除第三方存储库
[root@k8s-master helm]# helm repo list
NAME    URL
aliyun  https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
bitnami https://charts.bitnami.com/bitnami

[root@k8s-master helm]# helm repo remove aliyun
"aliyun" has been removed from your repositories
[root@k8s-master helm]# helm repo list
NAME    URL
bitnami https://charts.bitnami.com/bitnami

3.3 helm的使用方法

1 查找chart

[root@k8s-master helm]# helm search repo nginx
NAME                   	CHART VERSION	APP VERSION	DESCRIPTION                                       
aliyun/nginx-ingress   	0.9.5        	0.10.2     	An nginx Ingress controller that uses ConfigMap...
aliyun/nginx-lego      	0.3.1        	           	Chart for nginx-ingress-controller and kube-lego  
aliyun/gcloud-endpoints	0.1.0        	           	Develop, deploy, protect and monitor your APIs ...

2 查看chart信息

[root@k8s-master helm]# helm show chart howe-0.1.0.tgz 
apiVersion: v2
appVersion: v1
description: A Helm chart for Kubernetes
name: howe
type: application
version: 0.1.0

3 查看项目的发布状态

[root@k8s-master ~]# helm status howe
[root@k8s-master helm]# helm status howe
NAME: howe
LAST DEPLOYED: Wed Sep 11 15:12:13 2024
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
1. Get the application URL by running these commands:
  http://myapp.exam.com/

4 卸载项目

[root@k8s-master nginx]# helm uninstall howe
release "howe" uninstalled

3.4 安装项目前预定义项目选项

#上传项目所需要镜像到仓库
[root@k8s-master ~]# docker tag bitnami/nginx:1.27.1-debian-12-r2 reg.exam.com/bitnami/nginx:1.27.1-debian-12-r2
[root@k8s-master ~]# docker push reg.exam.com/bitnami/nginx:1.27.1-debian-12-r2

[root@k8s-master helm]# helm pull aliyun/nginx-ingress
[root@k8s-master helm]# tar zxf nginx-ingress-0.9.5.tgz 
[root@k8s-master helm]# cd nginx-ingress/
[root@k8s-master nginx-ingress]# ls
Chart.yaml  README.md  templates  values.yaml
[root@k8s-master nginx-ingress]# vim values.yaml


[root@k8s-master ~]# cd helm/
[root@k8s-master helm]# ls
nginx-18.1.11.tgz
[root@k8s-master helm]# tar zxf nginx-18.1.11.tgz
[root@k8s-master helm]# cd nginx
[root@k8s-master nginx]# ls
Chart.lock  charts  Chart.yaml  README.md  templates  values.schema.json  values.yaml
[root@k8s-master nginx]# cd templates/
[root@k8s-master templates]# ls
deployment.yaml      hpa.yaml                 NOTES.txt                    serviceaccount.yaml
extra-list.yaml      ingress-tls-secret.yaml  pdb.yaml                     servicemonitor.yaml
health-ingress.yaml  ingress.yaml             prometheusrules.yaml         svc.yaml
_helpers.tpl         networkpolicy.yaml       server-block-configmap.yaml  tls-secret.yaml
[root@k8s-master templates]# cd ..
[root@k8s-master nginx]# ls
Chart.lock  charts  Chart.yaml  README.md  templates  values.schema.json  values.yaml

[root@k8s-master nginx]# vim values.yaml
  13   imageRegistry: "reg.exam.com"
  82   repository: bitnami/nginx
  83   tag: 1.27.1-debian-12-r2

[root@k8s-master nginx]# cd ..
[root@k8s-master helm]# ls
nginx-1.27.1-debian-12-r2.tar

#导入 打标签 上传镜像
[root@k8s-master ~]# docker load -i nginx-1.27.1-debian-12-r2.tar 
30f5b1069b7f: Loading layer [==================================================>]  190.1MB/190.1MB

Loaded image: bitnami/nginx:1.27.1-debian-12-r2
[root@k8s-master ~]# docker tag bitnami/nginx:1.27.1-debian-12-r2 reg.exam.com/bitnami/nginx:1.27.1-debian-12-r2

[root@k8s-master ~]# docker push reg.exam.com/bitnami/nginx:1.27.1-debian-12-r2 
The push refers to repository [reg.exam.com/bitnami/nginx]
30f5b1069b7f: Pushed 
1.27.1-debian-12-r2: digest: sha256:6825a4d52b84873dd08c26d38dccce3d78d4d9f470b7555afdc4edfb4de7e595 size: 529

[root@k8s-master helm]# tar zcf nginx-18.1.11.tgz nginx
[root@k8s-master helm]# ls

#安装
[root@k8s-master helm]# helm install new-nginx nginx-18.1.11.tgz 

[root@k8s-master helm]# kubectl get pods
NAME                         READY   STATUS    RESTARTS        AGE
new-nginx-6f8cbf89c7-gv7xg   1/1     Running   0               41s

[root@k8s-master helm]# kubectl get svc
NAME         TYPE           CLUSTER-IP       EXTERNAL-IP     PORT(S)                      AGE
new-nginx    LoadBalancer   10.111.84.132    172.25.250.51   80:32452/TCP,443:30885/TCP   98s

#curl （注意检查calico网络插件是否running）
[root@k8s-master helm]# curl 172.25.250.51
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

#如果curl不通 除了检查网络插件 还需要卸载重新安装

四构建helm中的chart包

4.1 Helm Chart目录结构

#建立chart项目
[root@k8s-master helm]# helm create howe
Creating howe

[root@k8s-master helm]# ls
howe

[root@k8s-master helm]# tree howe/
howe/
├── charts			        #目录里存放这个chart依赖的所有子chart
├── Chart.yaml		        #用于描述这个 Chart 的基本信息
					        #包括名字、描述信息以及版本等
├── templates		        #目录里面存放所有 yaml 模板文件
│   ├── deployment.yaml
│   ├── _helpers.tpl	    #放置模板助手的地方，可以在整个 chart 中重复使用
│   ├── hpa.yaml
│   ├── ingress.yaml
│   ├── NOTES.txt
│   ├── serviceaccount.yaml
│   ├── service.yaml
│   └── tests
│       └── test-connection.yaml
└── values.yaml		        #用于存储 templates 目录中模板文件中用到变量的值

3 directories, 10 files

4.2 构建方法

[root@k8s-master helm]# cd howe/
[root@k8s-master howe]# vim Chart.yaml
apiVersion: v2
name: howe
description: A Helm chart for Kubernetes
type: application
version: 0.1.0				#项目版本
appVersion: "v1"			#软件版本

[root@k8s-master howe]# vim values.yaml
image:
  repository: myapp
  pullPolicy: IfNotPresent
  tag: "v1"

ingress:
  enabled: true
  className: "nginx"
  annotations: {}
    # kubernetes.io/ingress.class: nginx
    # kubernetes.io/tls-acme: "true"
  hosts:
    - host: myapp.exam.com
      paths:
        - path: /
          pathType: ImplementationSpecific
          
#语法检测
[root@k8s-master howe]# helm lint .
==> Linting .
[INFO] Chart.yaml: icon is recommended

1 chart(s) linted, 0 chart(s) failed

#项目打包
[root@k8s-master howe]# cd ..
[root@k8s-master helm]# helm package howe/
Successfully packaged chart and saved it to: /root/helm/howe-0.1.0.tgz
[root@k8s-master helm]# ls
howe  howe-0.1.0.tgz 

#项目可以通过各种分享方式发方为任何人后部署即可
[root@k8s-master helm]# helm install howe howe-0.1.0.tgz 
NAME: howe
LAST DEPLOYED: Wed Sep 11 15:12:13 2024
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
1. Get the application URL by running these commands:
  http://myapp.exam.com/

 
[root@k8s-master helm]# kubectl get pods 
NAME                        READY   STATUS    RESTARTS        AGE
howe-68dd877577-bb77m       1/1     Running   0               18s

[root@k8s-master helm]# kubectl get ingress
NAME               CLASS   HOSTS            ADDRESS         PORTS   AGE
howe               nginx   myapp.exam.com   172.25.250.20   80      64s

五构建helm仓库

5.1 在harbor仓库中构建一个公开的项目

5.2 安装helm push插件

官方网址：GitHub - chartmuseum/helm-push: Helm plugin to push chart package to ChartMuseum

5.2.1 在线安装

如果网络没问题情况下直接安装即可

[root@k8s-master helm]# dnf install git -y
[root@k8s-master helm]# helm plugin install https://github.com/chartmuseum/helm-push

5.2.2 离线安装

#创建helm plugin的存放目录
[root@k8s-master helm]# mkdir ~/.local/share/helm/plugins/helm-push -p

#解压push插件包到指定目录
[root@k8s-master helm]# tar zxf helm-push_0.10.4_linux_amd64.tar.gz -C ~/.local/share/helm/plugins/helm-push

[root@k8s-master helm]# ls ~/.local/share/helm/plugins/helm-push 
bin  LICENSE  plugin.yaml

#查看helm调用命令是否成功
[root@k8s-master helm]# helm cm-push --help
Helm plugin to push chart package to ChartMuseum

Examples:

  $ helm cm-push mychart-0.1.0.tgz chartmuseum       # push .tgz from "helm package"
  $ helm cm-push . chartmuseum                       # package and push chart directory
  $ helm cm-push . --version="1.2.3" chartmuseum     # override version in Chart.yaml
  $ helm cm-push . https://my.chart.repo.com         # push directly to chart repo URL

5.3 上传项目到仓库

5.3.1 添加仓库

#添加仓库时报错，因为我们用的是加密访问
[root@k8s-master helm]# helm repo add howe https://reg.exam.com/chartrepo/howe
Error: looks like "https://reg.exam.com/chartrepo/howe" is not a valid chart repository or cannot be reached: Get "https://reg.exam.com/chartrepo/howe/index.yaml": tls: failed to verify certificate: x509: certificate signed by unknown authority

#为helm添加证书
[root@k8s-master helm]# cp /etc/docker/certs.d/reg.exam.com/ca.crt /etc/pki/ca-trust/source/anchors/

#更新本地ca认证库
[root@k8s-master helm]# update-ca-trust

#再次添加仓库
[root@k8s-master helm]# helm repo add howe https://reg.exam.com/chartrepo/howe
"howe" has been added to your repositories

#查看仓库
[root@k8s-master helm]# helm repo list 
NAME  	URL                                                   
aliyun	https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
howe  	https://reg.exam.com/chartrepo/howe

5.3.2 上传本地项目

#命令执行格式
helm cm-push <项目名称> <仓库名称> -u admin -p redhat
[root@k8s-master helm]# helm cm-push howe-0.1.0.tgz howe -u admin -p redhat
Pushing howe-0.1.0.tgz to howe...
Done.

#查看项目上传情况
[root@k8s-master helm]# helm search repo howe
No results found			#上传后数据未更新

#更新仓库
[root@k8s-master helm]# helm repo update howe
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "howe" chart repository
Update Complete. ⎈Happy Helming!⎈

#再次查看
[root@k8s-master helm]# helm search repo howe
NAME     	CHART VERSION	APP VERSION	DESCRIPTION                
howe/howe	0.1.0        	v1         	A Helm chart for Kubernetes

#安装项目
[root@k8s-master helm]# helm install superhowe howe/howe
Error: INSTALLATION FAILED: 1 error occurred:
	* admission webhook "validate.nginx.ingress.kubernetes.io" denied the request: host "myapp.exam.com" and path "/" is already defined in ingress default/howe

#ingress冲突问题
[root@k8s-master ~]# kubectl get ingress
NAME   CLASS   HOSTS            ADDRESS         PORTS   AGE
howe   nginx   myapp.exam.com   172.25.250.20   80      4h15m

[root@k8s-master ~]# kubectl delete ingress howe 
ingress.networking.k8s.io "howe" deleted

#重新安装
[root@k8s-master helm]# helm install superhowe howe/howe
NAME: superhowe
LAST DEPLOYED: Wed Sep 11 19:30:32 2024
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
1. Get the application URL by running these commands:
  http://myapp.exam.com/

[root@k8s-master ~]# kubectl get ingress
NAME        CLASS   HOSTS            ADDRESS         PORTS   AGE
superhowe   nginx   myapp.exam.com   172.25.250.20   80      84s

[root@k8s-master helm]# helm search repo howe -l 
NAME     	CHART VERSION	APP VERSION	DESCRIPTION                
howe/howe	0.1.0        	v1         	A Helm chart for Kubernetes

[root@k8s-master helm]# curl myapp.exam.com
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>

六 helm的版本迭代

6.1 从新构建新版本项目

[root@k8s-master helm]# vim howe/Chart.yaml 
 18 version: 0.2.0
 24 appVersion: "v2"

[root@k8s-master helm]# vim howe/values.yaml
 11   tag: "v2"

[root@k8s-master helm]# helm package howe
Successfully packaged chart and saved it to: /root/helm/howe-0.2.0.tgz

6.2 上传项目到helm仓库中

[root@k8s-master helm]# helm cm-push howe-0.1.0.tgz howe -u admin -p redhat
Pushing howe-0.1.0.tgz to howe...
Done.

[root@k8s-master helm]# helm cm-push howe-0.2.0.tgz howe -u admin -p redhat
Pushing howe-0.2.0.tgz to howe...
Done.

[root@k8s-master helm]# helm repo update howe 
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "howe" chart repository
Update Complete. ⎈Happy Helming!⎈

[root@k8s-master helm]# helm search repo 
[root@k8s-master helm]# helm search repo howe -l
NAME     	CHART VERSION	APP VERSION	DESCRIPTION                
howe/howe	0.2.0        	v2         	A Helm chart for Kubernetes
howe/howe	0.1.0        	v1         	A Helm chart for Kubernetes

6.3 更新应用

#1.更新
[root@k8s-master helm]# helm upgrade superhowe howe/howe 
Release "superhowe" has been upgraded. Happy Helming!
NAME: superhowe
LAST DEPLOYED: Wed Sep 11 20:56:00 2024
NAMESPACE: default
STATUS: deployed
REVISION: 2
NOTES:
1. Get the application URL by running these commands:
  http://myapp.exam.com/
  
[root@k8s-master helm]# curl http://myapp.exam.com/
Hello MyApp | Version: v2 | <a href="hostname.html">Pod Name</a>

#显示项目版本
[root@k8s-master helm]# helm history superhowe 
REVISION	UPDATED                 	STATUS    	CHART     	APP VERSION	DESCRIPTION     
1       	Wed Sep 11 19:30:32 2024	superseded	howe-0.1.0	v1         	Install complete
2       	Wed Sep 11 20:56:00 2024	superseded	howe-0.2.0	v2         	Upgrade complete

#2.应用回滚
[root@k8s-master helm]# helm rollback superhowe 
Rollback was a success! Happy Helming!

[root@k8s-master helm]# helm history superhowe 
REVISION	UPDATED                 	STATUS    	CHART     	APP VERSION	DESCRIPTION     
1       	Wed Sep 11 19:30:32 2024	superseded	howe-0.1.0	v1         	Install complete
2       	Wed Sep 11 20:56:00 2024	superseded	howe-0.2.0	v2         	Upgrade complete
3       	Wed Sep 11 20:59:30 2024	deployed  	howe-0.1.0	v1         	Rollback to 1  

[root@k8s-master helm]# curl http://myapp.exam.com/
Hello MyApp | Version: v1 | <a href="hostname.html">Pod Name</a>