1. 构建一个 Helm Chart
[kubeadm@server1 helm]$ helm create mychart
Creating mychart
[kubeadm@server1 helm]$ ls
mychart redis-ha
[kubeadm@server1 helm]$ cd mychart/
[kubeadm@server1 mychart]$ tree .
.
├── charts
├── Chart.yaml
├── templates
│ ├── deployment.yaml
│ ├── _helpers.tpl
│ ├── hpa.yaml
│ ├── ingress.yaml
│ ├── NOTES.txt
│ ├── serviceaccount.yaml
│ ├── service.yaml
│ └── tests
│ └── test-connection.yaml
└── values.yaml
3 directories, 10 files
[kubeadm@server1 mychart]$ ls
charts Chart.yaml templates values.yaml
values.yaml //用于获取变量
chart.yaml //介绍发行版本
[kubeadm@server1 mychart]$ helm lint . // 检测当前目录依赖和模板配置是否正确
==> Linting .
[INFO] Chart.yaml: icon is recommended
1 chart(s) linted, 0 chart(s) failed
[kubeadm@server2 helm]$ helm package mychart/ // 将应用打包
Successfully packaged chart and saved it to: /home/kubeadm/helm/mychart-0.1.0.tgz
[kubeadm@server2 helm]$ ls
mychart mychart-0.1.0.tgz redis-ha
- 编写mychart的应用描述信息
$ vim Chart.yaml
apiVersion: v2
name: mychart
description: A Helm chart for Kubernetes
type: application
version: 0.1.0
appVersion: latest
- 编写应用部署信息:
$ vim values.yaml
replicaCount: 1
image:
repository: game2048
pullPolicy: IfNotPresent
...
[kubeadm@server1 mychart]$ ls
charts Chart.yaml templates values.yaml
[kubeadm@server1 mychart]$
主要是编写value.yaml文件
- 修改harbor仓库的配置:
把values.yaml文件指定的镜像提前push到本地的私有镜像仓库中,并修改values.conf文件中的镜像名称,如下格式:
nginx:
image:
repository: reg.westos.org //确保可以从私有仓库下载
tag: v1.10.1
$ vim values.yaml
expose:
type: nodePort
tls:
enabled: false
harbor仓库默认会动态创建PV持久卷,如果集群中不支持,可以禁用相应的配置:
persistence:
enabled: false
2. 构建本地chart仓库
方式一:
helm v3 需要外部仓库软件的支持:https://github.com/goharbor/harbor-helm
$ helm repo add harbor https://helm.goharbor.io
$ helm pull harbor/harbor
方式二:使用我自己搭建的harbor仓库
在harbor私有仓库中新建一个charts项目(公有项目)
可以看出现在仓库还没有chart
将仓库添加到helm:
[kubeadm@server1 helm]$ helm repo add mychart https://reg.westos.org/chartrepo/charts
Error: looks like "https://reg.westos.org/chartrepo/charts" is not a valid chart repository or cannot be reached: Get https://reg.westos.org/chartrepo/charts/index.yaml: x509: certificate signed by unknown authority
//问题:需要证书x509: certificate signed by unknown authority
[kubeadm@server1 helm]$
可以看出报错是缺少证书,可以将证书复制到redhat的全局证书地址