Helm 是 Kubernetes 的包管理工具,类似与 Linux 的包管理器,如 RedHat 系的 yum,可以方便的将打包好的 yaml 文件部署到 Kubernetes 上。
Helm主要解决以下问题:
- 把 yaml 文件作为一个整体管理
- 实现 yaml 的高效复用
- 实现应用级别的版本管理
Helm 有3个重要概念:
- helm: 命令行工具,主要用于 Kubernetes 应用 chart 的创建、 打包、 发布和管理
- Chart:应用描述,一系列用于描述 k8s 资源相关文件的集合
- Release:基于 Chart 的部署实体,一个 chart 被 Helm 运行后将会生成对应的一个release;release是在 k8s 中创建出真实运行的资源对象。
Helm 命令行:
# helm repo update # 更新repo仓库 # helm repo list # 查看当前使用的仓库 # helm repo add xxx # 添加repo地址 # helm search xxx # 搜索应用 # helm inspect xxx # 查看chart的信息,会把chart下载到本地 # helm install xxx # 安装chart # helm delete xxx # 删除release # helm upgrade/rollback xxx # 升级/回滚 # helm list # 列出release 更多用法可以使用 helm --help 查询
1. Chart 目录结构
├── charts
├── Chart.yaml
├── templates
│ ├── deployment.yaml
│ ├── _helpers.tpl
│ ├── hpa.yaml
│ ├── ingress.yaml
│ ├── NOTES.txt
│ ├── serviceaccount.yaml
│ ├── service.yaml
│ └── tests
│ └── test-connection.yaml
└── values.yaml
1.1 charts
该目录是可选的,该目录中放置当前 Chart 依赖的其它 Chart,比如 kubefed
├── charts
│ └── controllermanager
│ ├── Chart.yaml
│ ├── crds
│ │ └── crds.yaml
│ └── templates
│ ├── aggregate_clusterroles.yaml
│ ├── clusterrolebindings.yaml
│ ├── clusterrole.yaml
│ ├── deployments.yaml
│ ├── _helpers.tpl
│ ├── kubefedconfig.yaml
│ ├── post-install-job.yaml
│ ├── rolebindings.yaml
│ ├── roles.yaml
│ ├── serviceaccounts.yaml
│ ├── service.yaml
│ └── webhook.yaml
1.2 Chart.yaml
描述这个 Chart 的相关信息、包括名字、描述信息、版本等
apiVersion: v2
name: my-chart
description: A Helm chart for Kubernetes# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "1.16.0"
1.3 templates
templates 目录用于部署模板文件。 当 Helm 收集这些模板的结果,模版使用的值来自 values.yaml 并将它们发送到 Kubernetes。比如 service.yaml,deployment.yaml 内容太多
apiVersion: v1
kind: Service
metadata:
name: {{ include "my-chart.fullname" . }}
labels:
{{- include "my-chart.labels" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "my-chart.selectorLabels" . | nindent 4 }}
1.4 values.yaml
values.yaml 文件对于模板也很重要。 此文件包含 chart 的默认值。 这些值可能会在 helm 安装或 helm 升级期间被用户覆盖。
# Default values for my-chart.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.replicaCount: 1
image:
repository: nginx
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: ""imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000service:
type: ClusterIP
port: 80
检查配置和模板
helm install my-chart --dry-run --debug ./
参考: