Kubernetes Helm入門指南

i042416發表於2018-11-20

什麼是Helm?這可不是暗黑破壞神裡裝備的名稱:頭盔,而是Kubernetes的一個包管理工具,用來簡化Kubernetes應用的部署和管理。我們Helm和Kubernetes的關係,我們可以理解成yum和CentOS,apt-get和Ubuntu的關係。

Kubernetes Helm入門指南

Helm由兩部分組成,客戶端helm和服務端tiller。

其中tiller執行在Kubernetes叢集上,管理chart,而客戶端helm就是一個命令列工具,可在本地執行,一般執行在持續整合/持續交付的伺服器上 。

下圖是helm的架構圖。

Kubernetes Helm入門指南

我們現在就來試用下helm。

首先安裝helm客戶端。

下載helm執行檔案的壓縮包:

wget -O helm.tar.gz   tar -xzf helm.tar.gz

解壓完畢後,將helm檔案移到目錄/usr/local/bin/helm下面:

mv linux-amd64/helm /usr/local/bin/helm

給這個檔案加上執行許可權:

chmod +x /usr/local/bin/helm

首先使用-namespace引數指定使用的namespace,我例子裡的名稱空間是part-0110:

helm init --tiller-namespace part-0110 --service-account access

Kubernetes Helm入門指南

helm init --tiller-namespace part-0110 --service-account access

Creating /home/vagrant/.helm

Creating /home/vagrant/.helm/repository

Creating /home/vagrant/.helm/repository/cache

Creating /home/vagrant/.helm/repository/local

Creating /home/vagrant/.helm/plugins

Creating /home/vagrant/.helm/starters

Creating /home/vagrant/.helm/cache/archive

Creating /home/vagrant/.helm/repository/repositories.yaml

Adding stable repo with URL: 

Adding local repo with URL: 

$HELM_HOME has been configured at /home/vagrant/.helm.

Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.

Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.

For more information on securing your installation see:  https://docs.helm.sh/using_helm/#securing-your-helm-installation

Happy Helming!

從helm的init命令輸出,我們可以觀察到,該命令生成了大量和helm server互動所必須的repository。

現在可以使用helm version命令列引數檢視helm客戶端和伺服器端的版本號:

helm version --tiller-connection-timeout=5 --tiller-namespace part-0110

vagrant@vagrant:~/.kube$ helm version --tiller-connection-timeout=5 --tiller-namespace part-0110

Client: &version.Version{SemVer:"v2.9.1", GitCommit:"20adb27c7c5868466912eebdf6664e7390ebe710", GitTreeState:"clean"}

Server: &version.Version{SemVer:"v2.9.1", GitCommit:"20adb27c7c5868466912eebdf6664e7390ebe710", GitTreeState:"clean"}

Kubernetes Helm入門指南

使用命令helm repo list檢視helm倉庫列表:

Kubernetes Helm入門指南

根據名稱搜尋helm chart:

helm search chaoskube

Kubernetes Helm入門指南

使用下面的命令列安裝chart。命令列中的引數jerry可以根據需要改成你自己期望的名字。

helm install --name jerry stable/chaoskube --set namespaces=part-0110 --set rbac.serviceAccountName=access --tiller-namespace part-0110 --debug

下面是helm install命令的輸出,供您參考:

Kubernetes Helm入門指南

Kubernetes Helm入門指南

Kubernetes Helm入門指南

vagrant@vagrant:~/.kube$ helm install --name jerry stable/chaoskube --set namespaces=part-0110 --set rbac.serviceAccountName=access --tiller-namespace part-0110 --debug

[debug] Created tunnel using local port: '36408'

[debug] SERVER: "127.0.0.1:36408"

[debug] Original chart version: ""

[debug] Fetched stable/chaoskube to /home/vagrant/.helm/cache/archive/chaoskube-0.10.0.tgz

[debug] CHART PATH: /home/vagrant/.helm/cache/archive/chaoskube-0.10.0.tgz

NAME: jerry

REVISION: 1

RELEASED: Thu Nov 15 16:37:19 2018

CHART: chaoskube-0.10.0

USER-SUPPLIED VALUES:

namespaces: part-0110

rbac:

serviceAccountName: access

COMPUTED VALUES:

affinity: {}

annotations: null

debug: false

dryRun: true

excludedDaysOfYear: null

excludedTimesOfDay: null

excludedWeekdays: null

image: quay.io/linki/chaoskube

imageTag: v0.10.0

interval: 10m

labels: null

minimumAge: 0s

name: chaoskube

namespaces: part-0110

nodeSelector: {}

priorityClassName: ""

rbac:

create: false

serviceAccountName: access

replicas: 1

resources: {}

timezone: UTC

tolerations: []

HOOKS:

MANIFEST:

Source: chaoskube/templates/deployment.yaml

apiVersion: apps/v1beta1

kind: Deployment

metadata:

name: jerry-chaoskube

labels:

app: chaoskube

heritage: "Tiller"

release: "jerry"

chart: chaoskube-0.10.0

spec:

replicas: 1

selector:

matchLabels:

app: chaoskube

release: jerry

template:

metadata:

labels:

app: chaoskube

heritage: "Tiller"

release: "jerry"

chart: chaoskube-0.10.0

spec:

containers:

  • name: chaoskube

image: quay.io/linki/chaoskube:v0.10.0

args:

  • --interval=10m

  • --labels=

  • --annotations=

  • --namespaces=part-0110

  • --excluded-weekdays=

  • --excluded-times-of-day=

  • --excluded-days-of-year=

  • --timezone=UTC

  • --minimum-age=0s

resources:

{}

serviceAccountName: "access"

LAST DEPLOYED: Thu Nov 15 16:37:19 2018

NAMESPACE: part-0110

STATUS: DEPLOYED

RESOURCES:

==> v1beta1/Deployment

NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE

jerry-chaoskube 1 1 1 0 2s

==> v1/Pod(related)

NAME READY STATUS RESTARTS AGE

jerry-chaoskube-6689695476-kchtn 0/1 ContainerCreating 0 1s

NOTES:

chaoskube is running and will kill arbitrary pods every 10m.

You can follow the logs to see what chaoskube does:

POD=$(kubectl -n part-0110 get pods -l='release=jerry-chaoskube' --output=jsonpath='{.items[0].metadata.name}')

kubectl -n part-0110 logs -f $POD

You are running in dry-run mode. No pod is actually terminated.

使用helm list命令,現在就能檢視到剛才安裝的名為jerry的chart了。

helm list --tiller-namespace part-0110

Kubernetes Helm入門指南

使用helm命令檢視這個chart的明細(類似kubectl describe pod XXX )

helm status jerry --tiller-namespace part-0110

Kubernetes Helm入門指南

上圖也顯示了自動生成的pod名稱為jerry-chaoskube-6689695476-kchtn,可以用kubectl log命令檢視其執行日誌:

kubectl log jerry-chaoskube-6689695476-kchtn

Kubernetes Helm入門指南

要獲取更多Jerry的原創文章,請關注公眾號"汪子熙":

來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/24475491/viewspace-2220833/,如需轉載,請註明出處,否則將追究法律責任。

相關文章