前文我們瞭解了k8s上的hpa資源的使用,回顧請參考:https://www.cnblogs.com/qiuhom-1874/p/14293237.html;今天我們來聊一下k8s包管理器helm的相關話題;
helm是什麼?
如果我們把k8s的資源清單類比成centos上的rpm包,那麼helm的作用就如同yum;簡單講helm就是類似yum這樣的包管理器,它能夠讓我們在k8s上部署應用變得簡單,我們需要部署某些應用到k8s上,我們直接使用helm就可以完成一鍵部署;有了helm工具,我們甚至都不需要再寫什麼資源清單了;對於helm來說,它只是把對應應用需要的資源清單通過模板引擎,將對應資模板源清單賦值以後,傳送給k8s進行應用,從而實現把應用部署到k8s上;我們把部署到k8s上的應用稱為release;即把模板資源清單通過模板引擎渲染以後,部署到k8s上的就稱為一個release;模板檔案是從哪裡來呢?如同rpm倉庫,這裡的模板檔案也是從倉庫來,簡單講helm倉庫就是用來存放各種應用的模板清單打包檔案,我們把這個打包檔案稱為chart,即helm倉庫也叫chart倉庫,主要用來存放各種應用的打包檔案;一個打包檔案最主要的有chart.yaml,README.md,templates目錄,values.yaml;其中chart.yaml檔案主要用來對應應用的後設資料資訊;README.md主要是用來自述該chart怎麼使用,部署等等說明;templates目錄使用來存放各種資源模板檔案;templates目錄中有一個比較重要的檔案NOTES.txt,該檔案也是一個模板檔案,主要作用是把對應chart安裝成功的資訊通過模板引擎渲染以後輸出給使用者,告訴使用者如何使用對應chart;vlues.yaml檔案主要用來存放該chart的模板的預設值,使用者不指定,其內部模板中的值就是對應values.yaml的值;正是因為chart中存放的都是模板資源清單,使得使用者可以自定義value.yaml檔案,通過指定自定義value.yaml來實現自定義chart的目的;
helm的工具安裝
helm 2的部署稍微有點麻煩,早期helm2是由兩個元件組成,第一個是命令列工具helm,第二個是k8s上的tiller Pod;tiller是服務端,主要接受helm傳送到chart,然後由tiller聯絡apiserver進行對應chart的部署;現在helm的版本是3.0+,對於之前helm2的方式,helm3進行了簡化,即helm不再依賴tiller這個元件,它可以直接同apiserver進行互動,將對應chart部署到k8s上;使用helm3的前提是對應主機能夠正常連線k8s的apiserver,並且對應主機上有kubectl命令,即對應主機必須能使用kubectl命令來管理對應k8s叢集;這其中的原因是helm它會使用kubectl工具的認證資訊到apiserver進行互動;
一、helm3的安裝
下載二進位制包
[root@master01 ~]# mkdir helm [root@master01 ~]# cd helm/ [root@master01 helm]# wget https://get.helm.sh/helm-v3.5.0-linux-amd64.tar.gz --2021-01-20 21:10:33-- https://get.helm.sh/helm-v3.5.0-linux-amd64.tar.gz Resolving get.helm.sh (get.helm.sh)... 152.195.19.97, 2606:2800:11f:1cb7:261b:1f9c:2074:3c Connecting to get.helm.sh (get.helm.sh)|152.195.19.97|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 12327633 (12M) [application/x-tar] Saving to: ‘helm-v3.5.0-linux-amd64.tar.gz’ 100%[==================================================================================================================================>] 12,327,633 9.17MB/s in 1.3s 2021-01-20 21:10:35 (9.17 MB/s) - ‘helm-v3.5.0-linux-amd64.tar.gz’ saved [12327633/12327633] [root@master01 helm]#ls helm-v3.5.0-linux-amd64.tar.gz [root@master01 helm]
解壓包
[root@master01 helm]# tar xf helm-v3.5.0-linux-amd64.tar.gz [root@master01 helm]# ls helm-v3.5.0-linux-amd64.tar.gz linux-amd64 [root@master01 helm]# cd linux-amd64/ [root@master01 linux-amd64]# ls helm LICENSE README.md [root@master01 linux-amd64]#
複製helm二進位制檔案到path環境變數目錄下
[root@master01 linux-amd64]# cp helm /usr/bin/ [root@master01 linux-amd64]# hel helm help [root@master01 linux-amd64]# hel
二、helm的使用
檢視helm版本
[root@master01 ~]# helm version
version.BuildInfo{Version:"v3.5.0", GitCommit:"32c22239423b3b4ba6706d450bd044baffdcf9e6", GitTreeState:"clean", GoVersion:"go1.15.6"}
[root@master01 ~]#
檢視helm幫助
[root@master01 ~]# helm -h
The Kubernetes package manager
Common actions for Helm:
- helm search: search for charts
- helm pull: download a chart to your local directory to view
- helm install: upload the chart to Kubernetes
- helm list: list releases of charts
Environment variables:
| Name | Description |
|------------------------------------|-----------------------------------------------------------------------------------|
| $HELM_CACHE_HOME | set an alternative location for storing cached files. |
| $HELM_CONFIG_HOME | set an alternative location for storing Helm configuration. |
| $HELM_DATA_HOME | set an alternative location for storing Helm data. |
| $HELM_DEBUG | indicate whether or not Helm is running in Debug mode |
| $HELM_DRIVER | set the backend storage driver. Values are: configmap, secret, memory, postgres |
| $HELM_DRIVER_SQL_CONNECTION_STRING | set the connection string the SQL storage driver should use. |
| $HELM_MAX_HISTORY | set the maximum number of helm release history. |
| $HELM_NAMESPACE | set the namespace used for the helm operations. |
| $HELM_NO_PLUGINS | disable plugins. Set HELM_NO_PLUGINS=1 to disable plugins. |
| $HELM_PLUGINS | set the path to the plugins directory |
| $HELM_REGISTRY_CONFIG | set the path to the registry config file. |
| $HELM_REPOSITORY_CACHE | set the path to the repository cache directory |
| $HELM_REPOSITORY_CONFIG | set the path to the repositories file. |
| $KUBECONFIG | set an alternative Kubernetes configuration file (default "~/.kube/config") |
| $HELM_KUBEAPISERVER | set the Kubernetes API Server Endpoint for authentication |
| $HELM_KUBECAFILE | set the Kubernetes certificate authority file. |
| $HELM_KUBEASGROUPS | set the Groups to use for impersonation using a comma-separated list. |
| $HELM_KUBEASUSER | set the Username to impersonate for the operation. |
| $HELM_KUBECONTEXT | set the name of the kubeconfig context. |
| $HELM_KUBETOKEN | set the Bearer KubeToken used for authentication. |
Helm stores cache, configuration, and data based on the following configuration order:
- If a HELM_*_HOME environment variable is set, it will be used
- Otherwise, on systems supporting the XDG base directory specification, the XDG variables will be used
- When no other location is set a default location will be used based on the operating system
By default, the default directories depend on the Operating System. The defaults are listed below:
| Operating System | Cache Path | Configuration Path | Data Path |
|------------------|---------------------------|--------------------------------|-------------------------|
| Linux | $HOME/.cache/helm | $HOME/.config/helm | $HOME/.local/share/helm |
| macOS | $HOME/Library/Caches/helm | $HOME/Library/Preferences/helm | $HOME/Library/helm |
| Windows | %TEMP%\helm | %APPDATA%\helm | %APPDATA%\helm |
Usage:
helm [command]
Available Commands:
completion generate autocompletion scripts for the specified shell
create create a new chart with the given name
dependency manage a chart's dependencies
env helm client environment information
get download extended information of a named release
help Help about any command
history fetch release history
install install a chart
lint examine a chart for possible issues
list list releases
package package a chart directory into a chart archive
plugin install, list, or uninstall Helm plugins
pull download a chart from a repository and (optionally) unpack it in local directory
repo add, list, remove, update, and index chart repositories
rollback roll back a release to a previous revision
search search for a keyword in charts
show show information of a chart
status display the status of the named release
template locally render templates
test run tests for a release
uninstall uninstall a release
upgrade upgrade a release
verify verify that a chart at the given path has been signed and is valid
version print the client version information
Flags:
--debug enable verbose output
-h, --help help for helm
--kube-apiserver string the address and the port for the Kubernetes API server
--kube-as-group stringArray group to impersonate for the operation, this flag can be repeated to specify multiple groups.
--kube-as-user string username to impersonate for the operation
--kube-ca-file string the certificate authority file for the Kubernetes API server connection
--kube-context string name of the kubeconfig context to use
--kube-token string bearer token used for authentication
--kubeconfig string path to the kubeconfig file
-n, --namespace string namespace scope for this request
--registry-config string path to the registry config file (default "/root/.config/helm/registry.json")
--repository-cache string path to the file containing cached repository indexes (default "/root/.cache/helm/repository")
--repository-config string path to the file containing repository names and URLs (default "/root/.config/helm/repositories.yaml")
Use "helm [command] --help" for more information about a command.
[root@master01 ~]#
檢視倉庫列表
[root@master01 ~]# helm repo -h
This command consists of multiple subcommands to interact with chart repositories.
It can be used to add, remove, list, and index chart repositories.
Usage:
helm repo [command]
Available Commands:
add add a chart repository
index generate an index file given a directory containing packaged charts
list list chart repositories
remove remove one or more chart repositories
update update information of available charts locally from chart repositories
Flags:
-h, --help help for repo
Global Flags:
--debug enable verbose output
--kube-apiserver string the address and the port for the Kubernetes API server
--kube-as-group stringArray group to impersonate for the operation, this flag can be repeated to specify multiple groups.
--kube-as-user string username to impersonate for the operation
--kube-ca-file string the certificate authority file for the Kubernetes API server connection
--kube-context string name of the kubeconfig context to use
--kube-token string bearer token used for authentication
--kubeconfig string path to the kubeconfig file
-n, --namespace string namespace scope for this request
--registry-config string path to the registry config file (default "/root/.config/helm/registry.json")
--repository-cache string path to the file containing cached repository indexes (default "/root/.cache/helm/repository")
--repository-config string path to the file containing repository names and URLs (default "/root/.config/helm/repositories.yaml")
Use "helm repo [command] --help" for more information about a command.
[root@master01 ~]# helm repo list
Error: no repositories to show
[root@master01 ~]#
提示:這裡提示我們沒有倉庫;
新增倉庫
[root@master01 ~]# helm repo add stable https://charts.helm.sh/stable "stable" has been added to your repositories [root@master01 ~]# helm repo list NAME URL stable https://charts.helm.sh/stable [root@master01 ~]#
提示:新增倉庫需要連線到對應倉庫,如果你的伺服器無法正常連線到對應倉庫,請使用代理,具體代理方式就是在對應shell終端使用HTTPS_PROXY環境變數賦予一個可以用的代理地址;如HTTPS_PROXY="http://www.ik8s.io:10080",使用代理環境變數的同時需要注意把對應不需要代理的地址給出來,比如本地地址不需要代理可以使用NO_PROXY="127.0.0.0/8,192.168.0.0/24";否則我們使用kubectl它都會代理到我們給定的代理地址上;
搜尋chart
提示:helm search repo表示列出已經新增的倉庫中所有chart;
在倉庫中搜尋redis
[root@master01 ~]# helm search repo redis NAME CHART VERSION APP VERSION DESCRIPTION stable/prometheus-redis-exporter 3.5.1 1.3.4 DEPRECATED Prometheus exporter for Redis metrics stable/redis 10.5.7 5.0.7 DEPRECATED Open source, advanced key-value stor... stable/redis-ha 4.4.6 5.0.6 DEPRECATED - Highly available Kubernetes implem... stable/sensu 0.2.5 0.28 DEPRECATED Sensu monitoring framework backed by... [root@master01 ~]#
安裝stable/redis
[root@master01 ~]# helm install redis-demo stable/redis
WARNING: This chart is deprecated
NAME: redis-demo
LAST DEPLOYED: Wed Jan 20 22:27:18 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
This Helm chart is deprecated
Given the `stable` deprecation timeline (https://github.com/helm/charts#deprecation-timeline), the Bitnami maintained Redis Helm chart is now located at bitnami/charts (https://github.com/bitnami/charts/).
The Bitnami repository is already included in the Hubs and we will continue providing the same cadence of updates, support, etc that we've been keeping here these years. Installation instructions are very similar, just adding the _bitnami_ repo and using it during the installation (`bitnami/<chart>` instead of `stable/<chart>`)
```bash
$ helm repo add bitnami https://charts.bitnami.com/bitnami
$ helm install my-release bitnami/<chart> # Helm 3
$ helm install --name my-release bitnami/<chart> # Helm 2
```
To update an exisiting _stable_ deployment with a chart hosted in the bitnami repository you can execute
```bash $ helm
repo add bitnami https://charts.bitnami.com/bitnami
$ helm upgrade my-release bitnami/<chart>
```
Issues and PRs related to the chart itself will be redirected to `bitnami/charts` GitHub repository. In the same way, we'll be happy to answer questions related to this migration process in this issue (https://github.com/helm/charts/issues/20969) created as a common place for discussion.
** Please be patient while the chart is being deployed **
Redis can be accessed via port 6379 on the following DNS names from within your cluster:
redis-demo-master.default.svc.cluster.local for read/write operations
redis-demo-slave.default.svc.cluster.local for read-only operations
To get your password run:
export REDIS_PASSWORD=$(kubectl get secret --namespace default redis-demo -o jsonpath="{.data.redis-password}" | base64 --decode)
To connect to your Redis server:
1. Run a Redis pod that you can use as a client:
kubectl run --namespace default redis-demo-client --rm --tty -i --restart='Never' \
--env REDIS_PASSWORD=$REDIS_PASSWORD \
--image docker.io/bitnami/redis:5.0.7-debian-10-r32 -- bash
2. Connect using the Redis CLI:
redis-cli -h redis-demo-master -a $REDIS_PASSWORD
redis-cli -h redis-demo-slave -a $REDIS_PASSWORD
To connect to your database from outside the cluster execute the following commands:
kubectl port-forward --namespace default svc/redis-demo-master 6379:6379 &
redis-cli -h 127.0.0.1 -p 6379 -a $REDIS_PASSWORD
[root@master01 ~]#
檢視release
[root@master01 ~]# helm list NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION redis-demo default 1 2021-01-20 22:27:18.635916075 +0800 CST deployed redis-10.5.7 5.0.7 [root@master01 ~]#
驗證:用kubectl工具檢視k8s叢集上對應的redis-demo 是否執行?
[root@master01 ~]# kubectl get pods NAME READY STATUS RESTARTS AGE myapp-779867bcfc-57zw7 1/1 Running 1 2d7h myapp-779867bcfc-657qr 1/1 Running 1 2d7h podinfo-56874dc7f8-5rb9q 1/1 Running 1 2d2h podinfo-56874dc7f8-t6jgn 1/1 Running 1 2d2h [root@master01 ~]# kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 11d myapp-svc NodePort 10.111.14.219 <none> 80:31154/TCP 2d7h podinfo NodePort 10.111.10.211 <none> 9898:31198/TCP 2d2h redis-demo-headless ClusterIP None <none> 6379/TCP 18m redis-demo-master ClusterIP 10.100.228.32 <none> 6379/TCP 18m redis-demo-slave ClusterIP 10.109.46.121 <none> 6379/TCP 18m [root@master01 ~]# kubectl get sts NAME READY AGE redis-demo-master 0/1 18m redis-demo-slave 0/2 18m [root@master01 ~]#
提示:用kubectl工具檢視pod列表,並沒有發現對應pod執行,但是對應的svc和sts都正常建立;
檢視pod沒有建立的原因
[root@master01 ~]# kubectl describe sts/redis-demo-master|grep -A 10 Events Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning FailedCreate 14m (x12 over 14m) statefulset-controller create Pod redis-demo-master-0 in StatefulSet redis-demo-master failed error: failed to create PVC redis-data-redis-demo-master-0: persistentvolumeclaims "redis-data-redis-demo-master-0" is forbidden: exceeded quota: quota-storage-demo, requested: requests.storage=8Gi, used: requests.storage=0, limited: requests.storage=5Gi Warning FailedCreate 3m40s (x18 over 14m) statefulset-controller create Claim redis-data-redis-demo-master-0 for Pod redis-demo-master-0 in StatefulSet redis-demo-master failed error: persistentvolumeclaims "redis-data-redis-demo-master-0" is forbidden: exceeded quota: quota-storage-demo, requested: requests.storage=8Gi, used: requests.storage=0, limited: requests.storage=5Gi [root@master01 ~]# kubectl describe sts/redis-demo-slave|grep -A 10 Events Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning FailedCreate 14m (x12 over 14m) statefulset-controller create Pod redis-demo-slave-0 in StatefulSet redis-demo-slave failed error: failed to create PVC redis-data-redis-demo-slave-0: persistentvolumeclaims "redis-data-redis-demo-slave-0" is forbidden: exceeded quota: quota-storage-demo, requested: requests.storage=8Gi, used: requests.storage=0, limited: requests.storage=5Gi Warning FailedCreate 3m41s (x18 over 14m) statefulset-controller create Claim redis-data-redis-demo-slave-0 for Pod redis-demo-slave-0 in StatefulSet redis-demo-slave failed error: persistentvolumeclaims "redis-data-redis-demo-slave-0" is forbidden: exceeded quota: quota-storage-demo, requested: requests.storage=8Gi, used: requests.storage=0, limited: requests.storage=5Gi [root@master01 ~]#
提示:這裡提示我們沒有許可權建立,原因是quota-storage-demo禁止了;
檢視resourcequota准入控制規則
[root@master01 ~]# kubectl get resourcequota NAME AGE REQUEST LIMIT quota-storage-demo 19d persistentvolumeclaims: 0/5, requests.ephemeral-storage: 0/1Gi, requests.storage: 0/5Gi limits.ephemeral-storage: 0/2Gi [root@master01 ~]# kubectl describe resourcequota quota-storage-demo Name: quota-storage-demo Namespace: default Resource Used Hard -------- ---- ---- limits.ephemeral-storage 0 2Gi persistentvolumeclaims 0 5 requests.ephemeral-storage 0 1Gi requests.storage 0 5Gi [root@master01 ~]#
提示:resourcequota准入控制明確限制了建立pvc最低下限總和是5G,上面建立redis需要8G所以不滿足對應准入控制規則所以建立pvc就被拒絕了,導致pod沒能正常建立;
解除安裝redis-demo
[root@master01 ~]# helm list NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION redis-demo default 1 2021-01-20 22:27:18.635916075 +0800 CST deployed redis-10.5.7 5.0.7 [root@master01 ~]# helm uninstall redis-demo release "redis-demo" uninstalled [root@master01 ~]# helm list NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION [root@master01 ~]#
刪除resourcequota准入控制
[root@master01 ~]# kubectl get resourcequota NAME AGE REQUEST LIMIT quota-storage-demo 19d persistentvolumeclaims: 0/5, requests.ephemeral-storage: 0/1Gi, requests.storage: 0/5Gi limits.ephemeral-storage: 0/2Gi [root@master01 ~]# kubectl delete resourcequota/quota-storage-demo resourcequota "quota-storage-demo" deleted [root@master01 ~]# kubectl get resourcequota No resources found in default namespace. [root@master01 ~]#
檢查pv,是否有足量的pv?
[root@master01 ~]# kubectl get pv NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE nfs-pv-v1 5Gi RWO,ROX,RWX Retain Bound kube-system/alertmanager 3d22h nfs-pv-v2 5Gi RWO,ROX,RWX Retain Bound kube-system/prometheus-data-prometheus-0 3d22h nfs-pv-v3 5Gi RWO,ROX,RWX Retain Available 3d22h [root@master01 ~]#
提示:上述還有一個pv沒有使用,但大小隻有5g不夠redis使用;
建立pv
[root@master01 ~]# cat pv-demo.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: nfs-pv-v4
spec:
capacity:
storage: 10Gi
volumeMode: Filesystem
accessModes: ["ReadWriteOnce","ReadWriteMany","ReadOnlyMany"]
persistentVolumeReclaimPolicy: Retain
mountOptions:
- hard
- nfsvers=4.1
nfs:
path: /data/v4
server: 192.168.0.99
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: nfs-pv-v5
spec:
capacity:
storage: 10Gi
volumeMode: Filesystem
accessModes: ["ReadWriteOnce","ReadWriteMany","ReadOnlyMany"]
persistentVolumeReclaimPolicy: Retain
mountOptions:
- hard
- nfsvers=4.1
nfs:
path: /data/v5
server: 192.168.0.99
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: nfs-pv-v6
spec:
capacity:
storage: 10Gi
volumeMode: Filesystem
accessModes: ["ReadWriteOnce","ReadWriteMany","ReadOnlyMany"]
persistentVolumeReclaimPolicy: Retain
mountOptions:
- hard
- nfsvers=4.1
nfs:
path: /data/v6
server: 192.168.0.99
[root@master01 ~]# kubectl apply -f pv-demo.yaml
persistentvolume/nfs-pv-v4 created
persistentvolume/nfs-pv-v5 created
persistentvolume/nfs-pv-v6 created
[root@master01 ~]# kubectl get pv
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
nfs-pv-v1 5Gi RWO,ROX,RWX Retain Bound kube-system/alertmanager 3d22h
nfs-pv-v2 5Gi RWO,ROX,RWX Retain Bound kube-system/prometheus-data-prometheus-0 3d22h
nfs-pv-v3 5Gi RWO,ROX,RWX Retain Available 3d22h
nfs-pv-v4 10Gi RWO,ROX,RWX Retain Available 3s
nfs-pv-v5 10Gi RWO,ROX,RWX Retain Available 3s
nfs-pv-v6 10Gi RWO,ROX,RWX Retain Available 3s
[root@master01 ~]#
重新安裝redis
[root@master01 ~]# helm install redis-demo stable/redis
WARNING: This chart is deprecated
NAME: redis-demo
LAST DEPLOYED: Wed Jan 20 22:54:30 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
This Helm chart is deprecated
Given the `stable` deprecation timeline (https://github.com/helm/charts#deprecation-timeline), the Bitnami maintained Redis Helm chart is now located at bitnami/charts (https://github.com/bitnami/charts/).
The Bitnami repository is already included in the Hubs and we will continue providing the same cadence of updates, support, etc that we've been keeping here these years. Installation instructions are very similar, just adding the _bitnami_ repo and using it during the installation (`bitnami/<chart>` instead of `stable/<chart>`)
```bash
$ helm repo add bitnami https://charts.bitnami.com/bitnami
$ helm install my-release bitnami/<chart> # Helm 3
$ helm install --name my-release bitnami/<chart> # Helm 2
```
To update an exisiting _stable_ deployment with a chart hosted in the bitnami repository you can execute
```bash $ helm
repo add bitnami https://charts.bitnami.com/bitnami
$ helm upgrade my-release bitnami/<chart>
```
Issues and PRs related to the chart itself will be redirected to `bitnami/charts` GitHub repository. In the same way, we'll be happy to answer questions related to this migration process in this issue (https://github.com/helm/charts/issues/20969) created as a common place for discussion.
** Please be patient while the chart is being deployed **
Redis can be accessed via port 6379 on the following DNS names from within your cluster:
redis-demo-master.default.svc.cluster.local for read/write operations
redis-demo-slave.default.svc.cluster.local for read-only operations
To get your password run:
export REDIS_PASSWORD=$(kubectl get secret --namespace default redis-demo -o jsonpath="{.data.redis-password}" | base64 --decode)
To connect to your Redis server:
1. Run a Redis pod that you can use as a client:
kubectl run --namespace default redis-demo-client --rm --tty -i --restart='Never' \
--env REDIS_PASSWORD=$REDIS_PASSWORD \
--image docker.io/bitnami/redis:5.0.7-debian-10-r32 -- bash
2. Connect using the Redis CLI:
redis-cli -h redis-demo-master -a $REDIS_PASSWORD
redis-cli -h redis-demo-slave -a $REDIS_PASSWORD
To connect to your database from outside the cluster execute the following commands:
kubectl port-forward --namespace default svc/redis-demo-master 6379:6379 &
redis-cli -h 127.0.0.1 -p 6379 -a $REDIS_PASSWORD
[root@master01 ~]#
再次使用kubectl工具檢視對應pod是否正常執行?
[root@master01 ~]# kubectl get pods NAME READY STATUS RESTARTS AGE myapp-779867bcfc-57zw7 1/1 Running 1 2d7h myapp-779867bcfc-657qr 1/1 Running 1 2d7h podinfo-56874dc7f8-5rb9q 1/1 Running 1 2d2h podinfo-56874dc7f8-t6jgn 1/1 Running 1 2d2h redis-demo-master-0 0/1 CrashLoopBackOff 4 2m33s redis-demo-slave-0 0/1 CrashLoopBackOff 4 2m33s [root@master01 ~]# kubectl get pvc NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE redis-data-redis-demo-master-0 Bound nfs-pv-v4 10Gi RWO,ROX,RWX 2m39s redis-data-redis-demo-slave-0 Bound nfs-pv-v6 10Gi RWO,ROX,RWX 2m39s [root@master01 ~]#
提示:這裡pvc自動建立成功,但是對應pod能正常啟動;
檢視pod詳情
[root@master01 ~]# kubectl describe pod/redis-demo-master-0|grep -A 10 Events Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 6m53s default-scheduler Successfully assigned default/redis-demo-master-0 to node01.k8s.org Normal Pulling 6m51s kubelet Pulling image "docker.io/bitnami/redis:5.0.7-debian-10-r32" Normal Pulled 6m33s kubelet Successfully pulled image "docker.io/bitnami/redis:5.0.7-debian-10-r32" in 18.056248477s Normal Started 5m47s (x4 over 6m33s) kubelet Started container redis-demo Normal Created 5m1s (x5 over 6m33s) kubelet Created container redis-demo Normal Pulled 5m1s (x4 over 6m32s) kubelet Container image "docker.io/bitnami/redis:5.0.7-debian-10-r32" already present on machine Warning BackOff 100s (x28 over 6m31s) kubelet Back-off restarting failed container [root@master01 ~]# kubectl describe pod/redis-demo-slave-0|grep -A 10 Events Events: Type Reason Age From Message ---- ------ ---- ---- ------- Warning FailedScheduling 6m58s (x2 over 6m58s) default-scheduler 0/5 nodes are available: 5 pod has unbound immediate PersistentVolumeClaims. Normal Scheduled 6m55s default-scheduler Successfully assigned default/redis-demo-slave-0 to node01.k8s.org Normal Pulling 6m55s kubelet Pulling image "docker.io/bitnami/redis:5.0.7-debian-10-r32" Normal Pulled 6m37s kubelet Successfully pulled image "docker.io/bitnami/redis:5.0.7-debian-10-r32" in 17.603521415s Normal Created 5m12s (x5 over 6m37s) kubelet Created container redis-demo Normal Started 5m12s (x5 over 6m37s) kubelet Started container redis-demo Normal Pulled 5m12s (x4 over 6m36s) kubelet Container image "docker.io/bitnami/redis:5.0.7-debian-10-r32" already present on machine Warning BackOff 106s (x27 over 6m35s) kubelet Back-off restarting failed container [root@master01 ~]#
提示:這裡檢視對應pod詳細資訊也沒有明確提示什麼錯誤;總之pod沒能正常執行(估計和對應的映象啟動有關係);通過上述實驗雖然pod沒能正常執行起來,但是helm能夠將對應的chart提交給k8s執行;helm的使命是成功的;
解除安裝redis-demo,重新找chart安裝試試
提示:這裡搜尋stable倉庫中的redis,該倉庫中redis的chart都是廢棄的版本;
刪除倉庫,重新新增倉庫
[root@master01 ~]# helm repo list NAME URL stable https://charts.helm.sh/stable [root@master01 ~]# helm repo remove stable "stable" has been removed from your repositories [root@master01 ~]# helm repo add bitnami https://charts.bitnami.com/bitnami "bitnami" has been added to your repositories [root@master01 ~]# helm repo list NAME URL bitnami https://charts.bitnami.com/bitnami [root@master01 ~]#
搜尋redis chart
[root@master01 ~]# helm search repo redis NAME CHART VERSION APP VERSION DESCRIPTION bitnami/redis 12.6.2 6.0.10 Open source, advanced key-value store. It is of... bitnami/redis-cluster 4.2.6 6.0.10 Open source, advanced key-value store. It is of... [root@master01 ~]#
安裝bitnami/redis
[root@master01 ~]# helm install redis-demo bitnami/redis
NAME: redis-demo
LAST DEPLOYED: Thu Jan 21 01:58:18 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
** Please be patient while the chart is being deployed **
Redis can be accessed via port 6379 on the following DNS names from within your cluster:
redis-demo-master.default.svc.cluster.local for read/write operations
redis-demo-slave.default.svc.cluster.local for read-only operations
To get your password run:
export REDIS_PASSWORD=$(kubectl get secret --namespace default redis-demo -o jsonpath="{.data.redis-password}" | base64 --decode)
To connect to your Redis(TM) server:
1. Run a Redis(TM) pod that you can use as a client:
kubectl run --namespace default redis-demo-client --rm --tty -i --restart='Never' \
--env REDIS_PASSWORD=$REDIS_PASSWORD \
--image docker.io/bitnami/redis:6.0.10-debian-10-r1 -- bash
2. Connect using the Redis(TM) CLI:
redis-cli -h redis-demo-master -a $REDIS_PASSWORD
redis-cli -h redis-demo-slave -a $REDIS_PASSWORD
To connect to your database from outside the cluster execute the following commands:
kubectl port-forward --namespace default svc/redis-demo-master 6379:6379 &
redis-cli -h 127.0.0.1 -p 6379 -a $REDIS_PASSWORD
[root@master01 ~]#
檢視pod執行情況
提示:這裡提示我們append-only file 沒有開啟的許可權,說明我們掛載的對應儲存沒有寫許可權;
在後端儲存上加上寫許可權
提示:這裡加上寫的許可權對應pod還是沒能正常跑起來;刪除pod試試,看看對應pod重建以後是否會正常執行?
[root@master01 ~]# kubectl delete pod --all pod "redis-demo-master-0" deleted pod "redis-demo-slave-0" deleted [root@master01 ~]# kubectl get pods NAME READY STATUS RESTARTS AGE redis-demo-master-0 0/1 ContainerCreating 0 3s redis-demo-slave-0 0/1 Running 0 3s [root@master01 ~]# kubectl get pods NAME READY STATUS RESTARTS AGE redis-demo-master-0 0/1 Running 0 5s redis-demo-slave-0 0/1 Running 0 5s [root@master01 ~]# kubectl get pods NAME READY STATUS RESTARTS AGE redis-demo-master-0 1/1 Running 0 62s redis-demo-slave-0 1/1 Running 0 62s redis-demo-slave-1 0/1 CrashLoopBackOff 2 26s [root@master01 ~]#
提示:這裡刪除pod以後,新建的pod就能夠正常執行;但是還有一個slave執行失敗,應該是後端儲存沒有寫許可權造成的;
再次給後端儲存加寫許可權
提示:可以看到給對應目錄加上寫許可權,對應pod正常啟動了;
進入redis主從複製叢集
提示:可以看到在master節點上,能夠看到對應兩個從節點的資訊;
驗證:在主節點上寫資料,看看對應從節點上是否能夠同步資料?
提示:可以看到在master端寫資料,slave端能夠正常將對應資料同步過來,在slave端能夠正常對取到對應資料,說明主從複製叢集工作是正常的;
更新倉庫
[root@master01 ~]# helm repo update Hang tight while we grab the latest from your chart repositories... ...Successfully got an update from the "bitnami" chart repository Update Complete. ⎈Happy Helming!⎈ [root@master01 ~]#
提示:建議每次部署新的應用都先更新下倉庫,然後在部署應用;
使用自定義資訊部署應用
提示:上述命令用--set選項可以將自定義資訊傳入對應的chart中,用於替換對應模板檔案中的值;上述命令表示設定redis密碼為admin123.com,master和slave都不開啟持久儲存功能(生產環境不建議);當然簡單的設定個別引數可以使用--set來指定,如果過於複雜的引數,建議使用value.yaml檔案來替換,使用--value選項來指定對應的值檔案即可;