什么是helm?在没有这个helm之前,deployment service ingress
helm的作用
通过打包的方式,把deployment service ingress等打包在一块,一键式的部署服务,类似yum安装
官方提供的一个类似与安装仓库额功能,可以实现一键化部署应用
helm的概念
三个部分组成
1、chartL helm的软件包,部署包,service ingress,定义好的yaml资源,类似于yum的rpm包
2、Release 可以理解为版本,也可以理解为在安装过程中,给这个部署的应用起一个名字
3、Repository 仓库,提供一个服务器,这个服务器中包含chartL的资源,yaml的资源保存的地址
版本
helm3 命令行
helm3 纯命令行方式
把源码包拖到helm
helm-v3.12.0-linux-amd64.tar.gz
解压
tar -xf helm-v3.12.0-linux-amd64.tar.gz
进入linux-amd64/
cd linux-amd64/把helm拖到usr/local/bin下
mv helm /usr/local/bin/helm添加自动补全
vim /etc/profilesource <(helm completion bash)
立刻生效
source /etc/profile搜索资源helm search repo aliyun | grep nginx查看chart的详细信息
helm show chart bitnami/nginx(一般)
helm show all bitnami/nginx(所有)安装
helm install my-nginx bitnami/nginx
helm install 安装
my-nginx 安装的名称或者版本
bitnami/nginx bitnami仓库名,nginx就是chart一系列yaml资源的集合删除
helm uninstall my-nginxhelm install bitnami/nginx --generate-name
--generate-name 随机指定Release名称helm ls 查看所有安装Releasehelm自定义模版
根据自己的需求,自定义chart,然后部署到集群当中
拉取包(mysql)
helm pull stable/mysql解压
tar -xf mysql-1.6.9.tgz创建nginx
helm create nginx查看创建的nginx的目录
tree nginx
nginx/
├── charts
├── Chart.yaml
├── templates
│ ├── deployment.yaml
│ ├── _helpers.tpl
│ ├── hpa.yaml
│ ├── ingress.yaml
│ ├── NOTES.txt
│ ├── serviceaccount.yaml
│ ├── service.yaml
│ └── tests
│ └── test-connection.yaml
└── values.yamlcharts 用于存储依赖,如果这个chart依赖于其他的chart,依赖文件保存在这个目录
Chart.yaml helm chart的元数据文件,包含了这个chart的名称,版本,维护者信息等等
Template 包含清单模版目录
deployment.yaml 部署应用的模版文件
helpers.tpl 帮助文档,告诉用户如何来定义模版的值
hpa.yaml 定义了应用程序副本数的扩缩容行为
ingress.yaml 定义了外部流量如何转发到应用程序
NOTES.txt 注意事项
serviceaccount.yaml 应用程序的服务账号
service.yaml 集群内部的访问
tests test-connection.yaml 测试的目录和文件,部署完chart之后,用来测试的文件
values.yaml 核心文件,自定义的值,都是通过values.yaml,把我们数据覆盖到安装的chart修改values.yaml# Default values for nginx.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.replicaCount: 3
#创建的副本数image:repository: nginxpullPolicy: IfNotPresent# Overrides the image tag whose default is the chart appVersion.tag: "1.22"
#指向镜像的版本imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""serviceAccount:# Specifies whether a service account should be createdcreate: true# Annotations to add to the service accountannotations: {}# The name of the service account to use.# If not set and create is true, a name is generated using the fullname templatename: ""podAnnotations: {}podSecurityContext: {}# fsGroup: 2000securityContext: {}# capabilities:# drop:# - ALL# readOnlyRootFilesystem: true# runAsNonRoot: true# runAsUser: 1000service:type: ClusterIPport: 80ingress:enabled: trueclassName: ""annotations: {}# kubernetes.io/ingress.class: nginx# kubernetes.io/tls-acme: "true"hosts:- host: www.lucky-cloud.yamlpaths:- path: /pathType: Prefixtls: []# - secretName: chart-example-tls# hosts:# - chart-example.localresources:# We usually recommend not to specify default resources and to leave this as a conscious# choice for the user. This also increases chances charts run on environments with little# resources, such as Minikube. If you do want to specify resources, uncomment the following# lines, adjust them as necessary, and remove the curly braces after 'resources:'.limits:cpu: "1"memory: 512Mi
autoscaling:enabled: falseminReplicas: 1maxReplicas: 100targetCPUUtilizationPercentage: 80# targetMemoryUtilizationPercentage: 80nodeSelector: {}tolerations: []affinity: {}验证语法
[root@master01 linux-amd64]# helm lint nginx
==> Linting nginx
[INFO] Chart.yaml: icon is recommended1 chart(s) linted, 0 chart(s) failed打包
helm package nginx
Successfully packaged chart and saved it to: /opt/helm/linux-amd64/nginx-0.1.0.tgz部署
helm install nginx-11 ./nginx --dry-run --debug
helm install 安装chart
nginx-11 Release版本号
./nginx 当前目录下的nginx的chart
--dry-run --debug 这个chart不会被部署到集群当中,参数验证,测试chart的配置是否正确安装
方法一
helm install nginx-11 ./nginx -n default
方法二
helm install nginx-11 /opt/helm/linux-amd64/nginx-0.1.0.tgz -n default
删除
helm uninstall nginx-11修改chart之后重新部署
修改values.yaml
.......
service:type: NodePortport: 80nodePort: 31000
ingress:enabled: falseclassName: ""annotations: {}
......修改service.yaml
apiVersion: v1
kind: Service
metadata:name: {{ include "nginx.fullname" . }}labels:{{- include "nginx.labels" . | nindent 4 }}
spec:type: {{ .Values.service.type }}ports:- port: {{ .Values.service.port }}targetPort: httpprotocol: TCPname: httpnodePort: {{.Values.service.nodePort}}selector:{{- include "nginx.selectorLabels" . | nindent 4 }}检测
helm lint nginx更新
helm upgrade nginx-11 nginx回滚
查看回滚
helm history nginx-11
REVISION UPDATED STATUS CHART APP VERSION DESCRIPTION
1 Sun Jan 21 21:17:54 2024 superseded nginx-0.1.0 1.16.0 Install complete
2 Sun Jan 21 21:46:04 2024 deployed nginx-0.2.0 1.16.0 Upgrade completehelm rollback nginx-11 1上传Harbor
修改Harbor
.....
harbor_admin_password: 123456
chart:absolute_url: enabled
......运行脚本
./install.shmkdir -p ~/.local/share/helm/plugins/helm-pushtar -xf helm-push_0.8.1_linux_amd64.tar.gz -C ~/.local/share/helm/plugins/helm-pushdocker login -u admin -p 123456 https://hub.test.com上传
helm push nginx-0.2.0.tgz oci://hub.test.com/charts --insecure-skip-tls-verif
