Summary of Helm
1.Helm introduction
helm is similar to package management tools under Linxu system, such as yum, apt, etc. It is mainly used to create, package, publish and manage local and remote Chart repositories for Kubernetes application Chart.
2.Helm component
- helm: Local client tool, mainly used for the creation/packaging/publishing of kubernetes application charts, as well as the creation and management of remote Chart repositories.
- Tiller: The server of helm is deployed in kubernetes. Tiller accepts the request of helm and generates the kubernetes deployment file (called release) based on chart, which is then submitted to Kubernetes to create applications. Tiller also provides Release upgrade, deletion, rollback and a series of other functions.
- Chart: helm's package, in tar format, contains all the image/dependency/resource definitions needed to run an application, and may also contain service definitions in the kubernetes cluster, similar to yum's rpm file
- Release: An instance of a Chart running in a cluster in kubernetes. On the same cluster, a Chart can be installed many times, and each installation generates a new release.
- Repository: A repository for publishing and storing Chart s
II. Helm deployment
1. install Helm
# wget https://get.helm.sh/helm-v2.14.3-linux-amd64.tar.gz # tar -zxvf helm-v2.14.3-linux-amd64.tar.gz # cp linux-amd64/helm /usr/bin/
# helm version
Client: &version.Version{SemVer:"v2.14.3", GitCommit:"0e7f3b6637f7af8fcfddb3d2941fcc7cbebb0085", GitTreeState:"clean"}
Error: could not find tiller
2. Installing Tiller
-
The tiller node needs to install socat
- helm is used by default“ https://kubernetes-charts.storage.googleapis.com ” As the default stable repository address, it needs to be replaced by Ali's because it is not accessible domestically.
# helm init --upgrade -i registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.14.3 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
# kubectl get pod -n kube-system | grep tiller
tiller-deploy-6867df9fc6-f575p 1/1 Running 0 3m50s
# helm version
Client: &version.Version{SemVer:"v2.14.3", GitCommit:"0e7f3b6637f7af8fcfddb3d2941fcc7cbebb0085", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.14.3", GitCommit:"0e7f3b6637f7af8fcfddb3d2941fcc7cbebb0085", GitTreeState:"clean"}
3.Tiller configures rbac
# cat tiller-rbac.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: tiller
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: tiller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: tiller
namespace: kube-system
Setting up accounts for tiller
# kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'# kubectl get deploy -n kube-system tiller-deploy -o yaml | grep serviceAccount
serviceAccount: tiller
serviceAccountName: tiller
4. Unloading Tiller
If you need to uninstall the deployed Tiller, you can use the following command to complete the uninstallation.
Helm reset or helm reset --force
3. The Use of helm
1.helm command completion
# source <(helm completion bash) # echo "source <(helm completion bash)" >> ~/.bashrc
2. Adding warehouses
# helm repo list NAME URL stable https://mirror.azure.cn/kubernetes/charts local http://127.0.0.1:8879/charts # helm repo add aliyun https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts "aliyun" has been added to your repositories # helm repo update Hang tight while we grab the latest from your chart repositories... ...Skip local chart repository ...Successfully got an update from the "aliyun" chart repository ...Successfully got an update from the "stable" chart repository Update Complete.
3. Common Helm commands
Common helm commands: - helm search: Search charts - helm fetch: Download charts to local directory - helm install: Install charts - helm list: Lists all versions of charts Command options: Completion generates automatic completion scripts (bash or zsh) for the specified shell create creates a new charts delete deletes the release of the specified version dependency manages dependencies on charts fetch downloads charts and extracts them to the local directory get downloads a release History release history information home Displays helm's home Directory init initializes helm on client and server inspect to see the details of charts Install install charts Problems with lint Detection Packets list lists release package packages the chart directory Add or delete Helm plug-in repo Add and Delete chart Warehouse reset uninstall tiller Rollback release version rollback search Search chart Server starts a local HTTP serve r Status view release status information Template local template Test release test Upgrade release update verify the signature and validity of the chart Version prints version information for both client and server
4. Install Monocular with helm
Monocular is an open source software that manages services created as Helm Charts on kubernetes and can be installed on its web page
Installation of Nginx Ingress
# cat ingress-values.yaml
controller:
service:
type: NodePort
targetPorts:
http: 80
https: 443
nodePorts:
http: 32080
https: 32443
hostNetwork: true
rbac:
create: true# helm install --name nginx-ingress aliyun/nginx-ingress -f ingress-values.yaml
# kubectl get pod NAME READY STATUS RESTARTS AGE nginx-ingress-controller-658f4878bf-rvx29 1/1 Running 0 6m54s nginx-ingress-default-backend-878d64884-z7qw9 1/1 Running 0 6m54s # kubectl get svc -l app=nginx-ingress NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE nginx-ingress-controller NodePort 10.108.114.19 <none> 80:32080/TCP,443:32443/TCP 7m34s nginx-ingress-default-backend ClusterIP 10.102.104.170 <none> 80/TCP 7m34s
Installation of Monocular
# helm repo add monocular https://helm.github.io/monocular # helm install monocular/monocular --name monocular
# kubectl get pod | grep monocular monocular-mongodb-64df9c7fb6-tp55x 1/1 Running 0 3m24s monocular-monocular-chartsvc-58cf779c5b-422bj 1/1 Running 2 3m23s monocular-monocular-chartsvc-58cf779c5b-8wrvr 1/1 Running 2 3m24s monocular-monocular-chartsvc-58cf779c5b-czppl 1/1 Running 1 3m23s monocular-monocular-prerender-565885d9dd-sql5k 1/1 Running 0 3m24s monocular-monocular-sync-initial-incubator-uuk6q-h7nhv 0/1 Completed 2 3m23s monocular-monocular-sync-initial-stable-4dsb2-qc5pn 1/1 Running 1 3m23s monocular-monocular-ui-6f8bbd67b-n55vb 1/1 Running 0 3m23s monocular-monocular-ui-6f8bbd67b-xdql4 1/1 Running 0 3m23s # kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 8d monocular-mongodb ClusterIP 10.98.190.128 <none> 27017/TCP 4m15s monocular-monocular-chartsvc ClusterIP 10.108.54.177 <none> 8080/TCP 4m15s monocular-monocular-prerender NodePort 10.107.66.9 <none> 80:31915/TCP 4m15s monocular-monocular-ui NodePort 10.101.12.118 <none> 80:31939/TCP 4m15s nginx-ingress-controller NodePort 10.108.114.19 <none> 80:32080/TCP,443:32443/TCP 48m nginx-ingress-default-backend ClusterIP 10.102.104.170 <none> 80/TCP 48m # kubectl get ingress NAME HOSTS ADDRESS PORTS AGE monocular-monocular * 80 4m8s
(3) Access testing
(unresolved) 32080 when accessing ports mapped by ingress, unreachable
5. Delete the installed chart
# helm delete --purge monocular release "monocular" deleted