欢迎访问www.showerlee.com, 您的支持就是我前进的动力.

Kubernetes之Helm包管理

showerlee 2018-04-14 13:01 DevTools, Kubernetes 阅读 (23,778) 2条评论

Kubernetes-Helm

最近研究了下kubernetes用的比较火的Helm, Helm作为一个包管理工具, 它把Kubernetes资源(比如deployments、services或 ingress等) 打包到一个chart中,方便我们将其chart保存到chart仓库用来存储和分享, Helm支持发布应用配置的版本管理, 使发布可配置, 它最终简化了Kubernetes部署应用的版本控制、打包、发布、删除、更新等操作。

其实Helm和我们的ansible playbook有一些类似的地方就是, 它支持变量预定义, 使我们每一个kube脚本将一些重复的配置使用变量代替, 方便我们对一个project release的管理和批量部署, 升级, 回滚等操作.

Let's roll out...

安装环境

Local Desktop: MacOS

Virtual Machine: Virtual Box

Virtual System: CentOS 7.4

Kubernetes: Kubernetes1.9

Docker: 17.03.2-ce

Helm: helm-v2.7.0

kube-master 10.110.16.10

kube-node-1 10.110.16.11


一. 系统环境配置

1.关闭SELINUX和firewall

# vi /etc/sysconfig/selinux

...
SELINUX=disabled 
...

# setenforce 0

# systemctl stop firewalld  && systemctl disable firewalld

2.安装k8s环境.

http://www.showerlee.com/archives/2200

二. Helm配置

1.Helm安装

# wget https://storage.googleapis.com/kubernetes-helm/helm-v2.7.0-linux-amd64.tar.gz

# tar -zxvf helm-v2.7.0-linux-amd64.tar.gz

# mv linux-amd64/helm /usr/local/bin/


2.添加tiller到k8s service account

# kubectl create serviceaccount --namespace kube-system tiller

# kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller

# kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'


3.使用阿里云tiller镜像以及tiller账户初始化helm, 将tiller部署到k8s deployment下.

# vi ~/.helm/repository/repositories.yaml

Tip: username, password为你的阿里云账号密码

apiVersion: v1
generated: 2018-04-13T23:48:19.490774427-04:00
repositories:
- caFile: ""
  cache: /root/.helm/repository/cache/stable-index.yaml
  certFile: ""
  keyFile: ""
  name: stable
  password: "password"
  url: https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
  username: "username"
- caFile: ""
  cache: /root/.helm/repository/cache/local-index.yaml
  certFile: ""
  keyFile: ""
  name: local
  password: ""
  url: http://127.0.0.1:8879/charts
  username: ""

#  helm init --service-account tiller --upgrade --tiller-image=registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.7.0

Tip: 这里helm可以理解为一个操作tiller服务的客户端, tiller作为部署到k8s下的一个deployment, 负责去将我们的chart脚本解析给k8s去做进一步的部署工作.


4.检查tiller是否部署到k8s

# kubectl get pods --namespace kube-system

NAME                                  READY     STATUS    RESTARTS   AGE
etcd-kube-master                      1/1       Running   0          26d
kube-apiserver-kube-master            1/1       Running   0          26d
kube-controller-manager-kube-master   1/1       Running   1          26d
kube-dns-6f4fd4bdf-54smn              3/3       Running   0          26d
kube-flannel-ds-gwl2z                 1/1       Running   0          26d
kube-flannel-ds-m754s                 1/1       Running   0          26d
kube-proxy-697qx                      1/1       Running   0          26d
kube-proxy-cvfd9                      1/1       Running   0          26d
kube-scheduler-kube-master            1/1       Running   1          26d
tiller-deploy-cf797bfbf-rnk4k         1/1       Running   0          1h

5.创建一个chart范例

# helm create helm-chart

# tree ./helm-chart

./helm-chart
├── charts
├── Chart.yaml
├── templates
│   ├── deployment.yaml
│   ├── _helpers.tpl
│   ├── ingress.yaml
│   ├── NOTES.txt
│   └── service.yaml
└── values.yaml

Tip: 可以看到helm默认创建了一个chart表结构, 这里的templates下面放的大部分为k8s的部署脚本, values.yaml和chart.yaml为主要的参数文件存放一些变量供k8s yaml文件调用, 有需要的小伙伴可以将自己的k8s脚本与默认进行替换.


6.检查chart语法

# helm lint ./helm-chart


7.使用默认chart部署到k8s

# helm install --name example1 ./helm-chart --set service.type=NodePort

Tip: 这里 --name命名我们这个chart release的名称, --set service.type=NodePort为将我们的任意node的ip映射到我们部署的pod, 以供访问.

# helm install --name example1 ./helm-chart --set service.type=NodePort
NAME:   example1
LAST DEPLOYED: Sat Apr 14 01:08:16 2018
NAMESPACE: default
STATUS: DEPLOYED

RESOURCES:
==> v1/Service
NAME                 TYPE      CLUSTER-IP     EXTERNAL-IP  PORT(S)       AGE
example1-helm-chart  NodePort  10.105.111.66  <none>       80:25146/TCP  0s

==> v1beta1/Deployment
NAME                 DESIRED  CURRENT  UP-TO-DATE  AVAILABLE  AGE
example1-helm-chart  1        1        1           0          0s

==> v1/Pod(related)
NAME                                  READY  STATUS             RESTARTS  AGE
example1-helm-chart-7975cbf9b7-86vx5  0/1    ContainerCreating  0         0s


NOTES:
1. Get the application URL by running these commands:
  export NODE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].nodePort}" services example1-helm-chart)
  export NODE_IP=$(kubectl get nodes --namespace default -o jsonpath="{.items[0].status.addresses[0].address}")
  echo http://$NODE_IP:$NODE_PORT

我们可以使用上面的NOTES去访问我们的部署网站

# curl 10.110.16.10:25146

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

8.查看当前的部署列表

# helm ls

NAME    	REVISION	UPDATED                 	STATUS  	CHART           	NAMESPACE
example1	1       	Sat Apr 14 01:08:16 2018	DEPLOYED	helm-chart-0.1.0	default

# kubectl get deployment

NAME                  DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
example1-helm-chart   1         1         1            1           4m

9.打包chart

# helm package ./helm-chart --debug


10.使用包去做release部署

# helm install --name example2 helm-chart-0.1.0.tgz --set service.type=NodePort

11.升级当前release

# helm upgrade example2 ./helm-chart


12.回滚当前release

# helm rollback example2 1


13.删除该release

# helm delete example2

# helm del --purge example2


14.查看release历史删除记录

Tip: 如果删除时未使用--purge参数可查看删除记录

# helm ls --deleted -d

NAME    	REVISION	UPDATED                 	STATUS 	CHART           	NAMESPACE
example2	2       	Sat Apr 14 00:14:54 2018	DELETED	helm-chart-0.1.0	default

这里作者就不继续介绍helm chart的一些语法结构了, 有需要的小伙伴可以直接访问Helm官方去查看相关文档

https://docs.helm.sh

Finished...

正文部分到此结束
版权声明:除非注明,本文由(showerlee)原创,转载请保留文章出处!
本文链接:http://www.showerlee.com/archives/2455

继续浏览:helmk8s

2条大神的评论

loading
  1. 沙发
    zhang2018年5月2日上午9:23 回复

    无法clone仓库!
    # git clone git@git.showerlee.com:showerlee/kube-deploy.git
    Cloning into ‘kube-deploy’…
    ssh: connect to host git.showerlee.com port 22: Connection refused
    fatal: Could not read from remote repository.

    Please make sure you have the correct access rights
    and the repository exists.

    • showerlee2018年5月2日上午10:33 回复

      @zhang
      试试这个:
      git clone https://showerlee@git.showerlee.com/showerlee/kube-deploy.git

发表评论

icon_wink.gif icon_neutral.gif icon_mad.gif icon_twisted.gif icon_smile.gif icon_eek.gif icon_sad.gif icon_rolleyes.gif icon_razz.gif icon_redface.gif icon_surprised.gif icon_mrgreen.gif icon_lol.gif icon_idea.gif icon_biggrin.gif icon_evil.gif icon_cry.gif icon_cool.gif icon_arrow.gif icon_confused.gif icon_question.gif icon_exclaim.gif