k8s helm3安装使用、安装harbor
一、使用1.仓库查看:helm repo list添加:helm repo add 简称 仓库路径helm repo add bitnami https://charts.bitnami.com/bitnami二、安装查看:https://github.com/helm/helm/releases下载:wgethttps://get.helm.sh/helm-v3.5.2-linux-amd64.
一、安装
(1)查看:https://github.com/helm/helm/releases
(2)下载:wget https://get.helm.sh/helm-v3.5.2-linux-amd64.tar.gz (蓝奏云:https://www.lanzoui.com/iK386mqjfif)
(3)解压并复制可执行文件到系统目录
tar -zxvf helm-v3.5.2-linux-amd64.tar.gz
cp linux-amd64/helm /usr/local/bin/
二、使用
1.仓库
(1)查看:helm repo list
(2)添加:helm repo add 简称 仓库路径
(3)删除:helm repo remove 简称
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo add harbor https://helm.goharbor.io
helm repo add stable https://charts.helm.sh/stable
--
helm repo add stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
helm repo add stable http://mirror.azure.cn/kubernetes/charts2.应用
-- 以harbor为例(所需资源:https://download.csdn.net/download/u013595395/15767709)
(1)查找:helm search repo harbor
(2)使用:
1.下载配置文件
helm show values harbor/harbor > all-conf.yml
2.下载软件包
helm pull harbor/harbor
3.安装
helm install harbor harbor/harbor
或 helm install harbor ./harbor-1.6.0.tgz
或 tar -zxvf harbor-1.6.0.tgz 再 helm install harbor ./harbor
helm install harbor ./harbor-1.6.0.tgz -f ./conf-1.yml -n a-env
-f:指定使用的配置文件
-n:指定安装的 Namespace
# conf-1.yml
expose:
type: nodePort
tls:
enabled: false
nodePort:
ports:
http:
port: 80
nodePort: 30002
harborAdminPassword: "admin"
externalURL: http://192.168.15.135:30002
persistence:
enabled: false
-- 访问地址:http://192.168.102.129:30002 admin/admin
4.查看当前状态
helm status redis -n a1-service
5.用新配置升级应用
helm upgrade harbor ./harbor-1.6.0.tgz -f ./conf-2.yml -n a-env
6.查找release并卸载
helm list -n a-env 或 helm list -A
helm uninstall harbor -n a-env
7.查看历史版本并回滚
helm history harbor -n a-env
helm rollback harbor 1 -n a-env
3.其他文档
http://www.mydlq.club/article/51
http://docs.minio.org.cn/docs/master/deploy-minio-on-kubernetes
其他harbor配置:
1.使用nfs存储卷
(1)创建pv和pvc
vi pv-pvc.yml
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: a-soft-harbor-data
labels:
name: a-soft-harbor-data
spec:
# storageClassName:
accessModes:
- ReadWriteOnce
- ReadWriteMany
capacity:
storage: 20Gi
persistentVolumeReclaimPolicy: Retain #其他:Recycle、Delete
nfs:
server: 192.168.15.135
path: /a_soft/harbor/data
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: a-soft-harbor-data
namespace: a-env
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 20Gi
selector:
matchLabels:
name: a-soft-harbor-datakubectl apply -f pv-pvc.yml
(2)需注意nfs中文件夹的权限
chmod -R 777 /a_soft/harbor/data
(3)修改harbor配置文件
vi conf-2.yml
expose:
type: nodePort
tls:
enabled: false
nodePort:
name: harbor
ports:
http:
port: 80
nodePort: 30002
externalURL: http://192.168.102.129:30002
harborAdminPassword: "admin"
persistence:
enabled: true
resourcePolicy: "keep"
persistentVolumeClaim:
registry:
existingClaim: "a-soft-harbor-data"
storageClass: "-"
subPath: "registry"
accessMode: ReadWriteMany
size: 5Gi
chartmuseum:
existingClaim: "a-soft-harbor-data"
storageClass: "-"
subPath: "chartmuseum"
accessMode: ReadWriteMany
size: 5Gi
jobservice:
existingClaim: "a-soft-harbor-data"
storageClass: "-"
subPath: "jobservice"
accessMode: ReadWriteMany
size: 1Gi
database:
existingClaim: "a-soft-harbor-data"
storageClass: "-"
subPath: "database"
accessMode: ReadWriteMany
size: 1Gi
redis:
existingClaim: "a-soft-harbor-data"
storageClass: "-"
subPath: "redis"
accessMode: ReadWriteMany
size: 1Gi
trivy:
existingClaim: "a-soft-harbor-data"
storageClass: "-"
subPath: "trivy"
accessMode: ReadWriteMany
size: 5Gihelm upgrade harbor ./harbor-1.6.0.tgz -f ./conf-2.yml -n a-env
2.添加证书启用tls
(1)创建证书
https://blog.csdn.net/u013595395/article/details/114279877
(2)通过证书生成secret
kubectl create secret generic tls -n a-env --from-file=tls.crt=./server.crt --from-file=tls.key=./server.key --from-file=ca.crt=./ca.crt --from-file=ca.key=./ca.key
(3)修改harbor配置
expose:
type: nodePort
tls:
enabled: true
certSource: secret
secret:
secretName: "tls"
nodePort:
name: harbor
ports:
http:
port: 80
nodePort: 30002
https:
port: 443
nodePort: 30003
externalURL: https://192.168.15.135:30003
harborAdminPassword: "admin"
persistence:
enabled: true
resourcePolicy: "keep"
persistentVolumeClaim:
registry:
existingClaim: "a-soft-harbor-data"
storageClass: "-"
subPath: "registry"
accessMode: ReadWriteMany
size: 5Gi
chartmuseum:
existingClaim: "a-soft-harbor-data"
storageClass: "-"
subPath: "chartmuseum"
accessMode: ReadWriteMany
size: 5Gi
jobservice:
existingClaim: "a-soft-harbor-data"
storageClass: "-"
subPath: "jobservice"
accessMode: ReadWriteMany
size: 1Gi
database:
existingClaim: "a-soft-harbor-data"
storageClass: "-"
subPath: "database"
accessMode: ReadWriteMany
size: 1Gi
redis:
existingClaim: "a-soft-harbor-data"
storageClass: "-"
subPath: "redis"
accessMode: ReadWriteMany
size: 1Gi
trivy:
existingClaim: "a-soft-harbor-data"
storageClass: "-"
subPath: "trivy"
accessMode: ReadWriteMany
size: 5Gi
helm upgrade harbor ./harbor-1.6.0.tgz -f ./conf-3.yml -n a-env
(4)测试
docker login -u admin -p admin 192.168.15.135:30003
docker tag busybox 192.168.15.135:30003/library/busybox:1.0
docker push 192.168.15.135:30003/library/busybox:1.0
-- 注:要把ca证书放到以下目录,不用重启docker
mkdir -p /etc/docker/certs.d/192.168.15.135\:30003
目录:https://blog.csdn.net/u013595395/article/details/114527658
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
0
0- 0
已为社区贡献5条内容
所有评论(0)