k8s集群部署helm组件
背景获取参考1、https://helm.sh/docs/using_helm/#quickstart-guide2、https://helm.sh/docs/using_helm/#role-based-access-control
关于helm
helm是针对k8s的应用管理工具,可以和管理rpm包的yum进行类比,只不过helm的管理对象为chart,也就是一组定义了k8s相关资源的yaml文件。通过 Helm 可以打包应用、管理应用依赖关系、管理应用版本并发布应用到软件仓库。
安装helm
helm也是C/S架构的服务,helm是一个命令行下的客户端工具,而服务端是Tiller。
1、安装helm客户端命令行
因此我们先安装helm客户端,通过helm github,我们选择一个版本下载二进制安装包,
wget https://get.helm.sh/helm-v2.14.1-linux-amd64.tar.gz
tar -xf helm-v2.14.1-linux-amd64.tar.gz
解压后我们可以看到helm的二进制文件,
[root@CentOS-7-4 /home/k8s/linux-amd64]# ls
. .. helm LICENSE README.md tiller
将二进制文件helm拷贝到环境变量PATH中的某个目录,以便我们能直接使用该命令。
cp helm /usr/local/sbin/helm
2、安装服务端Tiller
然后安装Tiller,但是由于无法访问国外的网站,我们采用阿里云的镜像仓库。和上篇(使用kubeadm部署k8s 1.15集群——基于CentOS 7)一样,我们将tiller镜像拉取到本地,然后push到自己的本地私有镜像仓库。
docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.14.1
docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.14.1 192.168.0.200:80/kubernetes-helm/tiller:v2.14.1
docker push 192.168.0.200:80/kubernetes-helm/tiller:v2.14.1
因为我们集群开启了RBAC访问控制,所以也要为tiller创建ServiceAccount以及ClusterRoleBinding,使用以下配置文件helm-rabc-config.yaml,
apiVersion: v1
kind: ServiceAccount
metadata:
name: tiller
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: tiller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: tiller
namespace: kube-system
之后使用kubectl创建该服务,并初始化该服务,使用tiller这个服务账号,设置最大历史版本为200个。
kubectl create -f helm-rabc-config.yaml
helm init --service-account tiller --history-max 200
创建完就可以查看下这个服务,
[root@CentOS-7-4 /home/k8s]# kubectl get pod -n kube-system -l name=tiller
NAME READY STATUS RESTARTS AGE
tiller-deploy-5648cc8b79-68rmz 1/1 Running 0 25h
[root@CentOS-7-4 /home/k8s]# helm version
Client: &version.Version{SemVer:"v2.14.1", GitCommit:"5270352a09c7e8b6e8c9593002a73535276507c0", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.14.1", GitCommit:"5270352a09c7e8b6e8c9593002a73535276507c0", GitTreeState:"clean"}
为了能够使用helm仓库,我们将helm的repo替换为阿里云的镜像仓库,
# 先移除原先的仓库
helm repo remove stable
# 添加阿里云仓库
helm repo add stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
# 更新仓库
helm repo update
helm命令使用
helm和yum命令格式类似,其中有以下几个高频使用命令,
- helm search: search for charts #在仓库中查询应用
- helm fetch: download a chart to your local directory to view #下载应用安装包到本地
- helm install: upload the chart to Kubernetes #安装应用到k8s集群中
- helm list: list releases of charts #查看集群中已安装应用
更加详细和更多命令参数可使用helm help查看用户手册,
Available Commands:
completion Generate autocompletions script for the specified shell (bash or zsh)
create create a new chart with the given name
delete given a release name, delete the release from Kubernetes
dependency manage a chart's dependencies
fetch download a chart from a repository and (optionally) unpack it in local directory
get download a named release
help Help about any command
history fetch release history
home displays the location of HELM_HOME
init initialize Helm on both client and server
inspect inspect a chart
install install a chart archive
lint examines a chart for possible issues
list list releases
package package a chart directory into a chart archive
plugin add, list, or remove Helm plugins
repo add, list, remove, update, and index chart repositories
reset uninstalls Tiller from a cluster
rollback roll back a release to a previous revision
search search for a keyword in charts
serve start a local http web server
status displays the status of the named release
template locally render templates
test test a release
upgrade upgrade a release
verify verify that a chart at the given path has been signed and is valid
version print the client/server version information
参考
1、https://helm.sh/docs/using_helm/#quickstart-guide
2、https://helm.sh/docs/using_helm/#role-based-access-control
K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容
更多推荐
2
0- 0
已为社区贡献25条内容
所有评论(0)