安装并初始化 Helm
假定Kubernetes 集群已经有了,安装 Helm 客户端到本地,同时安装服务端 Tiller 到 Kubernetes 中(以 pod的方式)。
1,下载最新版 release 版 Helm 二进制码安装。
$ wget https://storage.googleapis.com/kubernetes-helm/helm-v2.9.1-linux-amd64.tar.gz
$ tar -zxvf helm-v2.9.1-linux-amd64.tar.gz
$ mv ./linux-amd64/helm /usr/local/bin/
(客户端安装)
2.配置rbac
cat >helm-rbac-config.yaml< apiVersion: v1 kind: ServiceAccount metadata: name: tiller namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: tiller roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: tiller namespace: kube-system EOF #导入文件 kubectl create -f helm-rbac-config.yaml # 配置tiller使用创建的ServiceAccount kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}' 3. 初始化并验证 Helm (安装server) # helm init --service-account --upgrade -i registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.9.1 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts [root@kubernetes-112 ~]# helm version Client: &version.Version{SemVer:"v2.9.1", GitCommit:"20adb27c7c5868466912eebdf6664e7390ebe710", GitTreeState:"clean"} Server: &version.Version{SemVer:"v2.9.1", GitCommit:"20adb27c7c5868466912eebdf6664e7390ebe710", GitTreeState:"clean"} 查看状态 [root@kubernetes-112 ~]# kubectl get pod -n kube-system -l app=helm NAME READY STATUS RESTARTS AGE tiller-deploy-b67849f44-dw56p 1/1 Running 0 10m # 4. 报错: root@kubernetes-112 ~]# helm version Client: &version.Version{SemVer:"v2.9.1", GitCommit:"20adb27c7c5868466912eebdf6664e7390ebe710", GitTreeState:"clean"} E0920 13:40:50.887465 682 portforward.go:331] an error occurred forwarding 5649 -> 44134: error forwarding port 44134 to pod 7892f36e056f6506144b4c00ee42eb4dd3a4f6609b4b7c487a122d811bfa40b0, uid : unable to do port forwarding: socat not found. Error: cannot connect to Tiller 解决办法:在k8s的node节点安装ssocat即可解决 $sudo yum install socat 遇到的另外一个问题,$helm list -a,报错 Error: the server has asked for the client to provide credentials (get configmaps) 卸载 helm reset 或 $helm reset -f (强制删除k8s集群上的pod.) helm reset --remove-helm-home (当要移除helm init创建的目录等数据时,执行) 5.helm使用 若要查看在存储库中可用的所有 Helm charts,请键入以下命令: helm search 若遇到Unable to get an update from the “stable” chart repository (https://kubernetes-charts.storage.googleapis.com) 错误 手动更换stable 存储库为阿里云的存储库 helm repo remove stable helm repo add stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts helm repo update helm search 6, 安装chart 管理UI monocular Monocular是一个开源软件,用于管理kubernetes上以Helm Charts形式创建的服务,可以通过它的web页面来安装helm Charts。 安装Monocular $ helm repo add monocular https://kubernetes-helm.github.io/monocular $ helm helm install monocular/monocular -f custom-repos.yaml custom-repos.yaml为自己定义的chart repo源 cat ../../monocular/custom-repos.yaml api: config: repos: - name: stable url: https://aliacs-app-catalog.oss-cn-hangzhou.aliyuncs.com/charts source: https://github.com/kubernetes/charts/tree/master/stable - name: incubator url: https://aliacs-app-catalog.oss-cn-hangzhou.aliyuncs.com/charts-incubator source: https://github.com/kubernetes/charts/tree/master/incubator - name: monocular url: https://kubernetes-helm.github.io/monocular source: https://github.com/kubernetes-helm/monocular/tree/master/charts 安装中遇到的问题是如和给monocular cahrt中mongodb的PVC持久化存储,这个就要依赖实践中kubernetes的环境了。 monocular