1.25版本(本版本)的 helm 上传包时需要安装helm-push插件,插件功能没有集成进helm。
添加本地仓库
在harbor仓库中创建charts项目
注:我们在harbor仓库的部署时可以添加 --with-chartmuseum 参数,来支持 chart 仓库,我们也可以在k8s集群中部署harbor仓库。
[root@k8s1 harbor]# docker-compose down ##down后镜像不会被删除,数据持久化到了/data,目录不变化,数据不丢
[root@k8s1 harbor]# ./install.sh --with-chartmuseum
拷贝仓库证书,把证书放到系统层面,并更新证书:
[root@k8s2 helm]# cp /etc/docker/certs.d/reg.westos.org/ca.crt /etc/pki/ca-trust/source/anchors/
[root@k8s2 helm]# update-ca-trust
添加repo,把仓库加进来:(添加本地repo仓库)
/chartrepo固定格式 /charts是harbor仓库的项目名字,有差异
[root@k8s2 ~]# helm repo add local https://reg.westos.org/chartrepo/charts
"mychart" has been added to your repositories
[root@k8s2 ~]# helm repo list
NAME URL
my-repo https://charts.bitnami.com/bitnami
local https://reg.westos.org/chartrepo/charts ##新添加
本版本的 helm 上传包时需要安装helm-push插件,插件功能没有集成进helm。
注:由于在线安装需要科学上网,本次实验采用离线安装:
1.安装插件
在线安装(需要科学上网,不然选择离线安装)
[root@k8s2 helm]# yum install -y git
[root@k8s2 helm]# helm plugin install https://github.com/chartmuseum/helm-push ##输入命令后,自动安装
Downloading and installing helm-push v0.10.3 ...
https://github.com/chartmuseum/helm-push/releases/download/v0.10.3/helm-push_0.10.3_linux_amd64.tar.gz
Installed plugin: cm-push
[root@k8s2 helm]# helm plugin list
NAME VERSION DESCRIPTION
cm-push 0.10.3 Push chart package to ChartMuseum
2.离线安装
获取plugin默认目录
[root@k8s2 helm]# helm env ## 查看是否有插件目录
创建插件目录
[root@k8s2 helm]# mkdir -p /root/.local/share/helm/plugins/helm-push/
解压插件:解压到插件目录
[root@k8s2 ~]# tar zxf helm-push_0.10.3_linux_amd64.tar.gz -C /root/.local/share/helm/plugins/helm-push
[root@k8s2 helm]# helm cm-push -h ##此命令能够获得帮助表示安装成功
上传chart包到repo仓库
上传至新建的local
[root@k8s2 helm]# helm cm-push mychart-0.1.0.tgz local -u admin -p westos
Pushing mychart-0.1.0.tgz to local...
Done.
更新repo库,不然刚上传的chart包搜索不到
[root@k8s2 helm]# helm repo update local ##只更新local
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "local" chart repository
Update Complete. ⎈Happy Helming!⎈
查找:
[root@k8s2 helm]# helm search repo mychart
NAME CHART VERSION APP VERSION DESCRIPTION
local/mychart 0.1.0 v1 A Helm chart for Kubernetes
安装应用
[root@k8s2 helm]# helm install myapp local/mychart
NAME: myapp
LAST DEPLOYED: Thu Mar 16 13:46:58 2023
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
1. Get the application URL by running these commands:
http://myapp.westos.org/
[root@k8s2 helm]# helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
myapp default 1 2023-03-16 13:46:58.650310376 +0800 CST deployed mychart-0.1.0 v1
测试
[root@k8s1 harbor]# curl myapp.westos.org
Hello MyApp | Version: v1 | Pod Name
[root@k8s2 mychart]# vim Chart.yaml
[root@k8s2 mychart]# vim values.yaml
打包
[root@k8s2 helm]# helm package mychart
Successfully packaged chart and saved it to: /root/helm/mychart-0.2.0.tgz
上传chart包
[root@k8s2 helm]# helm cm-push mychart-0.2.0.tgz local -u admin -p westos
Pushing mychart-0.2.0.tgz to local...
Done.
更新repo
[root@k8s2 helm]# helm repo update local
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "local" chart repository
Update Complete. ⎈Happy Helming!⎈
[root@k8s2 helm]# helm search repo mychart -l ##列出所有,不加-l 只列出最新版本
NAME CHART VERSION APP VERSION DESCRIPTION
local/mychart 0.2.0 v2 A Helm chart for Kubernetes
local/mychart 0.1.0 v1 A Helm chart for Kubernetes
更新应用
[root@k8s2 helm]# helm upgrade myapp local/mychart
Release "myapp" has been upgraded. Happy Helming!
NAME: myapp
LAST DEPLOYED: Thu Mar 16 13:50:27 2023
NAMESPACE: default
STATUS: deployed
REVISION: 2
NOTES:
1. Get the application URL by running these commands:
http://myapp.westos.org/
注意:也可以指定版本安装,方法如下
[root@server2 mychart]# helm install myapp local/mychart --version 0.2.0
kubec get podNAME: myapp
测试
[root@k8s1 data]# curl myapp.westos.org
Hello MyApp | Version: v2 | Pod Name
[root@k8s2 helm]# helm history myapp
REVISION UPDATED STATUS CHART APP VERSION DESCRIPTION
1 Thu Mar 16 13:46:58 2023 superseded mychart-0.1.0 v1 Install complete
2 Thu Mar 16 13:50:27 2023 deployed mychart-0.2.0 v2 Upgrade complete
回滚应用
回滚应用
[root@k8s2 helm]# helm rollback myapp ##或者# helm rollback myapp 1
Rollback was a success! Happy Helming!
[root@k8s2 helm]# helm history myapp
REVISION UPDATED STATUS CHART APP VERSION DESCRIPTION
1 Thu Mar 16 13:46:58 2023 superseded mychart-0.1.0 v1 Install complete
2 Thu Mar 16 13:50:27 2023 superseded mychart-0.2.0 v2 upgrade complete
3 Thu Mar 16 13:52:02 2023 deployed mychart-0.1.0 v1 Rollback to 1
测试
[root@k8s1 data]# curl myapp.westos.org
Hello MyApp | Version: v1 | Pod Name
回收
[root@k8s2 helm]# helm uninstall myapp
release "myapp" uninstalled
helm绑定了所有的数据。直接卸载即可。
同理我们可以使用helm部署其他的应用。
我们之前在学习存储的时候做过nfs的部署,我们现在删除之前的所有东西,用helm重新部署一遍
在nfs目录中删除原有的部署
[root@k8s2 nfs]# ls
class.yaml deployment.yaml pod.yaml pvc.yaml rbac.yaml
[root@k8s2 nfs]# kubectl delete -f .
添加repo仓库
[root@k8s2 helm]# helm repo add nfs-subdir-external-provisioner https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner/
[root@k8s2 ~]# helm search repo nfs-subdir-external-provisioner
NAME CHART VERSION APP VERSION DESCRIPTION
nfs-subdir-external-provisioner/nfs-subdir-exte... 4.0.18 4.0.2 nfs-subdir-external-provisioner is an automatic...
[root@k8s1 nfsdata]# showmount -e ##查看k8s1上已经做好的nfs;192.168.56.171主机
Export list for k8s1:
/nfsdata *
storageClass: /存储类
create: true
defaultClass: true /设为默认存储类
rbac: /授权
拉取
[root@k8s2 helm]# helm pull nfs-subdir-external-provisioner/nfs-subdir-external-provisioner
下载至此目录,解压后操作
[root@k8s2 helm]# tar zxf nfs-subdir-external-provisioner-4.0.18.tgz
[root@k8s2 helm]# cd nfs-subdir-external-provisioner/
可自行修改所需功能后进行安装;所需镜像必须符合我们的仓库的版本
[root@k8s2 nfs-subdir-external-provisioner]# vim values.yaml
创建namespace:helm模板没有创建namespace的选项,需手动创建
[root@k8s2 nfs-subdir-external-provisioner]# kubectl create namespace nfs-provisioner
部署应用:
install 后面的nfs-provisioner为安装的helm应用的名字,自己定义即可
“.”从当前目录读取配置
-n nfs-provisioner安装到指定的namespace,未指定为default
[root@k8s2 nfs-subdir-external-provisioner]# helm install nfs-provisioner . -n nfs-provisioner
测试:
[root@k8s2 nfs-subdir-external-provisioner]# helm list -n nfs-provisioner ##列出应用
[root@k8s2 nfs-subdir-external-provisioner]# helm list -A ##列出所有namespace应用
[root@k8s2 nfs-subdir-external-provisioner]# kubectl get sc
用pvc测试
[root@k8s2 nfs]# ls
class.yaml deployment.yaml pod.yaml pvc.yaml rbac.yaml
[root@k8s2 nfs]# kubectl apply -f pvc.yaml
[root@k8s2 nfs]# kubectl get pvc
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
test-claim Bound pvc-562f2568-ea3e-4ad6-a183-e013b3d36c34 1Gi RWX nfs-client 2s
k8s1进行查看
[root@k8s2 nfs]# kubectl delete -f pvc.yaml
k8s1进行查看,ondelete是进行了打包,说明我们在配置文件的设置生效了;打包的目录可手动删除
archived:存档、打包
回收原有实验的部署
[root@k8s2 ingress]# kubectl delete -f deploy.yaml
添加repo:https://kubernetes.github.io/ingress-nginx是官方
[root@k8s2 helm]# helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
[root@k8s2 ~]# helm search repo ingress-nginx
NAME CHART VERSION APP VERSION DESCRIPTION
ingress-nginx/ingress-nginx 4.5.2 1.6.4 Ingress controller for Kubernetes using NGINX a...
[root@k8s2 helm]# helm pull ingress-nginx/ingress-nginx
[root@k8s2 helm]# tar zxf ingress-nginx-4.5.2.tgz
[root@k8s2 helm]# cd ingress-nginx/
[root@k8s2 ingress-nginx]# vim values.yaml
注释/清空哈希码和chroot
创建namespace
[root@k8s2 ingress-nginx]# kubectl create namespace ingress-nginx
部署应用
[root@k8s2 ingress-nginx]# helm install ingress-nginx . -n ingress-nginx
测试:部署myapp应用ingress
[root@k8s2 ~]# helm install myapp local/mychart
[root@k8s1 nfsdata]# curl myapp.westos.org
Hello MyApp | Version: v2 | Pod Name
[root@k8s2 ~]# helm uninstall myapp
回收原有部署
[root@k8s2 metrics]# kubectl delete -f components.yaml
[root@k8s2 helm]# helm repo add metrics-server https://kubernetes-sigs.github.io/metrics-server/
[root@k8s2 dashboard]# helm search repo metrics-server
NAME CHART VERSION APP VERSION DESCRIPTION
metrics-server/metrics-server 3.8.4 0.6.2 Metrics Server is a scalable, efficient source ...
[root@k8s2 helm]# helm pull metrics-server/metrics-server
[root@k8s2 helm]# tar zxf metrics-server-3.8.4.tgz
[root@k8s2 helm]# cd metrics-server
[root@k8s2 metrics-server]# vim values.yaml
加选项忽略secure-tls
defaultArgs:默认选项
创建namespace
[root@k8s2 metrics-server]# kubectl create namespace metrics-server
部署应用
[root@k8s2 metrics-server]# helm install metrics-server . -n metrics-server
kubeapps应用可以为Helm提供web UI界面管理,尤其是是用于部署的应用非常多的时候。
下载并上传所需镜像至harbor下创建的bitnami仓库:
所需nginx镜像自己拉取即可
[root@k8s1 ~]docker pull bitnami/kubeapps-dashboard:2.6.4-debian-11-r0
[root@k8s1 ~]docker tag bitnami/kubeapps-dashboard:2.6.4-debian-11-r0 reg.westos.org/bitnami/kubeapps-dashboard:2.6.4-debian-11-r0
[root@k8s1 ~]docker push reg.westos.org/bitnami/kubeapps-dashboard:2.6.4-debian-11-r0
维护repo list
[root@k8s1 ~]docker pull bitnami/kubeapps-apprepository-controller:2.6.4-scratch-r0
[root@k8s1 ~]docker tag bitnami/kubeapps-apprepository-controller:2.6.4-scratch-r0 reg.westos.org/bitnami/kubeapps-apprepository-controller:2.6.4-scratch-r0
[root@k8s1 ~]docker push reg.westos.org/bitnami/kubeapps-apprepository-controller:2.6.4-scratch-r0
自动同步仓库(update功能)
[root@k8s1 ~]docker pull bitnami/kubeapps-asset-syncer:2.6.4-scratch-r0
[root@k8s1 ~]docker tag bitnami/kubeapps-asset-syncer:2.6.4-scratch-r0 reg.westos.org/bitnami/kubeapps-asset-syncer:2.6.4-scratch-r0
[root@k8s1 ~]docker push reg.westos.org/bitnami/kubeapps-asset-syncer:2.6.4-scratch-r0
[root@k8s1 ~]docker pull bitnami/kubeapps-apis:2.6.4-debian-11-r0
[root@k8s1 ~]docker tag bitnami/kubeapps-apis:2.6.4-debian-11-r0 reg.westos.org/bitnami/kubeapps-apis:2.6.4-debian-11-r0
[root@k8s1 ~]docker push reg.westos.org/bitnami/kubeapps-apis:2.6.4-debian-11-r0
数据库( vim charts/postgresql/values.yaml需要的镜像)
[root@k8s1 ~]docker pull bitnami/postgresql:15.2.0-debian-11-r5
[root@k8s1 ~]docker tag bitnami/postgresql:15.2.0-debian-11-r5 reg.westos.org/bitnami/postgresql:15.2.0-debian-11-r5
[root@k8s1 ~]docker push reg.westos.org/bitnami/postgresql:15.2.0-debian-11-r5
[root@server2 nfs-client]# helm repo add bitnami https://charts.bitnami.com/bitnami ##1.25版本实验时为执行此命令
[root@server2 nfs-client]# helm repo list
[root@server2 kubeapps]# helm search repo kubeapps
NAME CHART VERSION APP VERSION DESCRIPTION
my-repo/kubeapps 12.2.7 2.6.4 Kubeapps is a web-based UI for launching and ma...
[root@server2 nfs-client]# helm pull bitnami/kubeapps ##默认拉取最新版本
[root@k8s2 helm]# tar zxf kubeapps-12.2.7.tgz
[root@k8s2 helm]# cd kubeapps/
[root@k8s2 kubeapps]# vim values.yaml
全局的镜像仓库名称
[root@k8s2 kubeapps]# vim charts/postgresql/values.yaml
创建一个命名空间
[root@k8s2 kubeapps]# kubectl create ns kubeapps
部署应用
[root@k8s2 kubeapps]# helm install kubeapps . -n kubeapps
修改svc暴露方式为LoadBalancer
[root@k8s2 kubeapps]# kubectl -n kubeapps edit svc kubeapps
访问:http://192.168.56.101
授权并获取token
创建sa(serviceaccount)
[root@k8s2 kubeapps]# kubectl create serviceaccount kubeapps-operator -n kubeapps
通过clusterrolebinding给创建的sa绑定cluster-admin权限
[root@k8s2 kubeapps]# kubectl create clusterrolebinding kubeapps-operator --clusterrole=cluster-admin --serviceaccount=kubeapps:kubeapps-operator
给创建的sa的kubeapps-operator用户身份申请token
[root@k8s2 kubeapps]# kubectl -n kubeapps create token kubeapps-operator
使用token登录web页面
添加本地仓库域名解析
[root@k8s2 reg.westos.org]# kubectl -n kube-system edit cm coredns
设置context
添加repo仓库
由于添加的仓库是公共的,跳不过去,只能添加ca证书
复制ca证书:cat /etc/docker/certs.d/reg.westos.org/ca.crt
以上部署完成后,可以使用web UI界面管理,如下图成功建立一个pod:
还可以进行版本更新、回滚、删除等操作
从虚拟机重新打包一个nginx版本的压缩包发送至reg.westos.org/chartrepo/charts
在harbor仓库可以查看到刚刚上传的
在kubeapps仓库暂时搜索不到刚刚上传的版本,因为更新时间为10分钟,当前版本没有手动刷新功能…
注:出现这个界面的原因是:此应用为我们用命令行部署(其实并不影响)