什麼是Helm?這可不是暗黑破壞神裡裝備的名稱:頭盔,而是Kubernetes的一個包管理工具,用來簡化Kubernetes應用的部署和管理。我們Helm和Kubernetes的關系,我們可以了解成yum和CentOS,apt-get和Ubuntu的關系。
Helm由兩部分組成,用戶端helm和服務端tiller。
其中tiller運作在Kubernetes叢集上,管理chart,而用戶端helm就是一個指令行工具,可在本地運作,一般運作在持續內建/持續傳遞的伺服器上 。
下圖是helm的架構圖。
我們現在就來試用下helm。
首先安裝helm用戶端。
下載下傳helm執行檔案的壓縮包:
wget -O helm.tar.gz
https://storage.googleapis.com/kubernetes-helm/helm-v2.11.0-linux-amd64.tar.gztar -xzf helm.tar.gz
解壓完畢後,将helm檔案移到目錄/usr/local/bin/helm下面:
mv linux-amd64/helm /usr/local/bin/helm
給這個檔案加上執行權限:
chmod +x /usr/local/bin/helm
首先使用-namespace參數指定使用的namespace,我例子裡的命名空間是part-0110:
helm init --tiller-namespace part-0110 --service-account access
Creating /home/vagrant/.helm
Creating /home/vagrant/.helm/repository
Creating /home/vagrant/.helm/repository/cache
Creating /home/vagrant/.helm/repository/local
Creating /home/vagrant/.helm/plugins
Creating /home/vagrant/.helm/starters
Creating /home/vagrant/.helm/cache/archive
Creating /home/vagrant/.helm/repository/repositories.yaml
Adding stable repo with URL:
https://kubernetes-charts.storage.googleapis.comAdding local repo with URL:
http://127.0.0.1:8879/charts$HELM_HOME has been configured at /home/vagrant/.helm.
Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.
Please note: by default, Tiller is deployed with an insecure ‘allow unauthenticated users’ policy.
For more information on securing your installation see:
https://docs.helm.sh/using_helm/#securing-your-helm-installationHappy Helming!
從helm的init指令輸出,我們可以觀察到,該指令生成了大量和helm server互動所必須的repository。
現在可以使用helm version指令行參數檢視helm用戶端和伺服器端的版本号:
helm version --tiller-connection-timeout=5 --tiller-namespace part-0110
vagrant@vagrant:~/.kube$ helm version --tiller-connection-timeout=5 --tiller-namespace part-0110
Client: &version.Version{SemVer:“v2.9.1”, GitCommit:“20adb27c7c5868466912eebdf6664e7390ebe710”, GitTreeState:“clean”}
Server: &version.Version{SemVer:“v2.9.1”, GitCommit:“20adb27c7c5868466912eebdf6664e7390ebe710”, GitTreeState:“clean”}
使用指令helm repo list檢視helm倉庫清單:
根據名稱搜尋helm chart:
helm search chaoskube
使用下面的指令行安裝chart。指令行中的參數jerry可以根據需要改成你自己期望的名字。
helm install --name jerry stable/chaoskube --set namespaces=part-0110 --set rbac.serviceAccountName=access --tiller-namespace part-0110 --debug
下面是helm install指令的輸出,供您參考:
vagrant@vagrant:~/.kube$ helm install --name jerry stable/chaoskube --set namespaces=part-0110 --set rbac.serviceAccountName=access --tiller-namespace part-0110 --debug
[debug] Created tunnel using local port: ‘36408’
[debug] SERVER: “127.0.0.1:36408”
[debug] Original chart version: “”
[debug] Fetched stable/chaoskube to /home/vagrant/.helm/cache/archive/chaoskube-0.10.0.tgz
[debug] CHART PATH: /home/vagrant/.helm/cache/archive/chaoskube-0.10.0.tgz
NAME: jerry
REVISION: 1
RELEASED: Thu Nov 15 16:37:19 2018
CHART: chaoskube-0.10.0
USER-SUPPLIED VALUES:
namespaces: part-0110
rbac:
serviceAccountName: access
COMPUTED VALUES:
affinity: {}
annotations: null
debug: false
dryRun: true
excludedDaysOfYear: null
excludedTimesOfDay: null
excludedWeekdays: null
image: quay.io/linki/chaoskube
imageTag: v0.10.0
interval: 10m
labels: null
minimumAge: 0s
name: chaoskube
nodeSelector: {}
priorityClassName: “”
create: false
replicas: 1
resources: {}
timezone: UTC
tolerations: []
HOOKS:
MANIFEST:
Source: chaoskube/templates/deployment.yaml
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: jerry-chaoskube
labels:
app: chaoskube
heritage: “Tiller”
release: “jerry”
chart: chaoskube-0.10.0
spec:
selector:
matchLabels:
release: jerry
template:
containers:
image: quay.io/linki/chaoskube:v0.10.0
args:
–interval=10m
–labels=
–annotations=
–namespaces=part-0110
–excluded-weekdays=
–excluded-times-of-day=
–excluded-days-of-year=
–timezone=UTC
–minimum-age=0s
resources:
{}
serviceAccountName: “access”
LAST DEPLOYED: Thu Nov 15 16:37:19 2018
NAMESPACE: part-0110
STATUS: DEPLOYED
RESOURCES:
==> v1beta1/Deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
jerry-chaoskube 1 1 1 0 2s
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
jerry-chaoskube-6689695476-kchtn 0/1 ContainerCreating 0 1s
NOTES:
chaoskube is running and will kill arbitrary pods every 10m.
You can follow the logs to see what chaoskube does:
POD=$(kubectl -n part-0110 get pods -l=‘release=jerry-chaoskube’ --output=jsonpath=’{.items[0].metadata.name}’)
kubectl -n part-0110 logs -f $POD
You are running in dry-run mode. No pod is actually terminated.
使用helm list指令,現在就能檢視到剛才安裝的名為jerry的chart了。
helm list --tiller-namespace part-0110
使用helm指令檢視這個chart的明細(類似kubectl describe pod XXX )
helm status jerry --tiller-namespace part-0110
上圖也顯示了自動生成的pod名稱為jerry-chaoskube-6689695476-kchtn,可以用kubectl log指令檢視其運作日志:
kubectl log jerry-chaoskube-6689695476-kchtn
![linux-svn解除安裝與安裝[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)