安装和部署 Helm
安装 Helm 客户端
所有运行 kubectl 的节点均需要安装
1. 下载安装
# curl https://raw.githubusercontent.com/helm/helm/master/scripts/get | bash Helm v2.16.8 is available. Changing from version v2.11.0. Downloading https://get.helm.sh/helm-v2.16.8-linux-amd64.tar.gz Preparing to install helm and tiller into /usr/local/bin helm installed into /usr/local/bin/helm tiller installed into /usr/local/bin/tiller Run 'helm init' to configure helm.
2. 验证安装
# helm version
Client: &version.Version{SemVer:"v2.16.8", GitCommit:"145206680c1d5c28e3fcf30d6f596f0ba84fcb47", GitTreeState:"clean"}
Error: could not find tiller
安装安装的版本为 2.16.8,tiller 服务器还没有安装所以有一个报错
3. 安装 helm 的 bash 命令补全脚本
helm 有很多子命令和参数,为了提高使用命令行的效率,通常建议安装 helm 的 bash 命令补全脚本。
# helm completion bash > .helmrc && echo "source .helmrc" >> .bashrc #source .helmrc
重新登陆后,就能通过 TAB 自动补全 helm 命令的子命令和参数了。
安装 Tiller 服务器
1. 导入 tiller 镜像
所有节点上面导入 tiller.tar,下载地址:tiller.tar
# docker load -i tiller.tar
2. 创建 helm 服务账号
创建 tiller-rbac-config.yaml 文件,加入以下内容
# vim tiller-rbac-config.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: tiller
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: tiller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: tiller
namespace: kube-system
运行以下命令创建 tiller 服务账号
# kubectl apply -f tiller-rbac-config.yaml
3. 部署 tiller
Tiller 服务器安装非常简单,只需要执行 helm init,这里我们指定使用上一步创建的服务账号。
# helm init --service-account tiller Creating /root/.helm Creating /root/.helm/repository Creating /root/.helm/repository/cache Creating /root/.helm/repository/local Creating /root/.helm/plugins Creating /root/.helm/starters Creating /root/.helm/cache/archive Creating /root/.helm/repository/repositories.yaml Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com Adding local repo with URL: http://127.0.0.1:8879/charts $HELM_HOME has been configured at /root/.helm. Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster. Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy. To prevent this, run `helm init` with the --tiller-tls-verify flag. For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation Happy Helming!
验证操作
1. 查看 tiller 状态
# kubectl get pods --namespace kube-system [root@k8s-master cache]# kubectl get pods --namespace kube-system NAME READY STATUS RESTARTS AGE kubernetes-dashboard-555f9fffd-w9s8w 1/1 Running 0 25m tiller-deploy-6f4768779b-wh6f9 0/1 ImagePullBackOff 0 39m
可以看到 tiller 出错状态,是无法下载镜像导致。
解决办法
编辑下配置文件kubectl edit deployment tiller-deploy -n kube-system
2. 查看 helm 信息
# helm version
Client: &version.Version{SemVer:"v2.16.8", GitCommit:"145206680c1d5c28e3fcf30d6f596f0ba84fcb47", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.16.1", GitCommit:"bbdfe5e7803a12bbdf97e94cd847859890cf4050", GitTreeState:"clean"}
使用 Helm 安装 wordpress
1. 搜索 chart
搜索 wordpress 的 charts
# helm search wordpress NAME CHART VERSION APP VERSION DESCRIPTION stable/wordpress 5.6.0 5.1.0 Web publishing platform for building blogs and websites.
2. 查看 chart 的存储信息
创建 wordpress 的时候需要申请 PersistentVolumeClaim,由于我们的环境不支持动态申请所以需要手动创建
# helm inspect value stable/wordpress
……
## MariaDB admin password
## ref: https://github.com/bitnami/bitnami-docker-mariadb/blob/master/README.md#setting-the-root-password-on-first-run
##
# rootUser:
# password:
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
master:
persistence:
enabled: true
## mariadb data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessMode: ReadWriteOnce
size: 8Gi
……
persistence:
enabled: true
## wordpress data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
##
## If you want to reuse an existing claim, you can pass the name of the PVC using
## the existingClaim variable
# existingClaim: your-claim
accessMode: ReadWriteOnce
size: 10Gi
可以看到 wordpress 的 chart 需要两个 pv,分别用于 mariadb(8G) 和 wordpress(10G) 的数据存储。
3. 手动创建 chart 所需的 pv
创建 create-pv.yml 文件,输入以下内容
# vim create-pv.yml
apiVersion: v1
kind: PersistentVolume
metadata:
name: mariadb-pv
spec:
capacity:
storage: 8Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
#storageClassName: nfs
nfs:
path: /nfsdata/mariadb-pv
server: 172.20.6.116
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: wordpress-pv
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
#storageClassName: nfs
nfs:
path: /nfsdata/wordpress-pv
server: 172.20.6.116
创建 pv
# kubectl apply -f create-pv.yml persistentvolume/mariadb-pv created persistentvolume/wordpress-pv created
4. 安装 chart
# helm install --name wordpress stable/wordpress
NAME: wordpress ---------①---------
LAST DEPLOYED: Fri Jan 4 10:32:57 2019
NAMESPACE: default
STATUS: DEPLOYED
RESOURCES: ---------②---------
==> v1beta1/Deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
wordpress-wordpress 1 1 1 0 0s
==> v1beta1/StatefulSet
NAME DESIRED CURRENT AGE
wordpress-mariadb 1 1 0s
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
wordpress-wordpress-56794ff7b9-rf98x 0/1 Pending 0 0s
wordpress-mariadb-0 0/1 Pending 0 0s
==> v1/Secret
NAME TYPE DATA AGE
wordpress-mariadb Opaque 2 0s
wordpress-wordpress Opaque 1 0s
==> v1/ConfigMap
NAME DATA AGE
wordpress-mariadb 1 0s
wordpress-mariadb-tests 1 0s
==> v1/PersistentVolumeClaim
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
wordpress-wordpress Pending 0s
RESOURCES:
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
wordpress-mariadb ClusterIP 10.100.218.132 <none> 3306/TCP 0s
wordpress-wordpress LoadBalancer 10.100.36.64 <pending> 80:31051/TCP,443:30169/TCP 0s
NOTES: ---------③---------
1. Get the WordPress URL:
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace default -w wordpress-wordpress'
export SERVICE_IP=$(kubectl get svc --namespace default wordpress-wordpress --template "{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}")
echo "WordPress URL: http://$SERVICE_IP/"
echo "WordPress Admin URL: http://$SERVICE_IP/admin"
2. Login with the following credentials to see your blog
echo Username: user
echo Password: $(kubectl get secret --namespace default wordpress-wordpress -o jsonpath="{.data.wordpress-password}" | base64 --decode)
输出分为 3 部分(上文输出结果中的①②③):
- ① 本次部署 chart 的描述信息。包括 release 的名字(没有指定,则默认生成)。release 部署的 namespace,默认是 default。release的状态 DEPLOYED 表示已经将 chart 部署到集群。
- ② release 包含的资源: Service、 Deployment、 Secret 等
- ③ release 的使用方法
5. 访问 wordpress
使用 http://nodeip+service_port 访问wordpress,访问地址为:http://172.20.6.116:31051/
其他信息,包括后台地址,管理员账号等信息可以参考release 的 NOTES 部分。
原文链接:kubernetes安装Helm,转载请注明来源!