k 8 s helmパッケージマネージャのインストール
13332 ワード
文書ディレクトリ
一、helm概要
Kubernetes Helmは、予め構成されたKubernetesリソースパッケージを管理するツールであり、ここでのリソースはHelmではKubernetes chartsとも呼ばれる.
Helmの使用:
二、helmのインストール
Helmには、Helmクライアント(helm)とHelmサービス側(Tiller)の2つのセクションがあります.
1、ダウンロードインストールhelm
公式リリースアドレスに自分の欲しいバージョンをダウンロードしてください.私は2.9.0を使っています.公式リリース:https://github.com/helm/helm/releases
公式指定バージョン圧縮パッケージのダウンロード[root@master helm]## wget https://get.helm.sh/helm-v2.9.0-linux-amd64.tar.gz
解凍し、実行可能ファイルhelmを/usr/local/bin/ディレクトリに移動[root@master helm]# tar -zxvf helm-v2.9.0-linux-amd64.tar.gz
[root@master helm]# mv linux-amd64/helm /usr/local/bin/
helmの使用[root@master helm]# helm
The Kubernetes package manager
To begin working with Helm, run the 'helm init' command:
$ helm init
This will install Tiller to your running Kubernetes cluster.
It will also set up any necessary local configuration.
Common actions from this point include:
- helm search: search for charts
- helm fetch: download a chart to your local directory to view
- helm install: upload the chart to Kubernetes
- helm list: list releases of charts
Environment:
$HELM_HOME set an alternative location for Helm files. By default, these are stored in ~/.helm
$HELM_HOST set an alternative Tiller host. The format is host:port
$HELM_NO_PLUGINS disable plugins. Set HELM_NO_PLUGINS=1 to disable plugins.
$TILLER_NAMESPACE set an alternative Tiller namespace (default "kube-system")
$KUBECONFIG set an alternative Kubernetes configuration file (default "~/.kube/config")
Usage:
helm [command]
Available Commands:
completion Generate autocompletions script for the specified shell (bash or zsh)
create create a new chart with the given name
delete given a release name, delete the release from Kubernetes
dependency manage a chart's dependencies
fetch download a chart from a repository and (optionally) unpack it in local directory
get download a named release
history fetch release history
home displays the location of HELM_HOME
init initialize Helm on both client and server
inspect inspect a chart
install install a chart archive
lint examines a chart for possible issues
list list releases
package package a chart directory into a chart archive
plugin add, list, or remove Helm plugins
repo add, list, remove, update, and index chart repositories
reset uninstalls Tiller from a cluster
rollback roll back a release to a previous revision
search search for a keyword in charts
serve start a local http web server
status displays the status of the named release
template locally render templates
test test a release
upgrade upgrade a release
verify verify that a chart at the given path has been signed and is valid
version print the client/server version information
Flags:
--debug enable verbose output
-h, --help help for helm
--home string location of your Helm config. Overrides $HELM_HOME (default "/root/.helm")
--host string address of Tiller. Overrides $HELM_HOST
--kube-context string name of the kubeconfig context to use
--tiller-connection-timeout int the duration (in seconds) Helm will wait to establish a connection to tiller (default 300)
--tiller-namespace string namespace of Tiller (default "kube-system")
Use "helm [command] --help" for more information about a command.
2、Helmを初期化してtillerをインストールする
Tillerをクラスタにインストールする最も簡単な方法はhelm initを実行し、以下のパラメータ設定で国内ミラーと
2.1、RBAC設定
Tillerはhelmのサーバ側であり、一般的にkubernetesクラスタ上で実行され、tillerのServiceAccountを定義し、クラスタ管理者ロールcluster-adminにClusterRoleBindingでバインドすることで、クラスタレベルのすべての最高権限を持つようにします.詳細は、ロールベースのアクセス制御apiVersion: v1
kind: ServiceAccount
metadata:
name: tiller
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: tiller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: tiller
namespace: kube-system
k 8 sクラスタへの配備[root@k8s-master ~]# kubectl apply -f tiller-rbac.yaml
serviceaccount/tiller created
clusterrolebinding.rbac.authorization.k8s.io/tiller created
2.2、tillerを初期化してインストールする
あまり聞かなくてもいいです.国内の住所を使えばいいです.バージョン番号に注意してください.[root@master helm]# helm init --upgrade --service-account tiller --tiller-image registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.9.0 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
パラメータの説明:
[root@master helm]## wget https://get.helm.sh/helm-v2.9.0-linux-amd64.tar.gz
[root@master helm]# tar -zxvf helm-v2.9.0-linux-amd64.tar.gz
[root@master helm]# mv linux-amd64/helm /usr/local/bin/
[root@master helm]# helm
The Kubernetes package manager
To begin working with Helm, run the 'helm init' command:
$ helm init
This will install Tiller to your running Kubernetes cluster.
It will also set up any necessary local configuration.
Common actions from this point include:
- helm search: search for charts
- helm fetch: download a chart to your local directory to view
- helm install: upload the chart to Kubernetes
- helm list: list releases of charts
Environment:
$HELM_HOME set an alternative location for Helm files. By default, these are stored in ~/.helm
$HELM_HOST set an alternative Tiller host. The format is host:port
$HELM_NO_PLUGINS disable plugins. Set HELM_NO_PLUGINS=1 to disable plugins.
$TILLER_NAMESPACE set an alternative Tiller namespace (default "kube-system")
$KUBECONFIG set an alternative Kubernetes configuration file (default "~/.kube/config")
Usage:
helm [command]
Available Commands:
completion Generate autocompletions script for the specified shell (bash or zsh)
create create a new chart with the given name
delete given a release name, delete the release from Kubernetes
dependency manage a chart's dependencies
fetch download a chart from a repository and (optionally) unpack it in local directory
get download a named release
history fetch release history
home displays the location of HELM_HOME
init initialize Helm on both client and server
inspect inspect a chart
install install a chart archive
lint examines a chart for possible issues
list list releases
package package a chart directory into a chart archive
plugin add, list, or remove Helm plugins
repo add, list, remove, update, and index chart repositories
reset uninstalls Tiller from a cluster
rollback roll back a release to a previous revision
search search for a keyword in charts
serve start a local http web server
status displays the status of the named release
template locally render templates
test test a release
upgrade upgrade a release
verify verify that a chart at the given path has been signed and is valid
version print the client/server version information
Flags:
--debug enable verbose output
-h, --help help for helm
--home string location of your Helm config. Overrides $HELM_HOME (default "/root/.helm")
--host string address of Tiller. Overrides $HELM_HOST
--kube-context string name of the kubeconfig context to use
--tiller-connection-timeout int the duration (in seconds) Helm will wait to establish a connection to tiller (default 300)
--tiller-namespace string namespace of Tiller (default "kube-system")
Use "helm [command] --help" for more information about a command.
apiVersion: v1
kind: ServiceAccount
metadata:
name: tiller
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: tiller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: tiller
namespace: kube-system
[root@k8s-master ~]# kubectl apply -f tiller-rbac.yaml
serviceaccount/tiller created
clusterrolebinding.rbac.authorization.k8s.io/tiller created
[root@master helm]# helm init --upgrade --service-account tiller --tiller-image registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.9.0 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
Tillerがインストールされると、helm versionを実行するとクライアントとサーバのバージョンが表示されます.
[root@master helm]# helm version
Client: &version.Version{SemVer:"v2.9.0", GitCommit:"f6025bb9ee7daf9fee0026541c90a6f557a3e0bc", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.9.0", GitCommit:"f6025bb9ee7daf9fee0026541c90a6f557a3e0bc", GitTreeState:"clean"}
kube-systemネーミングスペースでtillerが配備されていることがわかります[root@master helm]# kubectl get pods -n kube-system | grep tiller
tiller-deploy-fb87c8876-nl5n2 1/1 Running 0 15h
三、helm常用コマンドの使用
1、helm repo:chartウェアハウスの追加、リスト、削除、更新、インデックス
[root@master helm]# helm repo add gitlab https://charts.gitlab.io
"gitlab" has been added to your repositories
2、helm search:キーワード検索charts
[root@master helm]# helm search runner
NAME CHART VERSION APP VERSION DESCRIPTION
gitlab/gitlab-runner 0.7.0 12.1.0 GitLab Runner
3、helm list:パブリッシュされたサービスをリストする
[root@master helm]# helm list
NAME REVISION UPDATED STATUS CHART NAMESPACE
gitlab-runner 1 Thu Aug 15 09:27:51 2019 DEPLOYED gitlab-runner-0.7.0 gitlab
4、helm history:
[root@master helm]# helm history gitlab-runner
REVISION UPDATED STATUS CHART DESCRIPTION
1 Thu Aug 15 09:27:51 2019 DEPLOYED gitlab-runner-0.7.0 Install complete
四、出会った小さな問題
1.helm initは作成したServiceAccountを指定していません
エラーメッセージは次のとおりです.[root@master helm]# helm list
Error: Get http://localhost:8080/api/v1/namespaces/kube-system/configmaps?labelSelector=OWNER%!D(MISSING)TILLER: dial tcp 0.0.0.0:8080: connect: connection refused
tillerを削除し、helm init --service-account tiller ...kubectl -n kube-system delete deploy tiller-deploy
[root@master helm]# helm repo add gitlab https://charts.gitlab.io
"gitlab" has been added to your repositories
[root@master helm]# helm search runner
NAME CHART VERSION APP VERSION DESCRIPTION
gitlab/gitlab-runner 0.7.0 12.1.0 GitLab Runner
[root@master helm]# helm list
NAME REVISION UPDATED STATUS CHART NAMESPACE
gitlab-runner 1 Thu Aug 15 09:27:51 2019 DEPLOYED gitlab-runner-0.7.0 gitlab
[root@master helm]# helm history gitlab-runner
REVISION UPDATED STATUS CHART DESCRIPTION
1 Thu Aug 15 09:27:51 2019 DEPLOYED gitlab-runner-0.7.0 Install complete
1.helm initは作成したServiceAccountを指定していません
エラーメッセージは次のとおりです.
[root@master helm]# helm list
Error: Get http://localhost:8080/api/v1/namespaces/kube-system/configmaps?labelSelector=OWNER%!D(MISSING)TILLER: dial tcp 0.0.0.0:8080: connect: connection refused
tillerを削除し、
helm init --service-account tiller ...kubectl -n kube-system delete deploy tiller-deploy