kubernetes 部署自定义chart
2019-09-26 本文已影响0人
baiyongjie
创建一个nginx的chart
- 创建文件夹
# mkdir -p /data/k8s/yaml/helm/nginx-first
# cd /data/k8s/yaml/helm/nginx-first
- 创建自描述文件 Chart.yaml
# cat <<'EOF' > ./Chart.yaml
name: helm-nginx-first
version: 1.0.0
EOF
- 创建模板文件, 用于生成 Kubernetes资源清单(manifests)
创建deployment
# mkdir ./templates
# cat <<'EOF' > ./templates/deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: helm-nginx-first
spec:
replicas: 1
template:
metadata:
labels:
app: helm-nginx-first
spec:
containers:
- name: helm-nginx-first
image: nginx:1.10
imagePullPolicy: IfNotPresent
EOF
创建service
cat <<'EOF' > ./templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: helm-nginx-first
spec:
selector:
app: helm-nginx-first
ports:
- port: 80
targetPort: 80
protocol: TCP
EOF
创建不可配置的Release
学习Release, Inspection, Removal, Rollback和Purge管理Helm Release的生命周期
使用chart安装应用
# helm install /data/k8s/yaml/helm/hello-world/
NAME: terrifying-alpaca
LAST DEPLOYED: Wed Aug 7 13:56:34 2019
NAMESPACE: default
STATUS: DEPLOYED
RESOURCES:
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
helm-nginx-first-69fcff5b64-ll6jh 0/1 ContainerCreating 0 0s
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
helm-nginx-first ClusterIP 10.104.99.228 <none> 80/TCP 0s
==> v1beta1/Deployment
NAME READY UP-TO-DATE AVAILABLE AGE
helm-nginx-first 0/1 1 0 0s
查看当前pod和service
# kubectl get pod,services
NAME READY STATUS RESTARTS AGE
pod/helm-nginx-first-69fcff5b64-ll6jh 1/1 Running 0 64s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/helm-nginx-first ClusterIP 10.104.99.228 <none> 80/TCP 64s
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 40d
# 访问Nginx测试
# curl -I 10.104.99.228
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Wed, 07 Aug 2019 05:58:15 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Tue, 31 Jan 2017 15:01:11 GMT
Connection: keep-alive
ETag: "5890a6b7-264"
Accept-Ranges: bytes
查询一个特定的Release的状态
# helm ls
NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE
terrifying-alpaca 1 Wed Aug 7 13:56:34 2019 DEPLOYED nginx-first-1.0.0 default
# helm status terrifying-alpaca
LAST DEPLOYED: Wed Aug 7 13:56:34 2019
NAMESPACE: default
STATUS: DEPLOYED
RESOURCES:
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
helm-nginx-first-69fcff5b64-ll6jh 1/1 Running 0 2m47s
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
helm-nginx-first ClusterIP 10.104.99.228 <none> 80/TCP 2m47s
==> v1beta1/Deployment
NAME READY UP-TO-DATE AVAILABLE AGE
helm-nginx-first 1/1 1 1 2m47s
删除release后再恢复release
# 删除release
# helm delete terrifying-alpaca
release "terrifying-alpaca" deleted
# 查看删除掉的release
# helm ls --deleted
NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE
terrifying-alpaca 1 Wed Aug 7 13:56:34 2019 DELETED nginx-first-1.0.0 default
# 恢复release
# helm rollback terrifying-alpaca 1
Rollback was a success.
# 查看恢复后的release,恢复后版本自行+1
# helm ls
NAME REVISION UPDATED STATUS CHART APP VERSION NAMESPACE
terrifying-alpaca 2 Wed Aug 7 14:03:18 2019 DEPLOYED nginx-first-1.0.0 default
彻底删除release
# helm delete --purge terrifying-alpaca
release "terrifying-alpaca" deleted
# helm ls --deleted
常用命令总结
helm install RELATIVE_PATH_TO_CHART 创建一次Release
helm ls 列出已经部署的Release
helm status RELEASE_NAME 查询一个特定的Release的状态
helm delete RELEASE_NAME 移除所有与这个Release相关的Kubernetes资源
helm ls --deleted 列出已经删除的Release
helm rollback RELEASE_NAME REVISION_NUMBER 回滚已经删除的Release到指定版本
helm delete --purge RELEASE_NAME 移除所有与指定Release相关的资源并删除Release记录
创建可配置的Release
官方的预定义变量
- Release.Name:发布的名称(不是chart)
- Release.Time:chart发布上次更新的时间。这将匹配Last ReleasedRelease对象上的时间。
- Release.Namespace:chart发布到的名称空间。
- Release.Service:进行发布的服务。通常这是Tiller。
- Release.IsUpgrade:如果当前操作是升级或回滚,则设置为true。
- Release.IsInstall:如果当前操作是安装,则设置为true。
- Release.Revision:修订号。它从1开始,每个都递增helm upgrade。
- Chart:内容Chart.yaml。因此,chart版本可以Chart.Version和维护者一样获得 Chart.Maintainers。
- Files:类似于chart的对象,包含chart中的所有非特殊文件。这不会授予您访问模板的权限,但可以访问存在的其他文件(除非使用它们除外.helmignore)。可以使用{{index .Files "file.name"}}或使用{{.Files.Get name}}或 {{.Files.GetStringname}}函数访问文件。您也可以访问该文件的内容,[]byte使用{{.Files.GetBytes}}
- Capabilities:类似于地图的对象,包含有关Kubernetes({{.Capabilities.KubeVersion}},Tiller({{.Capabilities.TillerVersion}}和支持的Kubernetes API)版本({{.Capabilities.APIVersions.Has "batch/v1")的版本的信息
新增values.yaml文件
配置体现在配置文件 values.yaml
# cat <<'EOF' > ./values.yaml
image:
repository: nginx
tag: '1.10'
replicas: 2
EOF
配置deployment,引用values的值
# cat <<'EOF' > ./templates/deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: helm-nginx-first
spec:
replicas: {{ .Values.replicas }}
template:
metadata:
labels:
app: helm-nginx-first
spec:
containers:
- name: helm-nginx-first
image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
imagePullPolicy: IfNotPresent
EOF
使用debug查看生成后的资源文件
使用--dry-run --debug选项来打印出生成的清单文件内容,而不执行部署
# helm install --set replicas='3' /data/k8s/yaml/helm/hello-world/ --dry-run --debug
[debug] Created tunnel using local port: '45205'
[debug] SERVER: "127.0.0.1:45205"
[debug] Original chart version: ""
[debug] CHART PATH: /data/k8s/yaml/helm/hello-world
NAME: virtuous-quoll
REVISION: 1
RELEASED: Wed Aug 7 14:35:44 2019
CHART: nginx-first-1.0.0
USER-SUPPLIED VALUES:
replicas: 3
COMPUTED VALUES:
image:
repository: nginx
tag: "1.10"
replicas: 3
HOOKS:
MANIFEST:
---
# Source: nginx-first/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: helm-nginx-first
spec:
selector:
app: helm-nginx-first
ports:
- port: 80
targetPort: 80
protocol: TCP
---
# Source: nginx-first/templates/deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: helm-nginx-first
spec:
replicas: 3
template:
metadata:
labels:
app: helm-nginx-first
spec:
containers:
- name: helm-nginx-first
image: nginx:1.10
imagePullPolicy: IfNotPresent
部署release时覆盖默认参数
# helm install --set replicas='3' /data/k8s/yaml/helm/hello-world/
# helm install --set replicas='3' /data/k8s/yaml/helm/hello-world/
NAME: ringed-peahen
LAST DEPLOYED: Wed Aug 7 14:52:59 2019
NAMESPACE: default
STATUS: DEPLOYED
RESOURCES:
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
helm-nginx-first-69fcff5b64-bcv5b 0/1 Pending 0 0s
helm-nginx-first-69fcff5b64-nxv4k 0/1 Pending 0 0s
helm-nginx-first-69fcff5b64-vnwqd 0/1 Pending 0 0s
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
helm-nginx-first ClusterIP 10.107.3.216 <none> 80/TCP 0s
==> v1beta1/Deployment
NAME READY UP-TO-DATE AVAILABLE AGE
helm-nginx-first 0/3 0 0 0s
查看部署结果
# helm status ringed-peahen
LAST DEPLOYED: Wed Aug 7 14:52:59 2019
NAMESPACE: default
STATUS: DEPLOYED
RESOURCES:
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
helm-nginx-first-69fcff5b64-bcv5b 1/1 Running 0 39s
helm-nginx-first-69fcff5b64-nxv4k 1/1 Running 0 39s
helm-nginx-first-69fcff5b64-vnwqd 1/1 Running 0 39s
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
helm-nginx-first ClusterIP 10.107.3.216 <none> 80/TCP 39s
==> v1beta1/Deployment
NAME READY UP-TO-DATE AVAILABLE AGE
helm-nginx-first 3/3 3 3 39s
# kubectl get po,svc
NAME READY STATUS RESTARTS AGE
pod/helm-nginx-first-69fcff5b64-bcv5b 1/1 Running 0 60s
pod/helm-nginx-first-69fcff5b64-nxv4k 1/1 Running 0 60s
pod/helm-nginx-first-69fcff5b64-vnwqd 1/1 Running 0 60s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/helm-nginx-first ClusterIP 10.107.3.216 <none> 80/TCP 60s
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 40d
使用harbor做helm仓库
安装docker和docker-compose
yum -y install yum-utils
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum -y install docker-ce-18.06.1.ce-3.el7
mkdir /etc/docker
cat > /etc/docker/daemon.json <<-'EOF'
{
"data-root": "/data/docker",
"registry-mirrors": ["https://docker.mirrors.ustc.edu.cn/", "https://registry.docker-cn.com"]
}
EOF
systemctl start docker
wget https://github.com/docker/compose/releases/download/1.24.0/docker-compose-Linux-x86_64
chmod +x docker-compose-Linux-x86_64
mv docker-compose-Linux-x86_64 /usr/local/bin/docker-compose
# docker-compose -v
docker-compose version 1.24.0, build 0aa59064
部署harbor
wget https://storage.googleapis.com/harbor-releases/release-1.8.0/harbor-offline-installer-v1.8.1.tgz
tar -xf harbor-offline-installer-v1.8.1.tgz -C /usr/local/
cd /usr/local/harbor/
# vim harbor.yml
hostname: 192.168.1.155
# ./install.sh --with-chartmuseum
...
✔ ----Harbor has been installed and started successfully.----
...
安装以后创建helm-repo仓库
添加harbor仓库为helm repo仓库
// http仓库
# helm repo add harbor --username=admin --password=baiyongjie http://192.168.1.155/chartrepo/helm-repo
"harbor" has been added to your repositories
// https仓库
# helm repo add harborssl --username=admin --password=baiyongjie2019 https://harbor.baiyongjie.net/chartrepo/charts --ca-file /etc/docker/certs.d/harbor.baiyongjie.net/harbor.baiyongjie.net.crt
"harbor" has been added to your repositories
将chart打包, 并上传到harbor上的helm仓库
# 上传需要安装插件
# helm plugin install https://github.com/chartmuseum/helm-push
Downloading and installing helm-push v0.7.1 ...
https://github.com/chartmuseum/helm-push/releases/download/v0.7.1/helm-push_0.7.1_linux_amd64.tar.gz
Installed plugin: push
# 将chart打包
# cd /data/k8s/yaml/helm/
# helm package nginx-first
Successfully packaged chart and saved it to: /data/k8s/yaml/helm/nginx-first-1.0.0.tgz
# 上传
# helm push --username=admin --password=baiyongjie nginx-first-1.0.0.tgz harbor
Pushing nginx-first-1.0.0.tgz to harbor...
Done.
安装helm可视化管理工具kubeapps
github地址: https://github.com/kubeapps/kubeapps
安装部署
# 部署kubeapps
helm repo add bitnami https://charts.bitnami.com/bitnami
helm fetch bitnami/kubeapps #修改value.yaml
helm install -f values.yaml --name=kubeapps --namespace=kubeapps kubeapps
创建kubeapps的sa,并创建token用于登录部署kubeapps
kubectl create serviceaccount kubeapps-operator
kubectl create clusterrolebinding kubeapps-operator --clusterrole=cluster-admin --serviceaccount=default:kubeapps-operator
kubectl get secret $(kubectl get serviceaccount kubeapps-operator -o jsonpath='{.secrets[].name}') -o jsonpath='{.data.token}' | base64 --decode
k8s微信交流群
image.png
如二维码过期添加群主微信 mm2199888 , 备注加群.
