什么是 Helm

在沒使用 helm 之前胞得，向 kubernetes 部署應(yīng)用，我們要依次部署 deployment屹电、svc 等阶剑，步驟較繁瑣。況且隨著很多項(xiàng)目微服務(wù)化危号，復(fù)雜的應(yīng)用在容器中部署以及管理顯得較為復(fù)雜牧愁，helm 通過打包的方式，支持發(fā)布的版本管理和控制外莲，很大程度上簡(jiǎn)化了 Kubernetes 應(yīng)用的部署和管理Helm 本質(zhì)就是讓 K8s 的應(yīng)用管理（Deployment,Service 等 ) 可配置猪半，能動(dòng)態(tài)生成。通過動(dòng)態(tài)生成 K8s 資源清單文件（deployment.yaml偷线，service.yaml）磨确。然后調(diào)用 Kubectl 自動(dòng)執(zhí)行 K8s 資源部署Helm 是官方提供的類似于 YUM 的包管理器，是部署環(huán)境的流程封裝声邦。Helm 有兩個(gè)重要的概念：chart 和 release

• Helm使用的包格式稱為 chart乏奥。
  chart 是創(chuàng)建一個(gè)應(yīng)用的信息集合，包括各種 Kubernetes 對(duì)象的配置模板亥曹、參數(shù)定義邓了、依賴關(guān)系、文檔說
  明等媳瞪。chart 是應(yīng)用部署的自包含邏輯單元骗炉。可以將 chart 想象成 apt材失、yum 中的軟件安裝包痕鳍。

• Chart 文件結(jié)構(gòu)
  chart是一個(gè)組織在文件目錄中的集合。目錄名稱就是chart名稱（沒有版本信息）。因而描述WordPress的chart可以存儲(chǔ)在wordpress/目錄中笼呆。

在這個(gè)目錄中熊响，Helm 期望可以匹配以下結(jié)構(gòu)：

wordpress/
  Chart.yaml          # 包含了chart信息的YAML文件
  LICENSE             # 可選: 包含chart許可證的純文本文件
  README.md           # 可選: 可讀的README文件
  values.yaml         # chart 默認(rèn)的配置值
  values.schema.json  # 可選: 一個(gè)使用JSON結(jié)構(gòu)的values.yaml文件
  charts/             # 包含chart依賴的其他chart
  crds/               # 自定義資源的定義
  templates/          # 模板目錄， 當(dāng)和values 結(jié)合時(shí)诗赌，可生成有效的Kubernetes manifest文件
  templates/NOTES.txt # 可選: 包含簡(jiǎn)要使用說明的純文本文件

• 幾個(gè)Helm涉及的概念

1. Repositry: 集中存儲(chǔ)和分發(fā)Chart的倉庫汗茄，類似于Perl的CPAN, 或者Python的PyPI等。
2. Config: Chart實(shí)例化安裝運(yùn)行時(shí)使用的配置信息铭若。
3. Release: Chart實(shí)例化配置后運(yùn)行于Kubernetes集群中的一個(gè)應(yīng)用實(shí)例;在同一個(gè)集群上洪碳，一個(gè)Chart可以使用不同的Config重復(fù)安裝多次，每次安裝都會(huì)創(chuàng)建一 個(gè)新的發(fā)布 (Release)

• Helm 包含兩個(gè)組件：Helm 客戶端和 Tiller 服務(wù)器叼屠，如下圖所示

  
  

• Helm 客戶端負(fù)責(zé) chart 和 release 的創(chuàng)建和管理以及和 Tiller 的交互瞳腌。Tiller 服務(wù)器運(yùn)行在 Kubernetes 集群
  中，它會(huì)處理 Helm 客戶端的請(qǐng)求镜雨，與 Kubernetes API Server 交互

Helm 部署

helm v3版本不需要部Tiller 可直接使用
官網(wǎng)下載適合版本:

https://helm.sh/zh/docs/intro/install/

• helm倉庫

https://artifacthub.io/

• 安裝helm v3版

[root@k8s-master helm]# ls
helm-v3.6.1-linux-amd64.tar.gz
[root@k8s-master helm]# tar -xf helm-v3.6.1-linux-amd64.tar.gz 
l[root@k8s-master helm]# ls
helm-v3.6.1-linux-amd64.tar.gz  linux-amd64
[root@k8s-master helm]# cd linux-amd64/
[root@k8s-master linux-amd64]# ls
helm  LICENSE  README.md

• helm為可執(zhí)行二進(jìn)制文件 直接拷貝到

[root@k8s-master linux-amd64]# cp helm /usr/local/bin/helm  

[root@k8s-master linux-amd64]# helm --help
The Kubernetes package manager

Common actions for Helm:

- helm search:    search for charts
- helm pull:      download a chart to your local directory to view
- helm install:   upload the chart to Kubernetes
- helm list:      list releases of charts

Environment variables:
......

Helm常用命令

[root@k8s-master helm]# helm list -A   #查看所有helm 或指明 namespace
[root@k8s-master helm]# helm repo list   #查看倉庫
[root@k8s-master helm]# helm search hub  grafana   #hup搜索 
[root@k8s-master helm]# helm search repo  grafana   #倉庫搜索 
NAME                        CHART VERSION   APP VERSION DESCRIPTION                                       
grafana/grafana             6.13.6          8.0.3       The leading tool for querying and visualizing t...
grafana/enterprise-metrics  1.3.5           v1.3.0      Grafana Enterprise Metrics                       

[root@k8s-master helm]#  helm pull grafana/grafana   #下載Chart到本地

Helm Hub嫂侍、Repositry倉庫的添加

helm search hub

https://artifacthub.io/

• helm hub倉庫中搜索redis

image.png

• 點(diǎn)擊右側(cè)install 按提示添加倉庫地址

  
  

• 通過helm search hub搜索倉庫地址 找到適合的版本直接安裝

[root@k8s-master repository]# helm search hub redis -o yaml
- app_version: 6.2.5
  description: A Helm chart for Redis on Kubernetes
  url: https://artifacthub.io/packages/helm/groundhog2k/redis
  version: 0.4.7
- app_version: 6.0.11
  description: Open source, advanced key-value store. It is often referred to as a
    data structure server since keys can contain strings, hashes, lists, sets and
    sorted sets.
  url: https://artifacthub.io/packages/helm/taalhuizen-service/redis
  version: 12.7.7
- app_version: 1.16.0
  description: Redis with metrics compatible with ARM
  url: https://artifacthub.io/packages/helm/mmontes/redis
  version: 0.1.0
- app_version: 6.2.5
  description: Open source, advanced key-value store. It is often referred to as a
    data structure server since keys can contain strings, hashes, lists, sets and
    sorted sets.
  url: https://artifacthub.io/packages/helm/wenerme/redis
  version: 15.3.2
- app_version: ""
  description: A Redis database for use inside a Kubernetes cluster.
  url: https://artifacthub.io/packages/helm/drycc-canary/redis
  version: 1.0.0

Helm Repositry

• 常用的helm倉庫

helm repo add stable https://charts.helm.sh/stable #官方倉庫
helm repo add bitnami https://charts.bitnami.com/bitnami #第三方倉庫

• 查看現(xiàn)有倉庫

[root@k8s-master ~]# helm repo list 
Error: no repositories to show

• 添加helm倉庫

[root@k8s-master ~]# helm repo add bitnami https://charts.bitnami.com/bitnami
[root@k8s-master ~]# helm repo add stable https://charts.helm.sh/stable
"stable" has been added to your repositories
[root@k8s-master ~]# helm repo list
NAME    URL                               
bitnami https://charts.bitnami.com/bitnami
stable  https://charts.helm.sh/stable

[root@k8s-master ~]# helm repo update  #添加和刪除倉庫后更新索引信息 
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "stable" chart repository
...Successfully got an update from the "bitnami" chart repository
Update Complete. ?Happy Helming!?

• 搜索char

[root@k8s-master ~]# helm search repo redis 
NAME                                CHART VERSION   APP VERSION DESCRIPTION                                       
bitnami/redis                       15.3.2          6.2.5       Open source, advanced key-value store. It is of...
bitnami/redis-cluster               6.3.6           6.2.5       Open source, advanced key-value store. It is of...
stable/prometheus-redis-exporter    3.5.1           1.3.4       DEPRECATED Prometheus exporter for Redis metrics  
stable/redis                        10.5.7          5.0.7       DEPRECATED Open source, advanced key-value stor...
stable/redis-ha                     4.4.6           5.0.6       DEPRECATED - Highly available Kubernetes implem...
stable/sensu                        0.2.5           0.28        DEPRECATED Sensu monitoring framework backed by...

下載chart到本地 2種方法

1. 方法1 pull直接下載

[root@k8s-master ~]# cd mag/helm/
[root@k8s-master helm]# helm pull bitnami/redis  #把chart下載到本地
[root@k8s-master helm]# ls
helm-v3.6.1-linux-amd64.tar.gz  redis-15.3.2.tgz
[root@k8s-master helm]# tar -xf redis-15.3.2.tgz 
[root@k8s-master helm]# cd redis/
[root@k8s-master redis]# ls   
Chart.lock  charts  Chart.yaml  ci  img  README.md  templates  values.schema.json  values.yaml
[root@k8s-master redis]#

2. 方法2 緩沖文件中到找 chart
   當(dāng)執(zhí)行過安裝過命令后,helm會(huì)在家目錄生成.cache的緩存文件 里面也會(huì)包含chart

[root@k8s-master repository]# helm install db  bitnami/redis
[root@k8s-master repository]# pwd
/root/.cache/helm/repository

[root@k8s-master repository]# ll
total 19080
-rw-r--r-- 1 root root    1094 Sep 16 17:45 bitnami-charts.txt
-rw-r--r-- 1 root root 9570808 Sep 16 17:45 bitnami-index.yaml
-rw-r--r-- 1 root root   28227 Jul  1 17:40 grafana-6.13.6.tgz
-rw-r--r-- 1 root root    3908 Jul  7 21:41 myweb
-rw-r--r-- 1 root root    3872 Jul  7 03:13 nginx
-rw-r--r-- 1 root root   77619 Sep 17 11:53 redis-15.3.2.tgz  #redis chart文件
-rw-r--r-- 1 root root    3370 Sep 16 17:44 stable-charts.txt
-rw-r--r-- 1 root root 9839197 Sep 16 17:44 stable-index.yaml
[root@k8s-master repository]# tar -xf redis-15.3.2.tgz 
[root@k8s-master repository]# ls
bitnami-charts.txt  bitnami-index.yaml  grafana-6.13.6.tgz  myweb  nginx  redis  redis-15.3.2.tgz  stable-charts.txt  stable-index.yaml
[root@k8s-master repository]# cd redis/   #進(jìn)入到redis緩存文件中
[root@k8s-master redis]# ls
Chart.lock  charts  Chart.yaml  ci  img  README.md  templates  values.schema.json  values.yaml

• 查看redis chart的詳細(xì)信息

[root@k8s-master helm]# helm show all bitnami/redis  #顯示chart的所有信息
[root@k8s-master helm]# helm show readme  bitnami/redis   #顯示chart的自述信息 可以查看示例、配置荚坞、每個(gè)版本的更新詳情等信息

NAME    NAMESPACE   REVISION    UPDATED STATUS  CHART   APP VERSION
[root@k8s-master helm]# helm install db  bitnami/redis
NAME: db
LAST DEPLOYED: Fri Sep 17 11:44:05 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
** Please be patient while the chart is being deployed **

#以下是對(duì)應(yīng)用的描述信息  包括使用的端口 連接方式等
Redis™ can be accessed on the following DNS names from within your cluster:

    db-redis-master.default.svc.cluster.local for read/write operations (port 6379)  #端口
    db-redis-replicas.default.svc.cluster.local for read-only operations (port 6379)

To get your password run:

    export REDIS_PASSWORD=$(kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode)  #獲取密碼

To connect to your Redis™ server:
#不同的連接到redis的方法
1. Run a Redis™ pod that you can use as a client:    

   kubectl run --namespace default redis-client --restart='Never'  --env REDIS_PASSWORD=$REDIS_PASSWORD  --image docker.io/bitnami/redis:6.2.5-debian-10-r34 --command -- sleep infinity

   Use the following command to attach to the pod:

   kubectl exec --tty -i redis-client \
   --namespace default -- bash

2. Connect using the Redis™ CLI: 
   redis-cli -h db-redis-master -a $REDIS_PASSWORD
   redis-cli -h db-redis-replicas -a $REDIS_PASSWORD

To connect to your database from outside the cluster execute the following commands:

    kubectl port-forward --namespace default svc/db-redis-master 6379:6379 &
    redis-cli -h 127.0.0.1 -p 6379 -a $REDIS_PASSWORD


[root@k8s-master helm]# kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode
usubChTbCD

[root@k8s-master helm]# kubectl get pod  #查看部署狀態(tài)
NAME                  READY   STATUS             RESTARTS   AGE
db-redis-master-0     0/1     Pending            0          3m44s  #掛起狀態(tài)
db-redis-replicas-0   0/1     Pending            0          3m44s
mypod-env             0/1     CrashLoopBackOff   506        42h


[root@k8s-master helm]# kubectl describe pod db-redis-master-0    #查看描述信息
.....
Events:
  Type     Reason            Age   From               Message
  ----     ------            ----  ----               ------- 
  Warning  FailedScheduling  6m2s  default-scheduler  0/4 nodes are available: 4 pod has unbound immediate PersistentVolumeClaims.   #無法申請(qǐng)到PVC資源
  Warning  FailedScheduling  6m1s  default-scheduler  0/4 nodes are available: 4 pod has unbound immediate PersistentVolumeClaims.

示例2: redis部署

• 根據(jù)自己的實(shí)際情況 修改chart
• 進(jìn)入之前下載的chart 修改values.yaml文件 測(cè)試環(huán)境關(guān)閉PVC需求

[root@k8s-master redis]# pwd  
/root/mag/helm/redis
[root@k8s-master redis]# ls
Chart.lock  charts  Chart.yaml  ci  img  README.md  templates  values.schema.json  values.yaml
[root@k8s-master redis]# vim values.yaml

persistence:
    ## @param master.persistence.enabled Enable persistence on Redis™ master nodes using Persistent Volume Claims
    ##
    enabled: false  #關(guān)閉master數(shù)據(jù)持久化 測(cè)試環(huán)境沒有搭建PVC
    ## @param master.persistence.path The path the volume will be mounted at on Redis™ master containers
    ## NOTE: Useful when using different Redis™ images
    ##
    path: /data
    ## @param master.persistence.subPath The subdirectory of the volume to mount on Redis™ master containers
    ## NOTE: Useful in dev environments
    ##
    subPath: ""
    ## @param master.persistence.storageClass Persistent Volume storage class
    ## If defined, storageClassName: <storageClass>
    ## If set to "-", storageClassName: "", which disables dynamic provisioning
    ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
    ##
    storageClass: ""  #之前有部署longhorn的可以選擇longhorn
    ## @param master.persistence.accessModes [array] Persistent Volume access modes
    ##
    accessModes:
      - ReadWriteOnce
    ## @param master.persistence.size Persistent Volume size
    ##
    size: 8Gi


  persistence:
    ## @param replica.persistence.enabled Enable persistence on Redis&trade; replicas nodes using Persistent Volume Claims
    ##
    enabled: false #關(guān)閉slave數(shù)據(jù)持久化 測(cè)試環(huán)境沒有搭建PVC
    ## @param replica.persistence.path The path the volume will be mounted at on Redis&trade; replicas containers
    ## NOTE: Useful when using different Redis&trade; images
    ##
    path: /data
    ## @param replica.persistence.subPath The subdirectory of the volume to mount on Redis&trade; replicas containers
    ## NOTE: Useful in dev environments
    ##
    subPath: ""
    ## @param replica.persistence.storageClass Persistent Volume storage class
    ## If defined, storageClassName: <storageClass>
    ## If set to "-", storageClassName: "", which disables dynamic provisioning
    ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
    ##
    storageClass: ""
    ## @param replica.persistence.accessModes [array] Persistent Volume access modes
    ##
    accessModes:
      - ReadWriteOnce
    ## @param replica.persistence.size Persistent Volume size
    ##
    size: 8Gi
    
#修改副本數(shù)為1 根據(jù)自己需求修改默認(rèn)為3
replica:
  ## @param replica.replicaCount Number of Redis&trade; replicas to deploy
  ##
  replicaCount: 1

• 重新部署安裝

helm傳遞參數(shù) 變量的引用不同方式

• 方式1 還是上repo倉庫中的chart 但指定變量配置文件

[root@k8s-master helm]# helm install db bitnami/redis -f ./redis/values.yaml  

• 方式2 安裝時(shí)命令直接關(guān)閉

[root@k8s-master helm]# helm install db bitnami/redis --set master.persistence.enabled=false --set replica.persistence.enabled=false --set replice.replicaCount=1

• 方式3 直接使用修改后的chart

[root@k8s-master helm]# helm install db redis 
NAME: db
LAST DEPLOYED: Fri Sep 17 15:46:50 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
** Please be patient while the chart is being deployed **

Redis™ can be accessed on the following DNS names from within your cluster:

    db-redis-master.default.svc.cluster.local for read/write operations (port 6379)
    db-redis-replicas.default.svc.cluster.local for read-only operations (port 6379)

To get your password run:

    export REDIS_PASSWORD=$(kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode)

To connect to your Redis™ server:

1. Run a Redis™ pod that you can use as a client:

   kubectl run --namespace default redis-client --restart='Never'  --env REDIS_PASSWORD=$REDIS_PASSWORD  --image docker.io/bitnami/redis:6.2.5-debian-10-r34 --command -- sleep infinity

   Use the following command to attach to the pod:

   kubectl exec --tty -i redis-client \
   --namespace default -- bash

2. Connect using the Redis™ CLI:
   redis-cli -h db-redis-master -a $REDIS_PASSWORD
   redis-cli -h db-redis-replicas -a $REDIS_PASSWORD

To connect to your database from outside the cluster execute the following commands:

    kubectl port-forward --namespace default svc/db-redis-master 6379:6379 &
    redis-cli -h 127.0.0.1 -p 6379 -a $REDIS_PASSWORD

以上連接方式信息不需要保存 可通過status再次查看

[root@k8s-master helm]# helm status  db
[root@k8s-master helm]# kubectl get pod
NAME                  READY   STATUS    RESTARTS   AGE
db-redis-master-0     1/1     Running   0          39s
db-redis-replicas-0   0/1     Running   0          39s

• 獲取redis密碼

[root@k8s-master helm]# kubectl get secret --namespace default db-redis -o jsonpath="{.data.redis-password}" | base64 --decode
0Wf7jcy379[root@k8s-master helm]#  

• 登錄主節(jié)點(diǎn)

[root@k8s-master helm]# kubectl exec db-redis-master-0 -it -- /bin/sh
$ redis-cli -a 0Wf7jcy379
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
127.0.0.1:6379> set mykey www.google.com
OK
127.0.0.1:6379> set mykey2 www.baidu.com
OK
127.0.0.1:6379> get mykey2
"www.baidu.com"
127.0.0.1:6379> exit

$ redis-cli -h db-redis-replicas -a 0Wf7jcy379  #登錄slave節(jié)點(diǎn)  看數(shù)據(jù)是否同步過去
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
db-redis-replicas:6379> get mykey
"www.google.com"
db-redis-replicas:6379> get mykey2
"www.baidu.com"
db-redis-replicas:6379> 

[root@k8s-master helm]# helm  install   db2 redis -n dev  #再dev 名稱空間部署redis

[root@k8s-master helm]# helm  delete  db2 redis -n dev #刪除db2