Kubernetes之Helm及其它功能性组件

1、Helm简介

• 在没使用Helm之前，向K8S部署应用，我们要依次部署deployment、svc 等，步骤较繁琐。况且随着很多项目微服务化，复杂的应用在容器中部署以及管理显得较为复杂，Helm通过打包的方式，支持发布的版本管理和控制，很大程度上简化了K8S应用的部署和管理。

• Helm本质就是让K8S的应用管理（Deployment、Service等 ) 可配置，能动态生成。通过动态生成K8S资源清单文件（deployment.yaml，service.yaml）。然后调用Kubectl自动执行K8S资源部署。

• Helm是官方提供的类似于YUM的包管理器，是部署环境的流程封装。Helm有两个重要的概念：chart和release：

  • chart是创建一个应用的信息集合，包括各种Kubernetes对象的配置模板、参数定义、依赖关系、文档说明等。chart是应用部署的自包含逻辑单元。可以将chart想象成apt、yum中的软件安装包。
  • release是chart的运行实例，代表了一个正在运行的应用。当chart被安装到Kubernetes集群，就生成一个release。chart能够多次安装到同一个集群，每次安装都是一个release。

• Helm包含两个组件：Helm客户端和Tiller服务器，如下图所示：

  
  • Helm客户端负责chart和release的创建和管理以及和Tiller的交互。Tiller服务器运行在 K8S集群中，它会处理Helm客户端的请求，与Kubernetes API Server交互。

2、Helm部署

• ①下载helm客户端：

  [root@master helm]# wget https://get.helm.sh/helm-v3.3.4-linux-amd64.tar.gz
  [root@master helm]# tar -zxvf helm-v3.3.4-linux-amd64.tar.gz && cp linux-amd64/helm /usr/local/bin/
  linux-amd64/
  linux-amd64/README.md
  linux-amd64/LICENSE
  linux-amd64/helm
  [root@master helm]# chmod a+x /usr/local/bin/helm
  [root@master helm]# helm version
  version.BuildInfo{Version:"v3.3.4", GitCommit:"a61ce5633af99708171414353ed49547cf05013d", GitTreeState:"clean", GoVersion:"go1.14.9"}

• ②添加helm存储库。

  [root@master helm]# helm repo add stable https://apphub.aliyuncs.com/stable
  "stable" has been added to your repositories
  [root@master helm]# helm repo list
  NAME    URL                               
  stable  https://apphub.aliyuncs.com/stable
  [root@master helm]# helm search repo redis
  NAME                                    CHART VERSION   APP VERSION     DESCRIPTION                                       
  stable/prometheus-redis-exporter        3.5.0           1.3.4           Prometheus exporter for Redis metrics             
  stable/redis                            10.5.7          5.0.7           DEPRECATED Open source, advanced key-value stor...
  stable/redis-ha                         4.4.6           5.0.6           DEPRECATED - Highly available Kubernetes implem...

3、Helm自定义模板

[root@master helm]# mkdir test
[root@master helm]# cd test
# 创建自描述文件Chart.yaml，这个文件必须有name和version定义
[root@master test]# vim Chart.yaml
[root@master test]# cat Chart.yaml 
name: hello-world
version: 1.0.0
# 创建模板文件，用于生成Kubernetes资源清单（manifests）
[root@master test]# mkdir templates && cd templates
[root@master templates]# vim deployment.yaml
[root@master templates]# cat deployment.yaml 
apiVersion: extensions/v1beta1
kind: Deployment
metadata:  
  name: hello-world
spec:  
  replicas: 1  
  template:    
    metadata:      
      labels:        
        app: hello-world    
    spec:      
      containers:        
        - name: hello-world          
          image: nginx:v1          
          ports:            
            - containerPort: 80              
              protocol: TCP
[root@master templates]# vim service.yaml
[root@master templates]# cat service.yaml 
apiVersion: v1
kind: Service
metadata:
  name: hello-world
spec:
  type: NodePort
  ports:
  - port: 80
    targetPort: 80
    protocol: TCP
  selector:    
    app: hello-world
[root@master templates]# cd ..
[root@master test]# helm install . --generate-name
NAME: chart-1635046441
LAST DEPLOYED: Sun Oct 24 11:34:01 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
# 列出已经部署的 Release
[root@master test]# helm list
NAME                    NAMESPACE       REVISION        UPDATED                                 STATUS          CHART                   APP VERSION
chart-1635046441        default         1               2021-10-24 11:34:01.635651755 +0800 CST deployed        hello-world-1.0.0                  
[root@master test]# kubectl get pod
NAME                           READY   STATUS    RESTARTS   AGE
hello-world-6798887487-gs4dh   1/1     Running   0          84s
# 查询一个特定的Release的历史版本信息
[root@master test]# helm history chart-1635046441
REVISION        UPDATED                         STATUS          CHART                   APP VERSION     DESCRIPTION     
1               Sun Oct 24 11:34:01 2021        deployed        hello-world-1.0.0                       Install complete
# 查询一个特定的Release的状态
[root@master test]# helm status chart-1635046441
NAME: chart-1635046441
LAST DEPLOYED: Sun Oct 24 11:34:01 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
# 动态切换版本
[root@master test]# vim values.yaml
[root@master test]# vim templates/deployment.yaml 
[root@master test]# cat values.yaml 
image:
  repository: nginx
  tag: 'v1'
[root@master test]# vim templates/deployment.yaml 
[root@master test]# cat templates/deployment.yaml 
apiVersion: extensions/v1beta1
kind: Deployment
metadata:  
  name: hello-world
spec:  
  replicas: 1  
  template:    
    metadata:      
      labels:        
        app: hello-world    
    spec:      
      containers:        
        - name: hello-world          
          image: {{ .Values.image.repository }}:{{ .Values.image.tag }}          
          ports:            
            - containerPort: 80              
              protocol: TC
# 更新当前的Release
[root@master test]# helm upgrade chart-1635046441 .
Release "chart-1635046441" has been upgraded. Happy Helming!
NAME: chart-1635046441
LAST DEPLOYED: Sun Oct 24 14:17:37 2021
NAMESPACE: default
STATUS: deployed
REVISION: 2
TEST SUITE: None
[root@master test]# kubectl get pod
NAME                           READY   STATUS    RESTARTS   AGE
hello-world-6798887487-gs4dh   1/1     Running   0          165m
# 通过添加set image.tag=''参数修改版本
[root@master test]# helm upgrade chart-1635046441 --set image.tag='v1' .
Release "chart-1635046441" has been upgraded. Happy Helming!
NAME: chart-1635046441
LAST DEPLOYED: Sun Oct 24 14:21:01 2021
NAMESPACE: default
STATUS: deployed
REVISION: 3
TEST SUITE: None
# 移除所有与这个Release相关的Kubernetes资源
[root@master test]# helm delete chart-1635046441
release "chart-1635046441" uninstalled
# 使用模板动态生成K8s资源清单，非常需要能提前预览生成的结果
# 使用--dry-run --debug 选项来打印出生成的清单文件内容，而不执行部署
[root@master ~]# helm install . --dry-run --debug --set image.tag=v1

4、使用Helm部署dashboard

# 使用代理服务器下载dashboard镜像并上传到工作节点
[root@vultr ~]# docker pull k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1
[root@vultr ~]# docker save -o dashboard.tar k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1
[root@node1 ~]# docker load -i dashboard.tar 
fbdfe08b001c: Loading layer [==================================================>]  122.3MB/122.3MB
Loaded image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1
[root@node2 ~]# docker load -i dashboard.tar 
Loaded image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.10.1
[root@master dashboard]# helm repo add kubernetes-dashboard https://kubernetes.github.io/dashboard/
"kubernetes-dashboard" has been added to your repositories
[root@master dashboard]# helm pull stable/kubernetes-dashboard
[root@master dashboard]# ll
总用量 12
-rw-r--r-- 1 root root 8753 10月 24 15:14 kubernetes-dashboard-1.11.0.tgz
[root@master dashboard]# tar -zxvf kubernetes-dashboard-1.11.0.tgz
[root@master dashboard]# cd kubernetes-dashboard
[root@master kubernetes-dashboard]# vim k8s-dashboard.yaml
[root@master kubernetes-dashboard]# cat k8s-dashboard.yaml 
image:
  repository: k8s.gcr.io/kubernetes-dashboard-amd64  
  tag: v1.10.1
ingress:  
  enabled: true  
  hosts:    
    - k8s.frognew.com  
  annotations:
    nginx.ingress.kubernetes.io/ssl-redirect: "true"    
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"  
  tls:    
    - secretName: frognew-com-tls-secret      
      hosts:      
      - k8s.frognew.com
rbac:  
  clusterAdminRole: true
[root@master kubernetes-dashboard]# helm install . --name-template=kubernetes-dashboard -f k8s-dashboard.yaml
NAME: kubernetes-dashboard
LAST DEPLOYED: Sun Oct 24 15:41:30 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
*********************************************************************************
*** PLEASE BE PATIENT: kubernetes-dashboard may take a few minutes to install ***
*********************************************************************************
From outside the cluster, the server URL(s) are:
     https://k8s.frognew.com
[root@master kubernetes-dashboard]# helm list
NAME                    NAMESPACE       REVISION        UPDATED                                 STATUS          CHART                           APP VERSION
kubernetes-dashboard    default         1               2021-10-24 15:41:30.408006246 +0800 CST deployed        kubernetes-dashboard-1.11.0     1.10.1     
[root@master kubernetes-dashboard]# kubectl get pod
NAME                                    READY   STATUS    RESTARTS   AGE
kubernetes-dashboard-77f54dc48f-6fnxz   1/1     Running   0          21s
[root@master kubernetes-dashboard]# kubectl get svc
NAME                   TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
kubernetes             ClusterIP   10.96.0.1       <none>        443/TCP   18d
kubernetes-dashboard   ClusterIP   10.106.98.236   <none>        443/TCP   86s
# 将Type=ClusterIP改成NodePort，使得外部能够访问
[root@master kubernetes-dashboard]# kubectl edit svc kubernetes-dashboard
service/kubernetes-dashboard edited
[root@master kubernetes-dashboard]# kubectl get svc
NAME                   TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE
kubernetes             ClusterIP   10.96.0.1       <none>        443/TCP         18d
kubernetes-dashboard   NodePort    10.106.98.236   <none>        443:32212/TCP   3m38s

5、使用dashboard部署应用

• 浏览器访问https://192.168.200.20:32212/#!/login即可进入dashboard操作界面，并登录。

  

  • 查询令牌命令为：

    [root@master kubernetes-dashboard]# kubectl get secret | grep kubernetes-dashboard-token
    kubernetes-dashboard-token-mb8g7             kubernetes.io/service-account-token   3      11m
    [root@master kubernetes-dashboard]# kubectl describe secret kubernetes-dashboard-token-mb8g7

• 创建应用。