随着业务容器化与向微服务架构转变,把庞大的单一应用为多个小的单体,使每个单体都可以独立部署和扩展,实现了敏捷开发、快速迭代和部署。微服务带来诸多便利的同时,也导致单体数量大幅增多,带来了诸多挑战。用户希望拥有以下功能,来消除面临的挑战:
1. Helm简介
Helm是一个包管理工具, 把Kubernetes资源(比如deployments、services或 ingress等) 打包到一个chart中,方便将其chart保存到chart仓库用来存储和分享, Helm支持发布应用配置的版本管理, 使发布可配置, 简化了Kubernetes部署应用的版本控制、打包、发布、删除、更新等操作。
Kubernetes所发布的调查报告显示,其中有64%都是利用Helm,管理Kubernetes环境中执行的应用。
2. Helm架构图
Helm架构由Helm客户端、Tiller服务器端和Chart仓库所组成;Tiller部署在Kubernetes中,Helm客户端从Chart仓库中获取Chart安装包,并将其安装部署到Kubernetes集群中。
3. 产品功能
Helm是管理Kubernetes包的工具,Helm能提供下面的能力:
wget https://storage.googleapis.com/kubernetes-helm/helm-v2.7.2-linux-amd64.tar.gz
tar -zxvf helm-v2.7.2-linux-amd64.tar.gz
mv linux-amd64/helm /usr/local/bin/helm
helm help
apiVersion: v1 kind: ServiceAccount metadata: name: tiller namespace: kube-system --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: tiller roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: tiller namespace: kube-system
kubectl create -f rbac-config.yaml
6. 初始化 Helm 并安装 Tiller 服务
helm init --upgrade --service-account tiller --tiller-image registry.docker-cn.com/rancher/tiller:v2.7.2
helm version
出现以下信息,确认安装成功
Client: &version.Version{SemVer:"v2.7.2", GitCommit:"8478fb4fc723885b155c924d1c8c410b7a9444e6", GitTreeState:"clean"} Server: &version.Version{SemVer:"v2.7.2", GitCommit:"8478fb4fc723885b155c924d1c8c410b7a9444e6", GitTreeState:"clean"}
helm repo update
helm search
NAME VERSION DESCRIPTION stable/acs-engine-autoscaler 2.2.0 Scales worker nodes within agent pools stable/aerospike 0.1.7 A Helm chart for Aerospike in Kubernetes stable/anchore-engine 0.2.6 Anchore container analysis and policy evaluatio... stable/apm-server 0.1.0 The server receives data from the Elastic APM a... stable/ark 1.2.2 A Helm chart for ark ...
helm search mysql
NAME VERSION DESCRIPTION stable/mysql 0.10.2 Fast, reliable, scalable, and easy to use open-... stable/mysqldump 1.0.0 A Helm chart to help backup MySQL databases usi... stable/prometheus-mysql-exporter 0.2.1 A Helm chart for prometheus mysql exporter with... stable/percona 0.3.3 free, fully compatible, enhanced, open source d... stable/percona-xtradb-cluster 0.3.0 free, fully compatible, enhanced, open source d... stable/phpmyadmin 1.3.0 phpMyAdmin is an mysql administration frontend stable/gcloud-sqlproxy 0.6.0 Google Cloud SQL Proxy stable/mariadb 5.2.3 Fast, reliable, scalable, and easy to use open-...
helm inspect stable/mysql
appVersion: 5.7.14 description: Fast, reliable, scalable, and easy to use open-source relational database system. engine: gotpl home: https://www.mysql.com/ icon: https://www.mysql.com/common/logos/logo-mysql-170x115.png keywords: - mysql - database - sql maintainers: - email: o.with@sportradar.com name: olemarkus - email: viglesias@google.com name: viglesiasce name: mysql sources: - https://github.com/kubernetes/charts - https://github.com/docker-library/mysql version: 0.10.2 ...
以WordPress、Nginx-Ingress为例进行演示。
例1:部署WordPress
WordPress是使用PHP语言开发的博客平台,逐渐发展成为世界上使用最多的自助博客工具;同时也作为一个内容管理系统(CMS)来使用。WordPress有以下两点优势:
helm install stable/wordpress
NAME: boisterous-aardwolf LAST DEPLOYED: Thu Nov 8 16:24:36 2018 NAMESPACE: default STATUS: DEPLOYED RESOURCES: ==> v1beta1/Deployment NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE boisterous-aardwolf-wordpress 1 1 1 0 1s ==> v1beta1/StatefulSet NAME DESIRED CURRENT AGE boisterous-aardwolf-mariadb 1 1 1s ...
输入以下命令:
kubectl get pvc
输出以下信息,显示为pending状态:
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE boisterous-aardwolf-wordpress Pending default 2m data-boisterous-aardwolf-mariadb-0 Pending default 2m
以boisterous-aardwolf-wordpress为例,创建boisterous-aardwolf-wordpress.yaml文件内容分别如下:
apiVersion: v1 kind: PersistentVolumeClaim metadata: name: boisterous-aardwolf-wordpress spec: accessModes: - ReadWriteOnce storageClassName: jdcloud-ssd resources: requests: storage: 20Gi
kubectl delete pvc boisterous-aardwolf-wordpress
执行创建:
kubectl create -f boisterous-aardwolf-wordpress.yaml
按照该方式创建命名为data-boisterous-aardwolf-mariadb-0的PVC。
kubectl get pod
NAME READY STATUS RESTARTS AGE boisterous-aardwolf-mariadb-0 1/1 Running 0 57m boisterous-aardwolf-wordpress-7b94db45db-s4g8f 1/1 Running 0 57m
kubectl get svc
输出以下信息
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE boisterous-aardwolf-mariadb ClusterIP 192.168.57.31 <none> 3306/TCP 1h boisterous-aardwolf-wordpress LoadBalancer 192.168.60.113 114.67.94.77 80:31860/TCP,443:30346/TCP 1h kubernetes ClusterIP 192.168.56.1 <none> 443/TCP 2d
显示以下信息:
WordPress Admin URL: http://114.67.94.77/admin
用户名:user
密码:$(kubectl get secret --namespace default boisterous-aardwolf-wordpress -o jsonpath="{.data.wordpress-password}" | base64 --decode)
helm delete boisterous-aardwolf
例2:部署Nginx-Ingress
Ingress是Kubernetes集群对外暴露服务的方式之一,使用开源的反向代理负载均衡器来实现对外暴漏服务,如Nginx。它可以给 service 提供集群外部访问的 URL、负载均衡、SSL 终止、HTTP 路由等。
以下讲述如何通过Helm快速创建Nginx-Ingress:
helm fetch stable/nginx-ingress tar -zxvf nginx-ingress-0.30.0.tgz
name: default-backend image: repository: googlecontainer/defaultbackend-amd64 tag: "1.4" pullPolicy: IfNotPresent
helm install nginx-ingress
输出以下信息:
NAME: fallacious-lionfish LAST DEPLOYED: Fri Nov 9 14:26:00 2018 NAMESPACE: default STATUS: DEPLOYED RESOURCES: ==> v1beta1/ClusterRoleBinding NAME AGE fallacious-lionfish-nginx-ingress 1s ...
helm install nginx-ingress
输出以下信息,状态为running,表示部署成功:
NAME READY STATUS RESTARTS AGE fallacious-lionfish-nginx-ingress-controller-6499bbb6c5-76t9v 1/1 Running 0 8m fallacious-lionfish-nginx-ingress-default-backend-674cb8879rds9 1/1 Running 0 8m
kubectl get service
输出以下信息:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE fallacious-lionfish-nginx-ingress-controller LoadBalancer 192.168.59.194 114.67.95.42 80:30296/TCP,443:30161/TCP 9m fallacious-lionfish-nginx-ingress-default-backend ClusterIP 192.168.61.72 <none> 80/TCP 9m kubernetes ClusterIP 192.168.56.1 <none> 443/TCP 2d
helm delete fallacious-lionfish