使用国内源安装helm

之前一直回避这个东东，源于两方面原因：一是感觉构架复杂了，又有tiller又有helm，二来我自己写的部署平台，是自己来解析Yaml的。
但是，helm3.0构架变得简单了，并且这个东东，几乎是k8s的又一个部署标准，不了解不行呀。这不，gitlab在k8s里运行runner，推荐就是用Helm来作。
那即然如是，弄起来呗！
参考URL：
https://blog.csdn.net/cyfblog/article/details/99594921

https://www.jianshu.com/p/7ab38da8758e

先来一份简单安装，边操作边记录：

一，下载helm二进制客户端

wget https://get.helm.sh/helm-v2.9.0-linux-amd64.tar.gz

二，解压，放到/usr/local/bin下面，方便执行命令

tar -zxvf helm-v2.9.0-linux-amd64.tar.gz
mv linux-amd64/helm /usr/local/bin/

三，测试helm客户端命令

[root@localhost linux-amd64]# helm
The Kubernetes package manager

To begin working with Helm, run the 'helm init' command:

    $ helm init

This will install Tiller to your running Kubernetes cluster.
It will also set up any necessary local configuration.

Common actions from this point include:

- helm search:    search for charts
- helm fetch:     download a chart to your local directory to view
- helm install:   upload the chart to Kubernetes
- helm list:      list releases of charts

Environment:
  $HELM_HOME          set an alternative location for Helm files. By default, these are stored in ~/.helm
  $HELM_HOST          set an alternative Tiller host. The format is host:port
  $HELM_NO_PLUGINS    disable plugins. Set HELM_NO_PLUGINS=1 to disable plugins.
  $TILLER_NAMESPACE   set an alternative Tiller namespace (default "kube-system")
  $KUBECONFIG         set an alternative Kubernetes configuration file (default "~/.kube/config")

Usage:
  helm [command]

Available Commands:
  completion  Generate autocompletions script for the specified shell (bash or zsh)
  create      create a new chart with the given name
  delete      given a release name, delete the release from Kubernetes
  dependency  manage a chart's dependencies
  fetch       download a chart from a repository and (optionally) unpack it in local directory
  get         download a named release
  history     fetch release history
  home        displays the location of HELM_HOME
  init        initialize Helm on both client and server
  inspect     inspect a chart
  install     install a chart archive
  lint        examines a chart for possible issues
  list        list releases
  package     package a chart directory into a chart archive
  plugin      add, list, or remove Helm plugins
  repo        add, list, remove, update, and index chart repositories
  reset       uninstalls Tiller from a cluster
  rollback    roll back a release to a previous revision
  search      search for a keyword in charts
  serve       start a local http web server
  status      displays the status of the named release
  template    locally render templates
  test        test a release
  upgrade     upgrade a release
  verify      verify that a chart at the given path has been signed and is valid
  version     print the client/server version information

Flags:
      --debug                           enable verbose output
  -h, --help                            help for helm
      --home string                     location of your Helm config. Overrides $HELM_HOME (default "/root/.helm")
      --host string                     address of Tiller. Overrides $HELM_HOST
      --kube-context string             name of the kubeconfig context to use
      --tiller-connection-timeout int   the duration (in seconds) Helm will wait to establish a connection to tiller (default 300)
      --tiller-namespace string         namespace of Tiller (default "kube-system")

Use "helm [command] --help" for more information about a command.

四，k8s集群rbac权限设置

apiVersion: v1
kind: ServiceAccount
metadata:
  name: tiller
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: tiller
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
  - kind: ServiceAccount
    name: tiller
    namespace: kube-system

五，在k8s集群内安装Tiller

helm init --upgrade --service-account tiller  --tiller-image registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.9.0 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts 

要是上面这个命令报错：

$HELM_HOME has been configured at /root/.helm.
Error: error installing: the server could not find the requested resource

这说明api的版本有些落后，则使用如下命令弄一弄：

helm init --upgrade --service-account tiller  --tiller-image registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.9.0 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts --override spec.selector.matchLabels.'name'='tiller',spec.selector.matchLabels.'app'='helm' --output yaml | sed 's@apiVersion: extensions/v1beta1@apiVersion: apps/v1@' | kubectl apply -f -

六，一旦安装完成，使用helm version命令验证客户端和服务器端版本

[root@localhost linux-amd64]# helm version
Client: &version.Version{SemVer:"v2.9.0", GitCommit:"f6025bb9ee7daf9fee0026541c90a6f557a3e0bc", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.9.0", GitCommit:"f6025bb9ee7daf9fee0026541c90a6f557a3e0bc", GitTreeState:"clean"}

七，不能出网的内网，如何初始化helm服务？
前面的操作，只是表示Helm已在服务端和客户端就绪，而如果真正应用一个heml chart仓库在k8s中，才能发挥Helm的真正作用。
其实在第5步时，如果没有连上网络，是不能够正常运行的。会报错。
一个连随时联网的网络，按网上大路货操作，就是可以了。但如果在一个封闭的内网呢？网外的任何chart仓库都是不能访问的，那如何玩helm呢？
1，自己启动一个heml仓库空服务

helm serve --address localhost:8005 &

2，更新第5步的命令如下：

helm init --upgrade --service-account tiller  --tiller-image xxx/3rd_part/tiller:v2.9.0 --stable-repo-url http://localhost:8005/

3，需要helm部署时，从应用的官网下载chart文件

https://github.com/helm/charts/

4，更新chart后，打包成tgz文件

helm package .

5，使用heml命令更新到k8s（因为没有chart仓库，可能需要先删除老的，再部署新的）

helm del --purge gitlab-runner
helm install --namespace gitlab --name gitlab-runner gitlab-runner-0.17.0-beta.tgz

6，一个快捷打包和更新应用的命令

helm package . && helm upgrade gitlab-runner gitlab-runner-0.17.0-beta.tgz