0
点赞
收藏
分享

微信扫一扫

26、helm部署应用

Helm:仓库的前端工具

Chart:包管理器

包管理器:Chart
    在kubernetes上部署应用程序所需要用到的各类资源配置文件
    得给不同的用户面向不用场景留出配置接口:配置文件内置了很多模板字串
       go-template
    这些模板字串都被内置提供了默认值:values,yaml,值文件
Chart仓库:
    Chart制定和分发
    Chart Hub:https://artifacthub.io/

使用helm部署应用:
   (1)配置仓库
   (2)定位chart
   (3)通过向chart中模板字串赋值完成其实例化,即模板渲染;
           模板字串的渲染方式:
             (a)直接在helm install的命令行,通过--set选项进行;
             (b)自定义values.yaml,由helm install命令加载该文件;
       实例化后的结果,就可以部署到目录kubernetes上;
       
   (4)每个部署出来的结果,称为一个release;
        应用安装命令:helm install 就是完成部署

部署helm

下载helm:
https://github.com/helm/helm/releases/tag/v3.10.2
[root@k8s-master01 packages]#ls
 cri-dockerd_0.2.6.3-0.ubuntu-focal_amd64_.deb  'helm-v3.10.2-linux-amd64_(1).tar.gz'
[root@k8s-master01 packages]#tar xf 'helm-v3.10.2-linux-amd64_(1).tar.gz' 
解压:
[root@k8s-master01 packages]#ls
 cri-dockerd_0.2.6.3-0.ubuntu-focal_amd64_.deb  'helm-v3.10.2-linux-amd64_(1).tar.gz'   linux-amd64/

[root@k8s-master01 packages]#cd linux-amd64/
[root@k8s-master01 packages/linux-amd64]#ls
helm LICENSE README.md

将helm文件移动到/usr/local/bin/目录下:
[root@k8s-master01 linux-amd64]#mv helm /usr/local/bin/

helm加载配置节点下的kubeconfig文件,认证到API Server。
该kubeconfig配置文件中所保存认证凭据的用户身份被赋予了什么权限,helm相应的具有什么权限
kubectl config view


此时就有helm命令可以使用:
[root@k8s-master01 ~]#helm
The Kubernetes package manager

Common actions for Helm:

- helm search:    search for charts        #搜索仓库下的服务,可以去hub或repo(当地仓库)搜索
- helm pull:      download a chart to your local directory to view
- helm install:   upload the chart to Kubernetes
- helm list:      list releases of charts  #列出指定名称空间下已经安装好的releases

helm repo:管理仓库
helm repo list:列出本地配置好的仓库
helm repo add:拉取仓库
helm repo remove:移除仓库

helm部署MySQL

拉取站点:
https://artifacthub.io/packages/helm/bitnami/mysql

去站点拉取仓库:
[root@k8s-master01 ~]#helm repo add bitnami(仓库名) https://charts.bitnami.com/bitnami
"bitnami" has been added to your repositories
查看仓库:
[root@k8s-master01 ~]#helm repo list
NAME   	URL                               
bitnami	https://charts.bitnami.com/bitnami

在已经下载好的仓库搜索MySQL:
[root@k8s-master01 ~]#helm search repo mysql
NAME                  	CHART VERSION	APP VERSION	DESCRIPTION                                       
bitnami/mysql         	9.4.4        	8.0.31     	MySQL is a fast, reliable, scalable, and easy t...
bitnami/phpmyadmin    	10.3.6       	5.2.0      	phpMyAdmin is a free software tool written in P...
bitnami/mariadb       	11.4.0       	10.6.11    	MariaDB is an open source, community-developed ...
bitnami/mariadb-galera	7.4.8        	10.6.11    	MariaDB Galera is a multi-primary database clus...
也可以在hub上搜:
[root@k8s-master01 ~]#helm search hub mysql

基于bitnami仓库下mysql chart部署release,就会自动把mysql部署起来了
helm install my-release bitnami/mysql #这里的mysql镜像有没有主从等等取决于默认值文件中的定义

也可以把mysql下载下来进行查看:
[root@k8s-master01 ~]#cd /tmp/
[root@k8s-master01 /tmp/]#helm pull bitnami/mysql
对chart进行解包
[root@k8s-master01 /tmp/]#tar xf mysql-9.4.3.tar
[root@k8s-master01 /tmp/]#cd mysql/

创建一个名称空间给mysql使用:
[root@k8s-master01 ~]#kubectl create namespace blog
namespace/blog created

配置mysql主从复制并支持持久化	
下载MySQL:
    仅有主节点使用以下命令:
        helm install mysql  \
            --set auth.rootPassword=MageEdu \
            --set primary.persistence.storageClass=nfs-csi \
            --set auth.database=wpdb \
            --set auth.username=wpuser \
            --set auth.password='magedu.com' \
            bitnami/mysql \
            -n blog

  

    主从节点使用以下命令:
        helm install mysql  \
            --set auth.rootPassword=MageEdu \
            --set global.storageClass=nfs-csi \
            --set architecture=replication \
            --set auth.database=wpdb \
            --set auth.username=wpuser \
            --set auth.password='magedu.com' \
            --set secondary.replicaCount=1 \
            --set auth.replicationPassword='replpass' \
            bitnami/mysql \
            -n blog

下载成功,会返回一个信息:
NAME: mysql
LAST DEPLOYED: Mon Nov 21 17:58:12 2022
NAMESPACE: blog
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: mysql
CHART VERSION: 9.4.4
APP VERSION: 8.0.31

查看部署时所显示的相关信息
helm list -n blog
helm status mysql -n blog

release 更新/升级:helm upgrade 
release 回滚:helm rollback
            

增加到两个:
helm upgrade mysql  \
            --set auth.rootPassword=MageEdu \
            --set global.storageClass=nfs-csi \
            --set architecture=replication \
            --set auth.database=wpdb \
            --set auth.username=wpuser \
            --set auth.password='magedu.com' \
            --set secondary.replicaCount=2 \
            --set auth.replicationPassword='replpass' \
            bitnami/mysql \
            -n blog

把主节点的服务入口mysql-primary.blog.svc.cluster.local:3306作为wordpress对接的入口

部署wordpress

在下载好仓库的前提下部署:
Wordpress:
        1、自带的MariaDB:

            helm install wordpress \
                --set wordpressUsername=wpuser \
                --set wordpressPassword='magedu.com' \
                --set mariadb.auth.rootPassword=secretpassword \
                bitnami/wordpress

        2、外部的数据:借助于部署好的mysql
            helm install wordpress \
                --set mariadb.enabled=false \
                --set externalDatabase.host=mysql.blog.svc.cluster.local \
                --set externalDatabase.user=wpuser \
                --set externalDatabase.password='magedu.com' \
                --set externalDatabase.database=wpdb \
                --set externalDatabase.port=3306 \
                --set persistence.storageClass=nfs-csi \
                --set wordpressUsername=admin \
                --set wordpressPassword='magedu.com' \
                bitnami/wordpress \
                -n blog


        3、外部的数据,支持Ingress,且使用的mysql支持主从架构:
            helm install wordpress \
               --set mariadb.enabled=false \
               --set externalDatabase.host=mysql-primary.blog.svc.cluster.local \
               --set externalDatabase.user=wpuser \
               --set externalDatabase.password='magedu.com' \
               --set externalDatabase.database=wpdb \
               --set externalDatabase.port=3306 \
               --set persistence.storageClass=nfs-csi \
               --set ingress.enabled=true \
               --set ingress.ingressClassName=nginx \
               --set ingress.hostname=blog.magedu.com \
               --set ingress.pathType=Prefix \
               --set wordpressUsername=admin \
               --set wordpressPassword='magedu.com' \
               bitnami/wordpress \
               -n blog  

返回信息:
NAME: wordpress
LAST DEPLOYED: Mon Nov 21 20:56:36 2022
NAMESPACE: blog
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: wordpress
CHART VERSION: 15.2.16
APP VERSION: 6.1.1

生成service:
[root@k8s-master01 ~]#kubectl get svc -n blog
NAME                       TYPE           CLUSTER-IP      EXTERNAL-IP   PORT(S)                      AGE
mysql-primary              ClusterIP      10.98.172.225   <none>        3306/TCP                     179m
mysql-primary-headless     ClusterIP      None            <none>        3306/TCP                     179m
mysql-secondary            ClusterIP      10.96.127.137   <none>        3306/TCP                     179m
mysql-secondary-headless   ClusterIP      None            <none>        3306/TCP                     179m
wordpress                  LoadBalancer   10.101.98.37    <pending>     80:32765/TCP,443:32711/TCP   55s

已对接ingress:
[root@k8s-master01 ~]#kubectl get ingress -n blog
NAME        CLASS   HOSTS             ADDRESS      PORTS   AGE
wordpress   nginx   blog.magedu.com   10.0.0.200   80      2m2s

可部署proxysql实现mysql的读写分离

部署harbor

下载helm官方仓库:
[root@k8s-master01 ~]#helm repo add harbor https://helm.goharbor.io
"harbor" has been added to your repositories

[root@k8s-master01 ~]#helm repo list
NAME   	URL                               
bitnami	https://charts.bitnami.com/bitnami
harbor 	https://helm.goharbor.io 

配置文件:
[root@k8s-master01 ~]#helm show values harbor/harbor > harbor-values.yaml
[root@k8s-master01 ~]#vim harbor-values.yaml 
expose:
  type: ingress
  tls:
    enabled: true
    certSource: auto
  ingress:
    hosts:
      core: hub.magedu.com
      notary: notary.magedu.com
    controller: default
    annotations:
      kubernetes.io/ingress.class: "nginx"

ipFamily:
  ipv6:
    enabled: false
  ipv4:
    enabled: true

externalURL: https://hub.magedu.com

persistence:
  enabled: true
  resourcePolicy: "keep"
  persistentVolumeClaim:
    registry:
      storageClass: "nfs-csi"
      accessMode: ReadWriteMany
      size: 5Gi
    chartmuseum:
      storageClass: "nfs-csi"
      accessMode: ReadWriteMany
      size: 5Gi
    jobservice:
      jobLog:
        storageClass: "nfs-csi"
        accessMode: ReadWriteMany
        size: 2Gi
      scanDataExports:
        storageClass: "nfs-csi"
        accessMode: ReadWriteMany
        size: 2Gi
    database:
      storageClass: "nfs-csi"
      accessMode: ReadWriteMany
      size: 2Gi
    redis:
      storageClass: "nfs-csi"
      accessMode: ReadWriteMany
      size: 2Gi
    trivy:
      storageClass: "nfs-csi"
      accessMode: ReadWriteMany
      size: 5Gi

harborAdminPassword: "magedu.com"

创建名称空间:
[root@k8s-master01 ~]#kubectl create namespace harbor
namespace/harbor created

创建harbor:
[root@k8s-master01 ~]#helm install harbor -f harbor-values.yaml harbor/harbor -n harbor
NAME: harbor
LAST DEPLOYED: Mon Nov 21 21:41:19 2022
NAMESPACE: harbor
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
Please wait for several minutes for Harbor deployment to complete.
Then you should be able to visit the Harbor portal at https://hub.magedu.com
For more details, please visit https://github.com/goharbor/harbor

harbor名称空间下会创建大量的pod:
[root@k8s-master01 ~]#kubectl get pods -n harbor
NAME                                    READY   STATUS              RESTARTS   AGE
harbor-chartmuseum-5d9db64d74-mkh6w     0/1     Pending             0          66s
harbor-core-8c486d7bc-m4pwv             0/1     ContainerCreating   0          65s
harbor-database-0                       0/1     Pending             0          65s
harbor-jobservice-5447b4f7d5-pr7n5      0/1     Pending             0          66s
harbor-notary-server-578dd765bb-cm9tf   0/1     ContainerCreating   0          66s
harbor-notary-signer-7dbb4dff54-bvtx7   0/1     ContainerCreating   0          66s
harbor-portal-8d5b66f98-69n42           0/1     ContainerCreating   0          66s
harbor-redis-0                          0/1     Pending             0          65s
harbor-registry-8445954467-mjmdw        0/2     Pending             0          66s
harbor-trivy-0                          0/1     Pending             0          65s

解析地址hub.magedu.com即可访问

删除所有harbor:
[root@k8s-master01 ~]#helm delete harbor -n harbor

举报

相关推荐

0 条评论