一定成功 k8s 安装helm v2.17 基本命令

时间:2021-10-29 17:34:30

一、下载helm安装脚本

1.1 介绍

  • Helm是Kubernetes的包管理器。
  • 其实就是管理了一推配置文件,ds,configmap,deployment......,一类规则。

就类似:

  1. yum是centos的包管理器。
  2. apt-get是ubuntu的包管理器。
  3. pip是python的包管理器。
  4. npm是nodejs的包管理器。

1.2 下载helm安装脚本

# 这样下载的都是master 最新版的。
curl https://raw.githubusercontent.com/helm/helm/master/scripts/get > get_helm.sh # 我这下载的是v2.17.0版本的
curl https://raw.githubusercontent.com/helm/helm/v2.17.0/scripts/get > get_helm.sh

1.3 安装helm客户端

# 正常是执行安装脚本就行,脚本会帮你去下载安装包,并且安装。
bash get_helm.sh

注:由于国内网络原因,下载helm安装包时会失败,所以我已经把安装包下载到本地,并修改了安装脚本。安装包和安装脚本都放同级目录下。

安装包:链接: https://pan.baidu.com/s/1fmhhSE3zAO2bNdlvV38KMA  密码: acdv

安装脚本:猛击这里

查看代码

#!/usr/bin/env bash

# Copyright The Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License. # The install script is based off of the MIT-licensed script from glide,
# the package manager for Go: https://github.com/Masterminds/glide.sh/blob/master/get PROJECT_NAME="helm"
TILLER_NAME="tiller" : ${USE_SUDO:="true"}
: ${HELM_INSTALL_DIR:="/usr/local/bin"} # initArch discovers the architecture for this system.
initArch() {
ARCH=$(uname -m)
case $ARCH in
armv5*) ARCH="armv5";;
armv6*) ARCH="armv6";;
armv7*) ARCH="arm";;
aarch64) ARCH="arm64";;
x86) ARCH="386";;
x86_64) ARCH="amd64";;
i686) ARCH="386";;
i386) ARCH="386";;
esac
} # initOS discovers the operating system for this system.
initOS() {
OS=$(echo `uname`|tr '[:upper:]' '[:lower:]') case "$OS" in
# Minimalist GNU for Windows
mingw*) OS='windows';;
esac
} # runs the given command as root (detects if we are root already)
runAsRoot() {
if [ $EUID -ne 0 -a "$USE_SUDO" = "true" ]; then
sudo "${@}"
else
"${@}"
fi
} # verifySupported checks that the os/arch combination is supported for
# binary builds.
verifySupported() {
local supported="darwin-amd64\nlinux-386\nlinux-amd64\nlinux-arm\nlinux-arm64\nlinux-ppc64le\nlinux-s390x\nwindows-amd64"
if ! echo "${supported}" | grep -q "${OS}-${ARCH}"; then
echo "No prebuilt binary for ${OS}-${ARCH}."
echo "To build from source, go to https://github.com/helm/helm"
exit 1
fi if ! type "curl" > /dev/null && ! type "wget" > /dev/null; then
echo "Either curl or wget is required"
exit 1
fi
} # checkDesiredVersion checks if the desired version is available.
checkDesiredVersion() {
if [ "x$DESIRED_VERSION" == "x" ]; then
# Pinning tag to v2.17.0 as per https://github.com/helm/helm/issues/9607
TAG=v2.17.0
else
TAG=$DESIRED_VERSION
fi
} # checkHelmInstalledVersion checks which version of helm is installed and
# if it needs to be changed.
checkHelmInstalledVersion() {
if [[ -f "${HELM_INSTALL_DIR}/${PROJECT_NAME}" ]]; then
local version=$("${HELM_INSTALL_DIR}/${PROJECT_NAME}" version -c | grep '^Client' | cut -d'"' -f2)
if [[ "$version" == "$TAG" ]]; then
echo "Helm ${version} is already ${DESIRED_VERSION:-latest}"
return 0
else
echo "Helm ${TAG} is available. Changing from version ${version}."
return 1
fi
else
return 1
fi
} # downloadFile downloads the latest binary package and also the checksum
# for that binary.
downloadFile() {
HELM_DIST="helm-$TAG-$OS-$ARCH.tar.gz"
DOWNLOAD_URL="https://get.helm.sh/$HELM_DIST"
CHECKSUM_URL="$DOWNLOAD_URL.sha256"
HELM_TMP_ROOT="$(mktemp -dt helm-installer-XXXXXX)"
HELM_TMP_FILE="$HELM_TMP_ROOT/$HELM_DIST"
HELM_SUM_FILE="$HELM_TMP_ROOT/$HELM_DIST.sha256"
echo "Downloading $DOWNLOAD_URL"
if type "curl" > /dev/null; then
curl -SsL "$CHECKSUM_URL" -o "$HELM_SUM_FILE"
elif type "wget" > /dev/null; then
wget -q -O "$HELM_SUM_FILE" "$CHECKSUM_URL"
fi
if type "curl" > /dev/null; then
#curl -SsL "$DOWNLOAD_URL" -o "$HELM_TMP_FILE"
cp -rf ./helm-v2.17.0-linux-amd64.tar.gz $HELM_TMP_FILE # 就修改了这个地方 让脚本直接复制的本地包。
elif type "wget" > /dev/null; then
wget -q -O "$HELM_TMP_FILE" "$DOWNLOAD_URL"
fi
} # installFile verifies the SHA256 for the file, then unpacks and
# installs it.
installFile() {
HELM_TMP="$HELM_TMP_ROOT/$PROJECT_NAME"
local sum=$(openssl sha1 -sha256 ${HELM_TMP_FILE} | awk '{print $2}')
local expected_sum=$(cat ${HELM_SUM_FILE})
if [ "$sum" != "$expected_sum" ]; then
echo "SHA sum of ${HELM_TMP_FILE} does not match. Aborting."
exit 1
fi mkdir -p "$HELM_TMP"
tar xf "$HELM_TMP_FILE" -C "$HELM_TMP"
HELM_TMP_BIN="$HELM_TMP/$OS-$ARCH/$PROJECT_NAME"
TILLER_TMP_BIN="$HELM_TMP/$OS-$ARCH/$TILLER_NAME"
echo "Preparing to install $PROJECT_NAME and $TILLER_NAME into ${HELM_INSTALL_DIR}"
runAsRoot cp "$HELM_TMP_BIN" "$HELM_INSTALL_DIR"
echo "$PROJECT_NAME installed into $HELM_INSTALL_DIR/$PROJECT_NAME"
if [ -x "$TILLER_TMP_BIN" ]; then
runAsRoot cp "$TILLER_TMP_BIN" "$HELM_INSTALL_DIR"
echo "$TILLER_NAME installed into $HELM_INSTALL_DIR/$TILLER_NAME"
else
echo "info: $TILLER_NAME binary was not found in this release; skipping $TILLER_NAME installation"
fi
} # fail_trap is executed if an error occurs.
fail_trap() {
result=$?
if [ "$result" != "0" ]; then
if [[ -n "$INPUT_ARGUMENTS" ]]; then
echo "Failed to install $PROJECT_NAME with the arguments provided: $INPUT_ARGUMENTS"
help
else
echo "Failed to install $PROJECT_NAME"
fi
echo -e "\tFor support, go to https://github.com/helm/helm."
fi
cleanup
exit $result
} # testVersion tests the installed client to make sure it is working.
testVersion() {
set +e
HELM="$(command -v $PROJECT_NAME)"
if [ "$?" = "1" ]; then
echo "$PROJECT_NAME not found. Is $HELM_INSTALL_DIR on your "'$PATH?'
exit 1
fi
set -e
echo "Run '$PROJECT_NAME init' to configure $PROJECT_NAME."
} # help provides possible cli installation arguments
help () {
echo "Accepted cli arguments are:"
echo -e "\t[--help|-h ] ->> prints this help"
echo -e "\t[--version|-v <desired_version>]"
echo -e "\te.g. --version v2.4.0 or -v latest"
echo -e "\t[--no-sudo] ->> install without sudo"
} # cleanup temporary files to avoid https://github.com/helm/helm/issues/2977
cleanup() {
if [[ -d "${HELM_TMP_ROOT:-}" ]]; then
rm -rf "$HELM_TMP_ROOT"
fi
} # Execution #Stop execution on any error
trap "fail_trap" EXIT
set -e # Parsing input arguments (if any)
export INPUT_ARGUMENTS="${@}"
set -u
while [[ $# -gt 0 ]]; do
case $1 in
'--version'|-v)
shift
if [[ $# -ne 0 ]]; then
export DESIRED_VERSION="${1}"
else
echo -e "Please provide the desired version. e.g. --version v2.4.0 or -v latest"
exit 0
fi
;;
'--no-sudo')
USE_SUDO="false"
;;
'--help'|-h)
help
exit 0
;;
*) exit 1
;;
esac
shift
done
set +u initArch
initOS
verifySupported
checkDesiredVersion
if ! checkHelmInstalledVersion; then
downloadFile
installFile
fi
testVersion
cleanup

二、安装tiller

说白了就是接收到helm发送的请求,然后根据一系类 的配置文件生成k8s的部署文件(yaml文件),然后提交给k8s。

2.1 安装socat

socat是解决helm连接不上tiller问题。一个通信的问题。

报错如下:

[root@k8s-master hello-svc]# helm version
Client: &version.Version{SemVer:"v2.17.0", GitCommit:"6af75a8fd72e2aa18a2b278cfe5c7a1c5feca7f2", GitTreeState:"clean"}
E0224 14:13:16.077226 7416 portforward.go:331] an error occurred forwarding 37271 -> 44134: error forwarding port 44134 to pod 76a7312e49220a229e443546a4b32d3e0406f09fd9b3646b3d30f6833e121375, uid : unable to do port forwarding: socat not found.
Error: cannot connect to Tiller

解决:安装一下这个包就行

yum -y install socat
###########
apt-get -y install socat

2.2 创建tiller rbac授权

首先tiller想要把配置文件提交给k8s,那么它肯定需要权限才行。

所以这一步就是给tiller权限。

# 一个sa,然后把sa绑定给admin角色。这样这个sa就有集群的admin 所有权限。然后tiller使用这个sa就行。

kubectl create -f heml-rbac.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
name: tiller
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: tiller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: tiller
namespace: kube-system

传送门:k8s  rbac权限随笔

2.3 初始化helm

其实就是在k8s起了一个tiller pod。

# 使用的镜像要和helm版本一样
# stable-repo-url 是仓库地址,就是类似于yum仓库的源。
# service-account 指定上面创建的sa
# --history-max 设置最大历史记录,大限制清除,如果没有设置最大历史记录,则无限期地保留历史记录. helm init --upgrade -i registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.17.0 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts --service-account=tiller --history-max 50

2.4 验证

# 这样就是安装成功了

[root@zm-qa-k8s40 v2.0]# helm version
Client: &version.Version{SemVer:"v2.17.0", GitCommit:"a690bad98af45b015bd3da1a41f6218b1a451dbe", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.17.0", GitCommit:"a690bad98af45b015bd3da1a41f6218b1a451dbe", GitTreeState:"clean"}

三、常用命令

# 查看版本

helm version

# 查看当前安装的charts

helm list

# 查询 charts

helm search [release_name]

# 安装charts

helm install --name redis --namespaces prod bitnami/redis

# 查看charts状态

helm status [release_name]

# 删除charts

helm delete --purge [release_name]

# 增加repo

helm repo add stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts

helm repo add --username admin --password password myharbor https://xxx.ooo.com

# 更新repo仓库资源

helm repo update

# 创建charts

helm create helm_charts

# 测试charts语法

helm lint

# 打包charts

cd helm_charts && helm package ./

#查看生成的yaml文件

helm  template  helm_charts-0.1.1.tgz

# 更新image

helm upgrade --set image.tag='v2021-12-22-10-48-40' study-api-en-oral myharbor/study-api-en-oral

# 回滚relase

helm hist study-api-en-oral

helm rollback study-api-en-oral 4

#升级版本
helm upgrade [release_name] .
helm upgrade -f values.yaml [release_name] .
helm upgrade [release_name] --set image.tag='latest'