一、概述
1.1、什么是helm
helm之前部署一般使用编写yaml文件方式进行应用部署。这种方式比较适用于部署单一类型应用。在服务较多的情况下,为每个服务维护一个yaml文件,就会变得比较繁琐和臃肿,而且容易出错。使用helm可以把这些yaml作为一个整体进行管理,并且实现应用版本管理
helm致力于帮助您管理kubernetes应用,helm charts可以帮助你定义、安装、和升级比较复杂的应用:
helm可以做如下内容:
- Create new charts from scratch
- Package charts into chart archive (tgz) files
- Interact with chart repositories where charts are stored
- Install and uninstall charts into an existing Kubernetes cluster
- Manage the release cycle of charts that have been installed with Helm
1.2、概念
-
The chart is a bundle of information necessary to create an instance of a Kubernetes application.
-
The config contains configuration information that can be merged into a packaged chart to create a releasable object.
-
A release is a running instance of a chart, combined with a specific config.
-
Helm 是一个命令行下的客户端工具。主要用于 Kubernetes 应用程序 Chart 的创建、打包、发布以及创建和管理本地和远程的 Chart 仓库。
-
Tiller 是 Helm 的服务端,部署在 Kubernetes 集群中。Tiller 用于接收 Helm 的请求,并根据 Chart 生成 Kubernetes 的部署文件( Helm 称为 Release ),然后提交给 Kubernetes 创建应用。Tiller 还提供了 Release 的升级、删除、回滚等一系列功能。在V3版本中已经删除。去掉后通过kubeconfig直接连接apiserver
-
Chart Helm 的软件包,采用 TAR 格式。类似于 APT 的 DEB 包或者 YUM 的 RPM 包,其包含了一组定义 Kubernetes 资源相关的 YAML 文件
-
Repoistory Helm 的软件仓库,Repository 本质上是一个 Web 服务器,该服务器保存了一系列的 Chart 软件包以供用户下载,并且提供了一个该 Repository 的 Chart 包的清单文件以供查询。Helm 可以同时管理多个不同的 Repository。
-
Release:基于chart的部署实体,一个chart被helm运行后将会生成对应的一个release;将在k8s中创建出真实运行的资源对象。在v3版本中支持不同namespace中重用
注意:这个Tiller是在远程调用的时候才会用到,如果kubectl终端和helm安装都在一台机器上,不用安装Tiller也可以的。也可以手动指定--kube-apiserver,--kube-context,--kubeconfig。可以把helm理解为yum/apt等包管理工具,方便的把yaml文件部署到k8s集群中
1.3、安装
安装前提:
- 已经有一个kubernetes集群
- 本地具有一个kubectl
Helm和kubernetes版本的对应关系:https://helm.sh/docs/topics/version_skew/ ,这里选择 v3.2.2
下载地址:https://github.com/helm/helm/releases
[root@master1 helm]# wget https://get.helm.sh/helm-v3.5.4-linux-amd64.tar.gz
[root@master1 helm]# tar xvf helm-v3.5.4-linux-amd64.tar.gz
[root@master1 helm]# cp linux-amd64/helm /usr/bin/
1.4、使用方法
#1、仓库操作
helm repo add $仓库名称 $仓库地址
[root@master1 ~]# helm repo add azure http://mirror.azure.cn/kubernetes/charts
"azure" has been added to your repositories
[root@master1 ~]# helm repo add aliyun https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
"aliyun" has been added to your repositories
[root@master1 ~]# helm repo list
NAME URL
azure http://mirror.azure.cn/kubernetes/charts
aliyun https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
helm repo add|remove|update|list
#2、helm快速部署应用
[root@master1 ~]# helm search repo weave #查找charts
NAME CHART VERSION APP VERSION DESCRIPTION
aliyun/weave-cloud 0.1.2 Weave Cloud is a add-on to Kubernetes which pro...
aliyun/weave-scope 0.9.2 1.6.5 A Helm chart for the Weave Scope cluster visual...
azure/weave-cloud 0.3.9 1.4.0 DEPRECATED - Weave Cloud is a add-on to Kuberne...
azure/weave-scope 1.1.12 1.12.0 DEPRECATED - A Helm chart for the Weave Scope c...
[root@master1 ~]# helm install helm-ui azure/weave-scope #安装
WARNING: This chart is deprecated
NAME: helm-ui
LAST DEPLOYED: Tue May 11 21:01:39 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
You should now be able to access the Scope frontend in your web browser, by
using kubectl port-forward:
kubectl -n default port-forward $(kubectl -n default get endpoints \
helm-ui-weave-scope -o jsonpath=\'{.subsets[0].addresses[0].targetRef.name}\') 8080:4040
then browsing to http://localhost:8080/.
For more details on using Weave Scope, see the Weave Scope documentation:
https://www.weave.works/docs/scope/latest/introducing/
[root@master1 ~]# helm list #查看
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
helm-ui default 1 2021-05-11 21:01:39.640749808 +0800 CST deployed weave-scope-1.1.12 1.12.0
[root@master1 ~]# helm status helm-ui #查看
NAME: helm-ui
LAST DEPLOYED: Tue May 11 21:01:39 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
You should now be able to access the Scope frontend in your web browser, by
using kubectl port-forward:
kubectl -n default port-forward $(kubectl -n default get endpoints \
helm-ui-weave-scope -o jsonpath=\'{.subsets[0].addresses[0].targetRef.name}\') 8080:4040
then browsing to http://localhost:8080/.
For more details on using Weave Scope, see the Weave Scope documentation:
https://www.weave.works/docs/scope/latest/introducing/
[root@master1 ~]# kubectl get pods
NAME READY STATUS RESTARTS AGE
weave-scope-agent-helm-ui-9z8n4 1/1 Running 0 5m37s
weave-scope-agent-helm-ui-cw5x4 1/1 Running 0 5m37s
weave-scope-agent-helm-ui-zqh4k 1/1 Running 0 5m37s
weave-scope-cluster-agent-helm-ui-5b8584f786-lvmlm 1/1 Running 0 5m37s
weave-scope-frontend-helm-ui-ffc59db79-dnxqk 1/1 Running 0 5m37s
[root@master1 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
helm-ui-weave-scope ClusterIP 10.104.224.57 <none> 80/TCP 5m40s
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d4h
[root@master1 ~]# kubectl expose deployment/weave-scope-frontend-helm-ui --port=4040 --type=NodePort --name=weave-nodeport
[root@master1 ~]# kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
helm-ui-weave-scope NodePort 10.104.224.57 <none> 80:30019/TCP 10m
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 3d4h
通过集群任意一个节点 :30019就可以访问helm的ui界面
1.5、helm配置文件
1.5、helm配置文件
| Operating System | Cache Path | Configuration Path | Data Path |
|---|---|---|---|
| Linux | $HOME/.cache/helm | $HOME/.config/helm | $HOME/.local/share/helm |
| macOS | $HOME/Library/Caches/helm | $HOME/Library/Preferences/helm | $HOME/Library/helm |
| Windows | %TEMP%\helm | %APPDATA%\helm | %APPDATA%\helm |
[root@master1 ~]# cat .config/helm/repositories.yaml
apiVersion: ""
generated: "0001-01-01T00:00:00Z"
repositories:
- caFile: ""
certFile: ""
insecure_skip_tls_verify: false
keyFile: ""
name: azure
password: ""
url: http://mirror.azure.cn/kubernetes/charts
username: ""
- caFile: ""
certFile: ""
insecure_skip_tls_verify: false
keyFile: ""
name: aliyun
password: ""
url: https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
username: ""
[root@master1 ~]# ls -l .cache/helm/repository/
总用量 9960
-rw-r--r-- 1 root root 1400 5月 11 21:01 aliyun-charts.txt
-rw-r--r-- 1 root root 296570 5月 11 21:01 aliyun-index.yaml
-rw-r--r-- 1 root root 3370 5月 11 21:01 azure-charts.txt
-rw-r--r-- 1 root root 9874153 5月 11 21:01 azure-index.yaml
-rw-r--r-- 1 root root 7269 5月 11 21:01 weave-scope-1.1.12.tgz
二、chart简单使用
2.1、自定义chart说明
[root@master1 ~]# helm create mychart
[root@master1 ~]# find mychart/*
mychart/charts #该目录中放置当前Chart依赖的其它Chart
mychart/Chart.yaml #配置当前chart的一些属性信息
mychart/templates #存放yaml文件
mychart/templates/ingress.yaml
mychart/templates/deployment.yaml
mychart/templates/service.yaml
mychart/templates/serviceaccount.yaml
mychart/templates/hpa.yaml
mychart/templates/NOTES.txt
mychart/templates/_helpers.tpl
mychart/templates/tests
mychart/templates/tests/test-connection.yaml
mychart/values.yaml #全局的变量,在template中可以引用
requirements.yaml # [可选] 用于存放当前Chart依赖的其它Chart的说明文件
2.2、创建yaml文件
在template中创建yaml文件
[root@master1 ~]# cd mychart/templates/
[root@master1 templates]# kubectl create deployment web1 --image=nginx --dry-run -o yaml > deployment.yaml
[root@master1 templates]# kubectl apply -f deployment.yaml
deployment.apps/web1 created
[root@master1 templates]# kubectl expose deployment web1 --port=80 --target-port=80 --type=NodePort --dry-run -o yaml > service.yaml
[root@master1 templates]# kubectl delete -f deployment.yaml
[root@master1 templates]# ll
总用量 8
-rw-r--r-- 1 root root 380 5月 12 14:52 deployment.yaml
-rw-r--r-- 1 root root 237 5月 12 14:56 service.yaml
2.3、自定义charts安装
# 1、安装自定义chart
[root@master1 ~]# helm install web1 mychart/
NAME: web1
LAST DEPLOYED: Wed May 12 14:59:22 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
[root@master1 ~]# kubectl get svc web1
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
web1 NodePort 10.106.41.251 <none> 80:30826/TCP 28s
[root@master1 ~]# kubectl get pods |grep web1
web1-7f87dfbd56-2q8nf 1/1 Running 0 39s
# 2、自定义chart升级
[root@master1 ~]# helm upgrade web1 mychart/
Release "web1" has been upgraded. Happy Helming!
NAME: web1
LAST DEPLOYED: Wed May 12 15:02:34 2021
NAMESPACE: default
STATUS: deployed
REVISION: 2
TEST SUITE: None
2.4、参数传递
在values.yaml中定义变量和值,在具体yaml文件中,获取定义的值,引用方式:变量引用方式:{{ .Values.变量名称 }}
[root@master1 ~]# cat mychart/values.yaml
replicaCount: 1
image:
repository: nginx
tag: 1.16
label: nginx
port: 80
[root@master1 ~]# cat mychart/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: web1
name: {{ .Release.Name }}-deploy
spec:
replicas: 1
selector:
matchLabels:
app: {{ .Values.label }}
strategy: {}
template:
metadata:
creationTimestamp: null
labels:
app: {{ .Values.label }}
spec:
containers:
- image: {{ .Values.image.repository }}
name: nginx
resources: {}
status: {}
[root@master1 ~]# cat mychart/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-svc
spec:
ports:
- port: {{ .Values.port }}
protocol: TCP
targetPort: 80
selector:
app: {{ .Values.label }}
type: NodePort
status:
loadBalancer: {}
[root@master1 ~]# helm install web2 ./mychart --dry-run
[root@master1 ~]# helm install web2 ./mychart
NAME: web2
LAST DEPLOYED: Wed May 12 15:46:42 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
$ helm install --set image=redis --set tag=5.0.5-alpine stable/redis-ha #可以使用--set 修改单个value
$ helm install -f values.yaml #可以使用-f指定values.yaml
2.5、建立本地repo
1、安装chartmusem,默认存储为本地文件系统
[root@master1 helm]# wget https://github.com/helm/charts/archive/refs/heads/master.zip
[root@master1 charts-master]# helm install chartmusem stable/chartmuseum/
2、安装push插件
安装方法1:
[root@master1 charts-master]# helm plugin install https://github.com/chartmuseum/helm-push.git
[root@master1 ~]# helm plugin install https://github.com/chartmuseum/helm-push.git
Error: Unable to update repository: exit status 1
清理cache缓存
[root@master1 .cache]# rm -rf "$(helm env HELM_CACHE_HOME)"
安装方法2:(推荐)
[root@master1 push]# wget https://github.com/chartmuseum/helm-push/releases/download/v0.9.0/helm-push_0.9.0_darwin_amd64.tar.gz
[root@master1 push]# mkdir $(helm env HELM_PLUGINS)/helm-push
[root@master1 push]# tar xvf helm-push_0.9.0_linux_amd64.tar.gz -C $(helm env HELM_PLUGINS)/helm-push
LICENSE
plugin.yaml
bin/helmpush
[root@master1 ~]# helm plugin list
NAME VERSION DESCRIPTION
push 0.9.0 Push chart package to ChartMuseum
[root@master1 mychart]# helm repo add myrepo http://10.106.36.233:8080
"myrepo" has been added to your repositories
[root@master1 mychart]# helm repo list
NAME URL
azure http://mirror.azure.cn/kubernetes/charts
aliyun https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
myrepo http://10.106.36.233:8080
[root@master1 ~]# helm push --force mychart/mychart-0.1.0.tgz myrepo #报错
Pushing mychart-0.1.0.tgz to myrepo...
Error: 404: not found
暂未解决。待后续解决后记录
三、附件
[root@master1 weave-scope]# find ./*
./charts
./charts/weave-scope-frontend
./charts/weave-scope-frontend/Chart.yaml
./charts/weave-scope-frontend/templates
./charts/weave-scope-frontend/templates/_helpers.tpl
./charts/weave-scope-frontend/templates/deployment.yaml #见附件
./charts/weave-scope-frontend/templates/ingress.yaml #见附件
./charts/weave-scope-frontend/templates/service.yaml #见附件
./charts/weave-scope-agent
./charts/weave-scope-agent/Chart.yaml
./charts/weave-scope-agent/templates
./charts/weave-scope-agent/templates/_helpers.tpl
./charts/weave-scope-agent/templates/daemonset.yaml #见附件
./charts/weave-scope-cluster-agent
./charts/weave-scope-cluster-agent/Chart.yaml
./charts/weave-scope-cluster-agent/templates
./charts/weave-scope-cluster-agent/templates/_helpers.tpl
./charts/weave-scope-cluster-agent/templates/clusterrole.yaml #见附件
./charts/weave-scope-cluster-agent/templates/clusterrolebinding.yaml #见附件
./charts/weave-scope-cluster-agent/templates/deployment.yaml #见附件
./charts/weave-scope-cluster-agent/templates/serviceaccount.yaml #见附件
./Chart.yaml
./README.md
./templates
./templates/NOTES.txt
./templates/_helpers.tpl
./templates/test-config.yaml
./templates/weave-scope-tests.yaml
./values.yaml #见附件
3.1、values.yaml
[root@master1 weave-scope]# cat values.yaml |grep -v "#"
global:
image:
repository: weaveworks/scope
tag: 1.12.0
pullPolicy: "IfNotPresent"
service:
port: 80
type: "ClusterIP"
weave-scope-frontend:
enabled: true
flags: []
ingress:
enabled: false
annotations: {}
paths: []
hosts:
- weave-scope.example.test
tls: []
weave-scope-agent:
enabled: true
flags: []
dockerBridge: "docker0"
scopeFrontendAddr: ""
probeToken: ""
readOnly: false
weave-scope-cluster-agent:
enabled: true
flags: []
scopeFrontendAddr: ""
probeToken: ""
rbac:
create: true
readOnly: false
serviceAccount:
create: true
3.2、weave-scope-frontend
[root@master1 templates]# cat deployment.yaml
{{- if .Values.enabled -}} #嵌套最外层,enable才继续
apiVersion: {{ template "deployment.apiVersion" . }}
kind: Deployment
metadata:
labels:
{{- include "weave-scope-frontend.helm_std_labels" . | indent 4 }}
component: frontend
name: {{ template "weave-scope-frontend.fullname" . }}
annotations:
{{- include "weave-scope.annotations" . | indent 4 }}
spec:
replicas: 1
selector:
matchLabels:
app: {{ template "toplevel.name" . }}
release: {{ .Release.Name }} #内置的函数
component: frontend
template:
metadata:
labels:
{{- include "weave-scope-frontend.helm_std_labels" . | indent 8 }}
component: frontend
spec:
containers:
- name: {{ template "weave-scope-frontend.name" . }}
image: "{{ .Values.global.image.repository }}:{{ .Values.global.image.tag }}" #从values.yaml文件中提取
imagePullPolicy: "{{ .Values.global.image.pullPolicy }}" #从yaml文件中提取
args:
- "--no-probe"
{{- range $arg := .Values.flags }}
- {{ $arg | quote }}
{{- end }}
ports:
- name: http
containerPort: 4040
protocol: TCP
resources:
{{ toYaml .Values.resources | indent 12 }}
{{- end -}}
[root@master1 templates]# cat service.yaml
{{- if .Values.enabled -}}
apiVersion: v1
kind: Service
metadata:
labels:
{{- include "weave-scope-frontend.helm_std_labels" . | indent 4 }}
component: frontend
name: {{ .Values.global.service.name | default (include "toplevel.fullname" .) }}
annotations:
{{- include "weave-scope-frontend.annotations" . | indent 4 }}
spec:
ports:
- name: http
port: {{ .Values.global.service.port }}
targetPort: http
protocol: TCP
selector:
app: {{ template "toplevel.name" . }}
release: {{ .Release.Name }}
component: frontend
type: {{ .Values.global.service.type }}
{{- end -}}
[root@master1 templates]# cat ingress.yaml
{{- if .Values.ingress.enabled -}}
{{- $fullName := .Values.global.service.name | default (include "toplevel.fullname" .) -}}
{{- $ingressPaths := .Values.ingress.paths -}}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
labels:
{{- include "weave-scope-frontend.helm_std_labels" . | indent 4 }}
component: frontend
name: {{ template "weave-scope-frontend.fullname" . }}
annotations:
{{- include "weave-scope.annotations" . | indent 4 }}
{{- with .Values.ingress.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ . | quote }}
http:
paths:
{{- range $ingressPaths }}
- path: {{ . }}
backend:
serviceName: {{ $fullName }}
servicePort: http
{{- end }}
{{- end }}
{{- end }}
[root@master1 templates]#
3.3、weave-scope-agent
[root@master1 charts]# cat weave-scope-agent/templates/daemonset.yaml
{{- if .Values.enabled -}}
apiVersion: {{ template "daemonset.apiVersion" . }}
kind: DaemonSet
metadata:
labels:
{{- include "weave-scope-agent.helm_std_labels" . | indent 4 }}
component: agent
name: {{ template "weave-scope-agent.fullname" . }}
annotations:
{{- include "weave-scope-agent.annotations" . | indent 4 }}
spec:
selector:
matchLabels:
app: {{ template "toplevel.name" . }}
release: {{ .Release.Name }}
component: agent
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
{{- include "weave-scope-agent.helm_std_labels" . | indent 8 }}
component: agent
spec:
tolerations:
- effect: NoSchedule
operator: Exists
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
containers:
- name: {{ template "weave-scope-agent.name" . }}
image: "{{ .Values.global.image.repository }}:{{ .Values.global.image.tag }}"
imagePullPolicy: "{{ .Values.global.image.pullPolicy }}"
args:
- \'--mode=probe\'
- \'--probe-only\'
- \'--probe.kubernetes.role=host\'
- \'--probe.docker.bridge={{ .Values.dockerBridge }}\'
- \'--probe.docker=true\'
- \'--probe.kubernetes=true\'
{{- range $arg := .Values.flags }}
- {{ $arg | quote }}
{{- end }}
{{if .Values.readOnly}}
- "--probe.no-controls"
{{end}}
{{- if .Values.global.probeToken }}
- \'--probe-token={{ .Values.global.probeToken }}\'
{{- else if .Values.global.scopeFrontendAddr }}
- {{ .Values.global.scopeFrontendAddr }}
{{- else }}
- {{ .Values.global.service.name | default (include "toplevel.fullname" .) }}.{{ .Release.Namespace }}.svc:{{ .Values.global.service.port }}
{{- end }}
securityContext:
privileged: true
resources:
{{ toYaml .Values.resources | indent 12 }}
volumeMounts:
- name: docker-socket
mountPath: /var/run/docker.sock
- name: scope-plugins
mountPath: /var/run/scope/plugins
- name: sys-kernel-debug
mountPath: /sys/kernel/debug
volumes:
- name: docker-socket
hostPath:
path: /var/run/docker.sock
- name: scope-plugins
hostPath:
path: /var/run/scope/plugins
- name: sys-kernel-debug
hostPath:
path: /sys/kernel/debug
hostPID: true
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
{{- end -}}
3.4、weave-scope-cluster-agent
[root@master1 charts]# cat weave-scope-cluster-agent/templates/clusterrolebinding.yaml
{{- if .Values.enabled -}}
{{- if .Values.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
labels:
{{- include "weave-scope.helm_std_labels" . | indent 4 }}
component: agent
name: {{ include "toplevel.fullname" . }}
annotations:
{{- include "weave-scope.annotations" . | indent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "weave-scope-agent.serviceAccountName" . }}
subjects:
- kind: ServiceAccount
name: {{ template "weave-scope-agent.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end }}
{{- end -}}
[root@master1 charts]# cat weave-scope-cluster-agent/templates/clusterrole.yaml
{{- if .Values.enabled -}}
{{- if .Values.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
labels:
{{- include "weave-scope.helm_std_labels" . | indent 4 }}
component: agent
name: {{ template "weave-scope-agent.serviceAccountName" . }}
annotations:
{{- include "weave-scope.annotations" . | indent 4 }}
rules:
- apiGroups:
- \'*\'
resources:
- \'*\'
verbs:
- \'*\'
- nonResourceURLs:
- \'*\'
verbs:
- \'*\'
{{- end }}
{{- end -}}
[root@master1 charts]# cat weave-scope-cluster-agent/templates/deployment.yaml
{{- if .Values.enabled -}}
apiVersion: {{ template "deployment.apiVersion" . }}
kind: Deployment
metadata:
labels:
{{- include "weave-scope-cluster-agent.helm_std_labels" . | indent 4 }}
component: cluster-agent
name: {{ template "weave-scope-cluster-agent.fullname" . }}
annotations:
{{- include "weave-scope-cluster-agent.annotations" . | indent 4 }}
spec:
selector:
matchLabels:
app: {{ template "toplevel.name" . }}
release: {{ .Release.Name }}
component: cluster-agent
strategy:
type: RollingUpdate
template:
metadata:
labels:
{{- include "weave-scope-cluster-agent.helm_std_labels" . | indent 8 }}
component: cluster-agent
spec:
containers:
- name: {{ template "weave-scope-cluster-agent.name" . }}
image: "{{ .Values.global.image.repository }}:{{ .Values.global.image.tag }}"
imagePullPolicy: "{{ .Values.global.image.pullPolicy }}"
args:
- \'--mode=probe\'
- \'--probe-only\'
- \'--probe.kubernetes.role=cluster\'
{{- range $arg := .Values.flags }}
- {{ $arg | quote }}
{{- end }}
{{if .Values.readOnly}}
- "--probe.no-controls"
{{end}}
{{- if .Values.global.scopeFrontendAddr }}
- {{ .Values.global.scopeFrontendAddr }}
{{- else }}
- {{ .Values.global.service.name | default (include "toplevel.fullname" .) }}.{{ .Release.Namespace }}.svc:{{ .Values.global.service.port }}
{{- end }}
resources:
{{ toYaml .Values.resources | indent 12 }}
serviceAccountName: {{ template "weave-scope-cluster-agent.serviceAccountName" . }}
{{- end -}}
[root@master1 charts]# cat weave-scope-cluster-agent/templates/serviceaccount.yaml
{{- if .Values.enabled -}}
{{- if .Values.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
{{- include "weave-scope.helm_std_labels" . | indent 4 }}
component: agent
name: {{ template "weave-scope-agent.serviceAccountName" . }}
annotations:
{{- include "weave-scope.annotations" . | indent 4 }}
{{- end }}
{{- end -}}
四、chart进阶
1、约定:
- chart名称中不能用大写字母也不能用下划线。点 . 符号也不行。
- YAML 文件应该按照 双空格 缩进(绝不要使用tab键)。
- values.yaml: 自定义变量名称以小写字母开头,单词按驼峰区分
- 所有的Helm内置变量以大写字母开头,以便与用户定义的value进行区:
.Release.Name,.Capabilities.KubeVersion
2、数据类型:
foo: false 和 foo: "false" 是不一样的
通常,为了避免整数转换问题,将整型存储为字符串更好,并用 {{ int $value }} 在模板中将字符串转回整型。
3、三种类型的value来源:
- chart的
values.yaml文件 - 由
helm install -f或helm upgrade -f提供的values文件 - 在执行
helm install或helm upgrade时传递给--set或--set-string参数的values
4、templates结构:
templates/目录结构应该如下:
- 如果生成YAML输出,模板文件应该有扩展名
.yaml。 扩展名是.tpl可用于生成非格式化内容的模板文件。 - 模板文件名称应该使用横杠符号(
my-example-configmap.yaml),不用驼峰记法。 - 每个资源的定义应该在它自己的模板文件中。
- 模板文件的名称应该反映名称中的资源类型。比如:
foo-pod.yaml,bar-svc.yaml - 定义的模板(在
{{ define }}命令中定义的模板)是可全局访问的。这就意味着chart和所有的子chart都可以访问用{{ define }}创建的所有模板。
5、其他
- 其他用法,见官网:
https://helm.sh/docs/chart_template_guide/getting_started/ - 内置的对象:
https://helm.sh/docs/chart_template_guide/builtin_objects/ - 模板支持的函数:
https://helm.sh/zh/docs/chart_template_guide/function_list/ - 项目地址:
https://github.com/helm/charts/tree/master/stable/chartmuseum
备注:helm部分未作深入理解,有实际需求再进行深入理解。