Abstract: Helm is an open source tool initiated by Deis that helps simplify the deployment and management of Kubernetes applications. This article will introduce the basic concepts and usage of Helm, and demonstrate using Helm to deploy applications on Alibaba Cloud's Kubenetes cluster.
Helm is an open source tool initiated by Deis that helps simplify the deployment and management of Kubernetes applications.
Note: Alibaba Cloud Kubernetes service has built-in Helm/Chart support, you can use
https://help.aliyun.com/document_detail/58587.html directly
Helm basic concepts
Helm can be understood as a package management tool for Kubernetes, which can easily discover, share and use applications built for Kubernetes. It contains several basic concepts
- Chart: A Helm package that contains images, dependencies and resource definitions required to run an application, and may also contain service definitions in a Kubernetes cluster, similar to formula in Homebrew, dpkg of APT or rpm files of Yum,
- Release: An instance of Chart running on a Kubernetes cluster. A Chart can be installed many times on the same cluster. Every installation creates a new release. For example, a MySQL Chart, if you want to run two databases on the server, you can install the Chart twice. Each installation will generate its own Release with its own Release name.
- Repository: A repository for publishing and storing Charts.
Helm components
Helm adopts a client/server architecture and consists of the following components:
- Helm CLI is a Helm client that can be executed locally
- Tiller is a server-side component that runs on a Kubernetes cluster and manages the lifecycle of Kubernetes applications
- Repository is a Chart repository, and Helm clients access the Chart index files and compressed packages in the repository through the HTTP protocol.
Install Helm
First, use Alibaba Cloud Container Service to create a Kubernetes cluster
Then
- Install and configure on your local machine as per the article Connecting to a Kubernetes cluster via kubectl
kubectl
- To view information for the Kubernetes target cluster, type the following command:
kubectl cluster-info
- Refer to the documentation to install Helm on your local computer
After installing Helm, install Tiller on the Kubernetes cluster by typing:
helm init --upgrade
By default, Helm will use the "gcr.io/kubernetes-helm/tiller" image to install and configure Tiller on the Kubernetes cluster; and use "https://kubernetes-charts.storage.googleapis.com" as the default The address of the stable repository. Since domain names such as "gcr.io" and "storage.googleapis.com" may not be accessible in China, Alibaba Cloud Container Service provides mirror sites for this purpose.
Please execute the following command to configure Helm using Alibaba Cloud's image
helm init --upgrade -i registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.5.1 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
After the installation has completed successfully, you will see output like this:
$ helm init --upgrade
$HELM_HOME has been configured at /Users/test/.helm.
Tiller (the helm server side component) has been installed into your Kubernetes Cluster.
Happy Helming!
Helm basic operations
To see all Helm charts available in the repository, type the following command:
helm search
You will see output like this:
$ helm search
NAME VERSION DESCRIPTION
stable/aws-cluster-autoscaler 0.2.1 Scales worker nodes within autoscaling groups.
...
To update the charts list to get the latest version, type:
helm repo update
To see a list of Charts installed on the cluster, type:
helm list
or abbr
helm ls
API Server has RBAC authorization enabled since Kubernetes version 1.6. The current Tiller deployment does not define an authorized ServiceAccount, which will result in denied access to the API Server. We can use the following method to explicitly add authorization for Tiller deployment.
kubectl create serviceaccount --namespace kube-system tiller
kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
See the documentation for details on using with Helm .
Deploy WordPress with Helm
Next we will use Helm to deploy a WordPress blog site
Enter the following command
helm install --name wordpress-test --set "persistence.enabled=false,mariadb.persistence.enabled=false" stable/wordpress
Note: Currently, PersistentVolume support for block storage has not been enabled in Alibaba Cloud Kubernetes service , so data persistence is disabled in the example.
We can get the following results
NAME: wordpress-test
LAST DEPLOYED: Sat Aug 5 18:54:02 2017
NAMESPACE: default
STATUS: DEPLOYED
...
Use the following command to get the access address of WordPress
echo http://$(kubectl get svc wordpress-test-wordpress -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
With the above URL, the familiar WordPress site can be seen on the browser,
You can also use the following command to obtain the administrator user and password of the WordPress site according to Charts' instructions
echo Username: user
echo Password: $(kubectl get secret --namespace default wordpress-test-wordpress -o jsonpath="{.data.wordpress-password}" | base64 --decode)
Summarize
In Kubernetes, application management is the most demanding and challenging area. The Helm project provides a unified software packaging method and supports version control, which can greatly simplify the complexity of Kubernetes application distribution and deployment; Helm has also spawned the development and growth of the community, and more and more software providers, such as Bitnami and other companies, etc. , to start serving high-quality Charts. At https://kubeapps.com/ you can find and discover existing Charts.
For more information on Alibaba Cloud Container Service, please visit https://www.aliyun.com/product/containerservice