01 Overview
Helm is kubernetes package management tool for quick and easy installation, management, uninstall kubernetes application, similar to the role of the Linux operating system, yum or apt-get software. The main purpose of the design:
Create a new chart package
The charts package file compression package
Integration with chart storage, file get charts
Install and uninstall charts to kubernetes cluster
By helm management application installed charts
02 Concepts
chart: a Helm package, which contains a Mirror operation required by the application, and rely on other resource definitions, the service definition may also contain Kubernetes cluster.
release: An example of Chart of running on Kubernetes cluster. On the same cluster, a Chart can install a lot of times, each installation will create a new release.
repository: for publishing and storing Chart warehouses, Helm client to access the file repository Chart index and archive via HTTP protocol.
03 components
helm: available to users of client programs can communicate with the server -tiller in the form of the command line.
tiller: server software, used to interact with the helm clients and interact with kubernetes api server components.
Architecture as follows:
Pictures from the community Yunqi
04 installation deployment
1. helm of installation and deployment
Download version, version list github.com/helm/helm/r...
unzip, tar -zxvf helm-v2.0.0-linux-amd64.tgz
The binary file decompressed on the executable directory mv linux-amd64/helm /usr/local/bin/helm, then execute the helm --helphelp documentation
2. tiller of installation and deployment
Console > helm initcommand, which will download charts charts package from the warehouse, and deployed to kubernetes cluster configuration according to them.
The default charts warehouse https://kubernetes-charts.storage.googleapis.com/index.yaml
The default image is used tiller gcr.io/kubernetes-helm/tiller:v2.13.1
Domestic due to the wall can not be accessed directly, we need to deal with alternative warehouses and self-image version, installation deployment helm server via the following command:
> helm init --tiller-image registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.13.1--stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts Creating /root/.helm/repository/repositories.yaml Adding stable repowithURL: https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts Adding local repowithURL: http://127.0.0.1:8879/charts $HELM_HOME has been configured at /root/.helm. Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster. Please note: bydefault, Tiller is deployedwithan insecure'allow unauthenticated users'policy. To preventthis, run`helm init`withthe --tiller-tls-verify flag. For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation Happy Helming!
Wait a bit and then execute the following command, see the following output installation was successful:
>helmversion
Client: &version.Version{SemVer:"v2.13.1", GitCommit:"618447cbf203d147601b4b9bd7f8c37a5d39fbb4", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.13.1", GitCommit:"618447cbf203d147601b4b9bd7f8c37a5d39fbb4", GitTreeState:"clean"}
Common commands can be seen by performing the helm --help, as follows:
search to find applications in warehouse helm
Download chart fetch packages from the warehouse to the local
list in the deployment of the k8s cluster of release list
displaying status information of specific release of
install install charts
inspect information describing charts
Delete to delete the deployed release
create charts create a
The package performs packing some charts
repo display, add, remove charts warehouse
05 access authorization
In the above steps, we will deploy the resources required to tiller kubernetes cluster, but because there is no definition of Deployment tiller-deploy unauthorized access apiserver ServiceAccount lead to denial, execute the following command for authorization for the tiller-deploy:
> kubectl create serviceaccount --namespace kube-system tiller
> kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
> kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
06 deployed by WordPress helm
Enter the following command, we can create a WordPress blog site through helm
> helm install --name wordpress-test --set"persistence.enabled=false,mariadb.persistence.enabled=false"stable/wordpress
Obtain login information through the following command:
> kubectlgetsvc -o wide
> kubectlgetsecret --namespacedefaultwordpress-test-wordpress -o jsonpath="{.data.wordpress-password}"| base64 --decode
Open the page in a browser, and enter the user name and password to see good build WordPress blog site
07 upgrade
When there is a new chart release package or when you want to change the configuration of the existing release, you can helm upgradecommand is implemented, such as:
> helm upgrade wordpress-test \ > --set"persistence.enabled=true,mariadb.persistence.enabled=true"\ > stable/wordpress
Reference documents: