安装
下载 https://helm.sh/docs/intro/install/
1 | wget -P /opt/docker https://get.helm.sh/helm-v3.9.3-linux-amd64.tar.gz |
设置环境变量
1 | $ cat >> ~/.bashrc <<EOF |
添加源
1 | helm repo add stable http://mirror.azure.cn/kubernetes/charts |
show
1 | helm show chart stable/mysql |
install
有六种不同的方式来标识需要安装的chart:
- 通过chart引用: helm install mymaria example/mariadb
- 通过chart包: helm install mynginx ./nginx-1.2.3.tgz
- 通过未打包chart目录的路径: helm install mynginx ./nginx
- 通过URL绝对路径: helm install mynginx https://example.com/charts/nginx-1.2.3.tgz
- 通过chart引用和仓库url: helm install –repo https://example.com/charts/ mynginx nginx
- 通过OCI注册中心: helm install mynginx –version 1.2.3 oci://example.com/charts/nginx
❯ helm list
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /home/cs/.kube/config
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /home/cs/.kube/config
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION#helm list -A
https://github.com/mysql/mysql-operator
envs.k8sClusterDomain
persists try setting MYSQL_OPERATOR_K8S_CLUSTER_DOMAIN via environment.
helm install
helm install -f ...
❯ helm install -f ./mysql-operator/values.yaml -name mysql-operator --namespace mysql-operator --create-namespace ./mysql-operator
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /home/cs/.kube/config
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /home/cs/.kube/config
NAME: mysql-operator
LAST DEPLOYED: Thu Aug 31 20:42:51 2023
NAMESPACE: mysql-operator
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
Create an MySQL InnoDB Cluster by executing:
1. When using a source distribution / git clone: `helm install [cluster-name] -n [ns-name] ~/helm/mysql-innodbcluster`
2. When using the Helm repo from ArtifactHub
2.1 With self signed certificates
export NAMESPACE="your-namespace"
# in case the namespace doesn't exist, please pass --create-namespace
helm install my-mysql-innodbcluster mysql-operator/mysql-innodbcluster -n $NAMESPACE \
--version 2.1.0 \
--set credentials.root.password=">-0URS4F3P4SS" \
--set tls.useSelfSigned=true
2.2 When you have own CA and TLS certificates
export NAMESPACE="your-namespace"
export CLUSTER_NAME="my-mysql-innodbcluster"
export CA_SECRET="$CLUSTER_NAME-ca-secret"
export TLS_SECRET="$CLUSTER_NAME-tls-secret"
export ROUTER_TLS_SECRET="$CLUSTER_NAME-router-tls-secret"
# Path to ca.pem, server-cert.pem, server-key.pem, router-cert.pem and router-key.pem
export CERT_PATH="/path/to/your/ca_and_tls_certificates"
kubectl create namespace $NAMESPACE
kubectl create secret generic $CA_SECRET \
--namespace=$NAMESPACE --dry-run=client --save-config -o yaml \
--from-file=ca.pem=$CERT_PATH/ca.pem \
| kubectl apply -f -
kubectl create secret tls $TLS_SECRET \
--namespace=$NAMESPACE --dry-run=client --save-config -o yaml \
--cert=$CERT_PATH/server-cert.pem --key=$CERT_PATH/server-key.pem \
| kubectl apply -f -
kubectl create secret tls $ROUTER_TLS_SECRET \
--namespace=$NAMESPACE --dry-run=client --save-config -o yaml \
--cert=$CERT_PATH/router-cert.pem --key=$CERT_PATH/router-key.pem \
| kubectl apply -f -
helm install my-mysql-innodbcluster mysql-operator/mysql-innodbcluster -n $NAMESPACE \
--version 2.1.0 \
--set credentials.root.password=">-0URS4F3P4SS" \
--set tls.useSelfSigned=false \
--set tls.caSecretName=$CA_SECRET \
--set tls.serverCertAndPKsecretName=$TLS_SECRET \
--set tls.routerCertAndPKsecretName=$ROUTER_TLS_SECRET
1 | ❯ kubectl get deployment -n mysql-operator mysql-operator |
dependency
注意: 传统Helm 的Chart.yaml dependencies:部分字段已被完全删除弃用。
用requirements.yaml来管理依赖关系
1 | dependencies: |
2
3
4
5
6
>loki:
enabled: true
......
>promtail:
enabled: true
本地 “file://../prometheus”
❯ helm dependency build
Error: the lock file (Chart.lock) is out of sync with the dependencies file (Chart.yaml). Please update the dependencies
❯ helm dependency update
Hang tight while we grab the latest from your chart repositories…
…Successfully got an update from the “cluster-proportional-autoscaler” chart repository
…Successfully got an update from the “aliyun” chart repository
…Successfully got an update from the “jetstack” chart repository
…Successfully got an update from the “hashicorp” chart repository
…Successfully got an update from the “flannel” chart repository
…Successfully got an update from the “mysql-operator” chart repository
…Successfully got an update from the “stable” chart repository
…Successfully got an update from the “coredns” chart repository
…Successfully got an update from the “bitpoke” chart repository
…Successfully got an update from the “radondb” chart repository
…Successfully got an update from the “prometheus-community” chart repository
…Successfully got an update from the “istio” chart repository
Update Complete. ⎈Happy Helming!⎈
Saving 4 charts
Deleting outdated charts❯ helm package metrics-server #打包本地文件
package
-d 默认打包到当前目录
1 | ❯ helm package /home/cs/oss/k8s-1.26/helm-charts-main/charts/alertmanager \ |
Successfully packaged chart and saved it to: /home/cs/oss/k8s-1.26/helm-charts-main/charts/prometheus/charts/alertmanager-1.6.0.tgz
uninstall
1 | helm uninstall mysql-operator -n mysql-operator |
自定义
1 | tree ./ |
模板语法
helm内置对象
Release, release相关属性
Chart, Chart.yaml文件中定义的内容
Values, values.yaml文件中定义的内容引用方式
<!–swig13–> 通过双括号注入,小数点开头表示从最顶层命名空间引用
常用函数
• quote:将值转换为字符串,即加双引号
• default:设置默认值,如果获取的值为空则为默认值
• indent和nindent:缩进字符串 ,nindent 换行缩进
• toYaml:引用一块YAML内容,如健康检查,资源配额resources,或者端口
• 其他函数:upper、title等
1 | extraArgs: |
Helm 按需渲染 CM
故障
调试 template
1 | ❯ helm template my-release ./opentelemetry-collector/ --values ./opentelemetry-collector/value.yaml |
data: Too long
1 | ❯ helm upgrade -f ./apisix-2.8.1/values.override.yaml apisix ./apisix-2.8.1 -n apisix |
apisix-2.8.1 目录下面有大量文件
