Helm 安装和配置

本文指导如何安装并配置 Helm 访问集群


official document

using helm



安装 本地 helm

$ curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get > get_helm.sh
$ chmod 700 get_helm.sh
$ ./get_helm.sh

helm 确定自己的客户端的版本,我的是 v2.16.0

$ helm version

安装 Tiller 到 kubernetes 集群

这首先要求你已经配置 kubectl 链接到你的远程的集群中

配置权限,开启 RBAC,这里是给了 Helm 管理员权限,更多可以看官网

创建一个 rbac-config.yaml:

apiVersion: v1
kind: ServiceAccount
  name: tiller
  namespace: kube-system
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
  name: tiller
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
  - kind: ServiceAccount
    name: tiller
    namespace: kube-system


$ kubectl create -f rbac-config.yaml
serviceaccount "tiller" created
clusterrolebinding "tiller" created

安装相同版本的 Tiller 到自己的集群中 ,并使用我们刚才设定好的账户

$ helm init --service-account tiller --history-max 200 \
-i registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.16.0 \ 
--stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/chart 


$ helm --help
The Kubernetes package manager

To begin working with Helm, run the 'helm init' command:

    $ helm init

This will install Tiller to your running Kubernetes cluster.
It will also set up any necessary local configuration.

Common actions from this point include:

- helm search:    Search for charts
- helm fetch:     Download a chart to your local directory to view
- helm install:   Upload the chart to Kubernetes
- helm list:      List releases of charts


- $HELM_HOME:           Set an alternative location for Helm files. By default, these are stored in ~/.helm
- $HELM_HOST:           Set an alternative Tiller host. The format is host:port
- $HELM_NO_PLUGINS:     Disable plugins. Set HELM_NO_PLUGINS=1 to disable plugins.
- $TILLER_NAMESPACE:    Set an alternative Tiller namespace (default "kube-system")
- $KUBECONFIG:          Set an alternative Kubernetes configuration file (default "~/.kube/config")
- $HELM_TLS_CA_CERT:    Path to TLS CA certificate used to verify the Helm client and Tiller server certificates (default "$HELM_HOME/ca.pem")
- $HELM_TLS_CERT:       Path to TLS client certificate file for authenticating to Tiller (default "$HELM_HOME/cert.pem")
- $HELM_TLS_KEY:        Path to TLS client key file for authenticating to Tiller (default "$HELM_HOME/key.pem")
- $HELM_TLS_ENABLE:     Enable TLS connection between Helm and Tiller (default "false")
- $HELM_TLS_VERIFY:     Enable TLS connection between Helm and Tiller and verify Tiller server certificate (default "false")
- $HELM_TLS_HOSTNAME:   The hostname or IP address used to verify the Tiller server certificate (default "")
- $HELM_KEY_PASSPHRASE: Set HELM_KEY_PASSPHRASE to the passphrase of your PGP private key. If set, you will not be prompted for the passphrase while signing helm charts

  helm [command]

Available Commands:
  completion  Generate autocompletions script for the specified shell (bash or zsh)
  create      Create a new chart with the given name
  delete      Given a release name, delete the release from Kubernetes
  dependency  Manage a chart's dependencies
  fetch       Download a chart from a repository and (optionally) unpack it in local directory
  get         Download a named release
  help        Help about any command
  history     Fetch release history
  home        Displays the location of HELM_HOME
  init        Initialize Helm on both client and server
  inspect     Inspect a chart
  install     Install a chart archive
  lint        Examines a chart for possible issues
  list        List releases
  package     Package a chart directory into a chart archive
  plugin      Add, list, or remove Helm plugins
  repo        Add, list, remove, update, and index chart repositories
  reset       Uninstalls Tiller from a cluster
  rollback    Rollback a release to a previous revision
  search      Search for a keyword in charts
  serve       Start a local http web server
  status      Displays the status of the named release
  template    Locally render templates
  test        Test a release
  upgrade     Upgrade a release
  verify      Verify that a chart at the given path has been signed and is valid
  version     Print the client/server version information

      --debug                           Enable verbose output
  -h, --help                            help for helm
      --home string                     Location of your Helm config. Overrides $HELM_HOME (default "/Users/abser/.helm")
      --host string                     Address of Tiller. Overrides $HELM_HOST
      --kube-context string             Name of the kubeconfig context to use
      --kubeconfig string               Absolute path of the kubeconfig file to be used
      --tiller-connection-timeout int   The duration (in seconds) Helm will wait to establish a connection to Tiller (default 300)
      --tiller-namespace string         Namespace of Tiller (default "kube-system")

Use "helm [command] --help" for more information about a command.
$ helm version
Client: &version.Version{SemVer:"v2.16.0", GitCommit:"e13bc94621d4ef666270cfbe734aaabf342a49bb", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.16.0", GitCommit:"e13bc94621d4ef666270cfbe734aaabf342a49bb", GitTreeState:"clean"}

helm search

用来搜索 chart

例:helm search stable/ipfs

helm install

对于 helm install 的执行顺序发现是按照 configmap.yamlpv.yamlpvc.yamldeployment.yamlservice.yamlingress.yaml 的有依赖关系进行执行的,没有找到有控制和文件名的限制应该是用 kind 来做依赖分析的。

可以从四种软件包中安装 Chart

More Installation Methods

The helm install command can install from several sources:

  • A chart repository (as we’ve seen above)
  • A local chart archive (helm install foo-0.1.1.tgz)
  • An unpacked chart directory (helm install path/to/foo)
  • A full URL (helm install https://example.com/charts/foo-1.2.3.tgz)

helm fetch

我遇到了 官方 chart 无法在我的版本上的 kubernetes 运行的问题(api version 不兼容),需要修改官方 chart,就用到了这个命令,他下载的是压缩包。

例: helm fetch stable/ipfs

来源: Helm 安装和配置 · 语雀

分类: 还在篮子里

0 条评论


电子邮件地址不会被公开。 必填项已用*标注