- 快召唤伙伴们来围观吧
- 微博 QQ QQ空间 贴吧
- 文档嵌入链接
- 复制
- 微信扫一扫分享
- 已成功复制到剪贴板
KubeConChina_Helm
展开查看详情
1 .Take the Wheel, Don’t Reinvent It! - Deploying Apps With Helm in 5 Minutes Christopher Hanson, Senior Associate Consultant RX-M Enterprises LLC
2 .In 5 Minutes !!! Why do I need Helm? What is Helm? How do I use Helm?
3 .Fine grained parts Kubernetes allows users to describe any application configuration they require This flexibility requires Kubernetes application building blocks to be fine grained Combined with the fact that cloud native applications are typically decomposed into small services, even simple applications can require many Kubernetes resources
4 .A simple application Container
5 .Pod A simple application Container
6 .ReplicaSet Pod A simple application Container
7 .Deployment ReplicaSet Pod A simple application Container
8 .Deployment ReplicaSet Pod A simple application Container Service
9 .Deployment ReplicaSet Pod A simple application Container Service Service Account
10 .Deployment ReplicaSet Pod A simple application Container Service Service Account Roll
11 .Deployment ReplicaSet Pod A simple application Container Service Service Account Roll Roll Binding
12 .Deployment ReplicaSet Pod A simple application Container Service Service Account Roll Roll Binding ConfigMap
13 .Deployment ReplicaSet Pod A simple application Container Service Service Account Roll Roll Binding ConfigMap secret
14 .ConfigMap secret Deployment ReplicaSet Pod A simple application Container Service Service Account Roll Roll Binding
15 .ConfigMap secret Deployment ReplicaSet Pod A simple application Container Service Service Account Roll Roll Binding
16 .ConfigMap secret Deployment ReplicaSet Pod A simple application Container Service Service Account Roll Roll Binding
17 .can tame the madness
18 .What is Helm? https://helm.sh/ The package manager for Kubernetes! A great way to find, share, and use software built for Kubernetes Helm collects all of the resources required to run an application into a single artifact: a Chart Charts let you define, install, and upgrade complex Kubernetes applications as a single unit Helm is a CNCF project with significant contributions from Microsoft, Google and Bitnami
19 .How Helm works Simple Parameters Complex Charts Powerful Applications
20 .Installing Helm From Snap ( Linux ) $ sudo snap install helm From Homebrew ( macOS ) $ brew install kubernetes -helm From Chocolatey ( Windows ) C:\> choco install kubernetes-helm From Script ( GitHub ) https:// raw.githubusercontent.com /helm/helm/master/scripts/get
21 .Initializing Helm $ helm init Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com Adding local repo with URL: http://127.0.0.1:8879/charts $HELM_HOME has been configured at /home/user/.helm. Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster. Please note: by default, Tiller is deployed with an insecure allow unauthenticated users policy. To prevent this, run `helm init ` with the --tiller- tls -verify flag. For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation Happy Helming! $ kubectl create serviceaccount --namespace kube -system tiller serviceaccount /tiller created $ kubectl create clusterrolebinding tiller-cluster-rule \ -- clusterrole =cluster-admin -- serviceaccount = kube-system:tiller clusterrolebinding.rbac.authorization.k8s.io/tiller-cluster-rule created $ kubectl patch deploy --namespace kube -system tiller-deploy \ -p {spec:{template:{spec:{ serviceAccount :tiller}}}} deployment.extensions /tiller-deploy patched helm init uses the current kubectl context from $HOME/<username>/. kube /config to configure the target Kubernetes cluster for use with Helm To enable Helm’s server to function in an RBAC system the Helm deployment (tiller-deploy) must be given a service account (typically named “tiller”) bound to the cluster admin role
22 .Tiller The helm CLI init command launches Helm’s server, Tiller on the configured cluster Tiller runs as a single pod deployment with the “tiller-deploy” service in the kube -system namespace
23 .Concepts A Chart is a Helm package Charts contain all of the resource definitions necessary to run an application A Repository is the place where charts can be collected and shared A Release is an instance of a chart running in a Kubernetes cluster
24 .Running applications user@ubuntu :~/linux-amd64$ ./helm install stable/ mysql NAME: full-joey LAST DEPLOYED: Fri Oct 19 00:45:55 2018 NAMESPACE: default STATUS: DEPLOYED RESOURCES: ==> v1/Pod(related) NAME READY STATUS RESTARTS AGE full-joey-mysql-c566bbf7-78vvm 0/1 Pending 0 0s ==> v1/Secret NAME AGE full-joey- mysql 0s ==> v1/ ConfigMap full-joey- mysql -test 0s ==> v1/ PersistentVolumeClaim full-joey- mysql 0s ==> v1/Service full-joey- mysql 0s ==> v1beta1/Deployment full-joey- mysql 0s NOTES: MySQL can be accessed via port 3306 on the following DNS name from within your cluster: full-joey- mysql.default.svc.cluster.local To get your root password run: MYSQL_ROOT_PASSWORD=$(kubectl get secret --namespace default full-joey- mysql -o jsonpath ="{. data.mysql -root-password}" | base64 --decode; echo) To connect to your database: 1. Run an Ubuntu pod that you can use as a client: kubectl run - i -- tty ubuntu --image=ubuntu:16.04 --restart=Never -- bash - il 2. Install the mysql client: $ apt-get update && apt-get install mysql -client -y 3. Connect using the mysql cli, then provide your password: $ mysql -h full-joey- mysql -p To connect to your database directly from outside the K8s cluster: MYSQL_HOST=127.0.0.1 MYSQL_PORT=3306 # Execute the following command to route the connection: kubectl port-forward svc/full-joey- mysql 3306 mysql -h ${MYSQL_HOST} -P${MYSQL_PORT} -u root -p${MYSQL_ROOT_PASSWORD} user@ubuntu :~/linux-amd64$ The helm install command is used to launch applications on the configured Kubernetes cluster Charts can be installed from Repositories ; curated charts for many common applications can be installed from the public repo: https://kubernetes-charts.storage.googleapis.com helm install “releases” the chart, combining it with configuration parameters (from the source repo in this case) The example release here is: full-joey When you install a chart, a new release is created. One chart can be installed many times in the same cluster. Each release is given a name and can be independently parameterized, managed and upgraded
25 .Controlling applications Helm has many commands for working with applications $ helm status $ helm inspect $ helm list $ helm upgrade $ helm rollback $ helm delete
26 .Chart Layout A Chart is a collection of files defining the resources necessary to launch a Kubernetes application Charts can be packaged into versioned archives to be deployed Charts have a required set of files and directory structure
27 .Chart Layout A Chart is a collection of files defining the resources necessary to launch a Kubernetes application Charts can be packaged into versioned archives to be deployed Charts have a required set of files and directory structure
28 .Templates Based Go templates with a few add-ons Stored in a chart’s templates/ folder Contain place holders for values that can be supplied by users When Helm installs a chart it passes every file in templates/ through the template engine resolving the template variables Values for template variables can be supplied two ways: Chart developers may supply a file called values.yaml in chart repo Chart users may supply a YAML file that contains values on the command line or use the --set flag to pass a variable imperatively
29 .In 5 Minutes !!! Why do I need Helm? Because K8s apps require coordinated deployment of large sets of complex resources What is Helm? A tool for coordinating deployment of large sets of complex resources!!! How do I use Helm? helm install pre-built charts from the public repo !!!