1, What's Helm
Helm is the package manager of Kubernetes and the best way to find, share and build Kubernetes with software. Helm helps users manage Kubernetes applications - helm charts, even the most complex Kubernetes applications, can be easily defined, installed and upgraded.
The package manager is similar to apt in Ubuntu, yum in Centos or pip in Python. It can quickly find, download and install software packages. Helm is composed of the client component helm and the server component Tiller. It can package a group of K8S resources for unified management. It is the best way to find, share and use the software built for Kubernetes.
2, What problem did Helm solve
Deploying a usable application in Kubernetes requires the cooperation of many Kubernetes resources. For example, when you install a wordpress blog, you use some resource objects of Kubernetes (hereinafter referred to as k8s), including Deployment for deploying applications, Service providing Service discovery, Secret configuring WordPress user name and password, and pv and pvc may also be required to provide persistence services. And the WordPress data is stored in mariadb, so you can start WordPress only after mariadb is ready to start. These k8s resources are too scattered to be managed. You will find it very painful to manage an application directly through kubectl.
So to sum up, we usually face the following problems when deploying an application in k8s:
- How to uniformly manage, configure and update these scattered k8s application resource files
- How to distribute and reuse a set of application templates
- How to manage a series of application resources as a software package
3, Related components and concepts of Helm
Helm consists of two parts: helm client and Tiller server;
The concept of Helm is as follows:
heml
A command line tool for local development and management of chart, chart warehouse management, etc
Tiller
Helm's server. Tiller is responsible for receiving helm's request, interacting with the apiserver of k8s, generating a release according to chart and managing the release
chart
Helm's packaging format is called chart. Chart is a series of files that describe a group of k8s cluster resources; Chart stands for helm package.
It contains all the resource definitions required to run applications, tools, or services within the Kubernetes cluster. You can think of it as the equivalent of Homebrew formula, Apt dpkg, or Yum RPM in Kubernetes.
Repoistory
Is a place for storing and sharing charts. It's like Perl's CPAN archive network or Fedora's package repository, but it's for the Kubernetes package. The Helm client accesses the index files and compressed packages of chart in the repository through the HTTP protocol.
Release
The Chart deployed in the Kubernetes cluster using the helm install command is called Release;
Release is an instance of chart running in the Kubernetes cluster. A chart can usually be installed multiple times in the same cluster. Each installation creates a new release. Take MySQL chart as an example. If you want to run two databases in your cluster, you can install the chart twice. Each database has its own release and release name.
Therefore, Helm can be interpreted as:
- Helm installed in Kubernetes_ Chart_, And each installation creates a new one_ Release_.
- To find a new chart, you can search in the Helm Chart warehouse.
4, Installation of Helm
Helm provides several installation methods. Only the official script one click installation is provided here. For more installation methods, please read helm's Official documents:
curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get > get_helm.sh chmod 700 get_helm.sh bash get_helm.sh
Install the Tiller
After installing the helm client, you can install Tiller in the kubernetes cluster through the following command:
This place is used by default https://kubernetes-charts.storage.googleapis.com As the default address of the stable repository, but due to the existence of an invisible wall in China, Google APIs COM is not accessible. Alicloud's source can be used to configure:
helm init --upgrade -i registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.9.1 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
Note that the Tiller version of the above command needs to be consistent with the Helm version installed on the machine
Use helm version to view the helm version
After executing the above command, you can view the installation of tiller through kubectl get po - n Kube system.
Initialize configuration
Configure user permissions
Since kubernetes has joined RBAC authorization since version 1.6. The current Tiller does not define a ServiceAccount for authorization. Access to the API Server will be denied. You need to add authorization to the Tiller.
For example:
helm list ## The following error occurs when executing the above command: Error: configmaps is forbidden: User "system:serviceaccount:kube-system:default" cannot list resource "configmaps" in API group "" in the namespace "kube-system"
After the above error occurs, you need to execute the following command:
kubectl create serviceaccount --namespace kube-system tiller
kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
# After executing the command, use the following command to verify success
kubectl get deploy -n kube-system tiller-deploy -o yaml | grep serviceAccount
# The following words are successful
serviceAccount: tiller
serviceAccountName: tiller
If you use helm list, you won't report an error.
Initialize warehouse
5, Practice
Find a chart
Helm comes with a powerful search command that can be used to search from two sources:
helm search {chartName}
# Example
$ helm search mysql
NAME CHART VERSION APP VERSION DESCRIPTION
office/mysql 1.6.9 5.7.30 DEPRECATED - Fast, reliable, scalable, and easy to use op...
office/mysqldump 2.6.2 2.4.1 DEPRECATED! - A Helm chart to help backup MySQL databases...
office/prometheus-mysql-exporter 0.7.1 v0.11.0 DEPRECATED A Helm chart for prometheus mysql exporter wit...
stable/mysql 0.3.5 Fast, reliable, scalable, and easy to use open-source rel...
office/percona 1.2.3 5.7.26 DEPRECATED - free, fully compatible, enhanced, open sourc...
office/percona-xtradb-cluster 1.0.8 5.7.19 DEPRECATED - free, fully compatible, enhanced, open sourc...
office/phpmyadmin 4.3.5 5.0.1 DEPRECATED phpMyAdmin is an mysql administration frontend
stable/percona 0.3.0 free, fully compatible, enhanced, open source drop-in rep...
stable/percona-xtradb-cluster 0.0.2 5.7.19 free, fully compatible, enhanced, open source drop-in rep...
office/gcloud-sqlproxy 0.6.1 1.11 DEPRECATED Google Cloud SQL Proxy
office/mariadb 7.3.14 10.3.22 DEPRECATED Fast, reliable, scalable, and easy to use open...
stable/gcloud-sqlproxy 0.2.3 Google Cloud SQL Proxy
stable/mariadb 2.1.6 10.1.31 Fast, reliable, scalable, and easy to use open-source rel...
Search is a good way to find available packages. Once you find the helm package you want to install, you can install it by using the helm install command.
Install a helm package
Use the helm install command to install a new helm package. The simplest way to use it is to pass in only two parameters: the name of the release you named and the name of the chart you want to install.
helm install [releaseName] [chartName]
Take nginx as an example:
To be continued.
Reference documents
Helm official website
Helm from introduction to practice
helm pit filling and basic commands in kubernetes actual combat chapter
Helm Foundation