helm
helm简介
helm -> yum
chart -> rpm
helm V3
下载地址:
https://github.com/helm/helm/releases
当前版本:
wget https://get.helm.sh/helm-v3.7.1-linux-amd64.tar.gz
安装:
tar -xf helm-v3.0.0-linux-amd64.tar.gz mv linux-amd64/helm /usr/local/bin/helm
添加chart:
helm repo add bitnami https://charts.bitnami.com/bitnami
更新缓存:
helm search repo bitnami
搜索软件:
helm search repo redis
查看已经安装的软件包:
]# helm list -A NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION aws-load-balancer-controller kube-system 1 2023-03-13 15:41:36.418171978 +0800 CST deployed aws-load-balancer-controller-1.4.8 v2.4.7 metrics-server kube-system 1 2023-03-12 16:05:54.207667545 +0800 CST deployed metrics-server-3.8.4 0.6.2
查看软件详细信息:
helm show all bitnami/redis
安装软件:
helm install NAME bitnami/redis # 禁用持久存储 helm install db bitnami/redis --set replica.persistence.enabled=false --set master.persistence.enabled=false # 官网地址,有更多的参数可以设置 artifacthub.io/packages/helm/bitnami/redis
指定软件名称:
helm install db-redis bitnami/redis -f /tmp/redis/values.yaml
查看已安装的软件:
]# helm list -A NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION metrics-server kube-system 1 2023-03-12 16:05:54.207667545 +0800 CST deployed metrics-server-3.8.4 0.6.2 prometheus kube-system 1 2023-03-12 16:37:52.515709814 +0800 CST deployed prometheus-19.7.2 v2.41.0
卸载软件:
]# helm uninstall prometheus -n kube-system
自定义helm应用的使用:
编写文件:
. ├── Chart.yaml ├── README.md ├── templates │ ├── _cache_s3.tpl │ ├── configmap.yaml │ ├── deployment.yaml │ ├── _env_vars.tpl │ ├── _helpers.tpl │ ├── NOTES.txt │ ├── pvc.yaml │ ├── role-binding.yaml │ ├── role.yaml │ ├── secrets.yaml │ └── service-account.yaml └── values.yaml
打包:
helm package .
安装:
helm install --namespace gitlab gitlab-runner *.tgz
查看:
helm ls -n gitlab
卸载:
helm uninstall -n gitlab gitlab-runner-0-1655282389
安装fluent-bit:
添加官方chart源:
helm repo add fluent https://fluent.github.io/helm-charts
获取配置:
helm show values fluent/fluent-bit > fluent-bit.yaml
改完配置后指定chart文件安装:
helm install log fluent/fluent-bit -f fluent-bit.yaml -n logs
安装fluentd:fluentd默认的配置收集到es中的日志字段比较丰富比较实用。
helm repo add fluent https://fluent.github.io/helm-charts helm show values fluent/fluentd > fluentd.yaml helm install log fluent/fluentd -f fluentd.yaml -n logs
要修改如下配置:
04_outputs.conf: |- <label @OUTPUT> <match **> @type elasticsearch host "192.168.0.20" port 9200 path "" logstash_format true logstash_prefix "k8s" </match> </label>
收集指定名称空间下的日志:默认收集全部名称空间的日志
<source> @type tail @id in_tail_container_logs @label @KUBERNETES path /var/log/containers/*_default_*.log # 把*.log 改成 *_namespace_*.log 即可 pos_file /var/log/fluentd-containers.log.pos tag kubernetes.* read_from_head true <parse> @type multi_format <pattern> format json time_key time time_type string time_format "%Y-%m-%dT%H:%M:%S.%NZ" keep_time_key false </pattern> <pattern> format regexp expression /^(?<time>.+) (?<stream>stdout|stderr)( (.))? (?<log>.*)$/ time_format '%Y-%m-%dT%H:%M:%S.%NZ' keep_time_key false </pattern> </parse> emit_unmatched_lines true </source>
helm安装filebeat:
wget https://get.helm.sh/helm-v3.9.4-linux-amd64.tar.gz tar -xf helm-v3.9.4-linux-amd64.tar.gz cp ./linux-amd64/helm /usr/local/bin/helm helm version helm help helm repo add elastic https://helm.elastic.co helm pull elastic/filebeat --version 7.17.3 tar -xf filebeat-7.17.3.tgz helm install filebeat . -n logging --create-namespace helm uninstall filebeat . -n logging
helm安装prometheus: 社区版,没有operator复杂,适合小规模集群。需要storageclass或emptyDir,有两个地方要改,分别是alertmanager 和 prometheus。
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts helm show values prometheus-community/prometheus > prometheus.yaml
对导出的配置文件进行修改,参考官方文档:
https://artifacthub.io/packages/helm/prometheus-community/prometheus
storageClass:
persistentVolume: storageClass: "managed-nfs-storage" # 改成自己storageClass名称
persistentVolume:可以使用手动创建的pv,pvc来存储数据,和storageClass二选一即可。
persistentVolume: enabled: true existingClaim: "prometheus" # 可以使用手动创建出的pvc size: 20Gi
alertmanager:
alertmanager: enabled: true # 不需要就设置为false
pushgateway:
prometheus-pushgateway: enabled: true
node-exporter:如果不需要对节点进行监控可以不安装,设置为false即可。
prometheus-node-exporter: enabled: true
kube-state-metrics:为HPA等组件提供决策指标支持的组件(Pod水平扩容)。
kube-state-metrics: enabled: false
安装:
helm install prometheus prometheus-community/prometheus -f prometheus.yaml -n prometheus
更新:
helm upgrade prometheus prometheus-community/prometheus -f prometheus.yaml -n prometheus
grafana模板:
https://grafana.com/grafana/dashboards/9614-nginx-ingress-controller/
卸载:
helm uninstall prometheus -n prometheus
安装prometheus-adapter:prometheus对接到k8s的适配器,让k8s支持prometheus格式的指标。
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts helm show values prometheus-community/prometheus-adapter > prometheus-adapter.yaml
修改配置之后安装:需要指定prometheus的地址,如:prometheus.kube-system.svc.cluster.local.
helm install my-prometheus-adapter prometheus-community/prometheus-adapter -f prometheus-adapter.yaml
官方文档:
https://artifacthub.io/packages/helm/prometheus-community/prometheus-adapter
主要修改的配置如下:注意端口使用的是svc的端口。
prometheus: url: http://prom-prometheus-server.kube-system.svc.cluster.local. port: 80 # 注意使用svc的端口
安装好后获取指标:需要等待一分钟才能获取到指标,如果发现只有一个指标那就是prometheus地址没指定正确。
kubectl get --raw /apis/custom.metrics.k8s.io/v1beta1 | jq
编辑配置:可以自定义规则
kubectl edit configmaps -n kube-system prometheus-adapter
使用helm安装metrics-server:
添加源:
helm repo add metrics-server https://kubernetes-sigs.github.io/metrics-server/
获取配置文件:修改下镜像地址
helm show values metrics-server/metrics-server > metrics-server-conf.yaml
安装:安装后需要在启动选项上添加 --kubelet-insecure-tls 选项来不验证证书。
helm install metrics-server metrics-server/metrics-server -n kube-system -f metrics-server-conf.yaml
helm安装ingress-nginx:
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
卸载命令:
helm repo remove ingress-nginx
下载包:
helm repo list helm search repo ingress-nginx helm pull ingress-nginx/ingress-nginx --version 4.7.1 ]# ls ingress-nginx-4.7.1.tgz
解压包:
]# tar -xf ingress-nginx-4.7.1.tgz ]# cd ingress-nginx/ ]# vim values.yaml
修改如下几项:
# 修改为 true hostNetwork: true # 修改为 ClusterFirstWithHostNet dnsPolicy: ClusterFirstWithHostNet nodeSelector: kubernetes.io/os: linux ingress: "true" # 添加 # 注释掉digest digest: sha256:543c40fd093964bc9ab509d3e791f9989963021f1e9e4c9c7b6700b02bfb227b # 开启prometheus监控: metrics: port: 10254 portName: metrics enabled: true # 设置为 true service: annotations: prometheus.io/scrape: "true" # 去掉注释 prometheus.io/port: "10254" # 去掉注释 # 打标签: kubectl label node node01.k8s.local ingress=true # 创建名称空间 kubectl create ns ingress-nginx
安装:
helm install ingress-nginx -n ingress-nginx .
安装方法二:
helm install myapp -n ingress-nginx /path/to/myapp-0.1.0.tgz
卸载:
helm uninstall ingress-nginx -n ingress-nginx
删除验证规则:会阻止创建证书中没有的域名的ingress规则,实际情况并不需要此规则
kubectl delete validatingwebhookconfigurations ingress-nginx-admission
helm安装cilium:
添加仓库:
helm repo add cilium https://helm.cilium.io
查看仓库:
helm search repo cilium
修改网段:
ipam: operator: clusterPoolIPv4PodCIDRList: ["172.16.0.0/12"]
安装:
helm install cilium -n kube-system cilium/cilium
或者:
helm install cilium -n kube-system . --set hubble.relay.enabled=true --set hubble.ui.enabled=true --set prometheus.enabled=true --set operator.prometheus.enabled=true --set hubble.enabled=true --set hubble.metrics.enabled="{dns,drop,tcp,flow,port-distribution,icmp,http}" --set ipam.operator.clusterPoolIPv4PodCIDRList="{172.16.0.0/12}"
helm安装nfs storageclass:
helm install nfs-subdir-external-provisioner nfs-subdir-external-provisioner/nfs-subdir-external-provisioner \ --set nfs.server=192.168.0.121 \ --set nfs.path=/data/nfs
官方文档:
helm.sh/zh/docs/