安装 Helm

Helm 是 Kubernetes 的包管理器,可以帮我们简化 kubernetes 的操作,一键部署应用。假如你的机器上已经安装了 kubectl 并且能够操作集群,那么你就可以安装 Helm 了。当前最新稳定版是 V2,Helm V3 还未正式发布,下面分别说下安装方法。

安装 Helm V2

执行脚本安装 helm 客户端:

  1. $ curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get | bash
  2.   % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
  3.                                  Dload  Upload   Total   Spent    Left  Speed
  4. 100  6737  100  6737    0     0  12491      0 --:--:-- --:--:-- --:--:-- 12475
  5. Downloading https://kubernetes-helm.storage.googleapis.com/helm-v2.9.1-linux-amd64.tar.gz
  6. Preparing to install into /usr/local/bin
  7. helm installed into /usr/local/bin/helm
  8. Run 'helm init' to configure helm.

查看客户端版本:

  1. $ helm version
  2. Client: &version.Version{SemVer:"v2.9.1", GitCommit:"20adb27c7c5868466912eebdf6664e7390ebe710", GitTreeState:"clean"}

安装 tiller 服务端到 kubernetes 集群:

  1. $ helm init
  2. Creating /root/.helm
  3. Creating /root/.helm/repository
  4. Creating /root/.helm/repository/cache
  5. Creating /root/.helm/repository/local
  6. Creating /root/.helm/plugins
  7. Creating /root/.helm/starters
  8. Creating /root/.helm/cache/archive
  9. Creating /root/.helm/repository/repositories.yaml
  10. Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com
  11. Adding local repo with URL: http://127.0.0.1:8879/charts
  12. $HELM_HOME has been configured at /root/.helm.
  14. Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.
  16. Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.
  17. For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation
  18. Happy Helming!

查看 tiller 是否启动成功:

  1. $ kubectl get pods --namespace=kube-system | grep tiller
  2. tiller-deploy-dccdb6fd9-2df4r          0/1       ImagePullBackOff   0          14h

如果状态是 ImagePullBackOff ,说明是镜像问题,一般是未拉取到镜像(国内机器拉取不到 gcr.io 下的镜像) 可以查看下是什么镜像:

  1. $ kubectl describe pod tiller-deploy-dccdb6fd9-2df4r --namespace=kube-system
  2. Events:
  3.   Type     Reason   Age                   From                Message
  4.   ----     ------   ----                  ----                -------
  5.   Warning  Failed   36m (x5 over 12h)     kubelet, k8s-node1  Failed to pull image "gcr.io/kubernetes-helm/tiller:v2.9.1": rpc error: code = Unknown desc = Get https://gcr.io/v1/_ping: dial tcp 64.233.189.82:443: i/o timeout
  6.   Normal   BackOff  11m (x3221 over 14h)  kubelet, k8s-node1  Back-off pulling image "gcr.io/kubernetes-helm/tiller:v2.9.1"
  7.   Warning  Failed   6m (x3237 over 14h)   kubelet, k8s-node1  Error: ImagePullBackOff
  8.   Warning  Failed   1m (x15 over 14h)     kubelet, k8s-node1  Failed to pull image "gcr.io/kubernetes-helm/tiller:v2.9.1": rpc error: code = Unknown desc = Get https://gcr.io/v1/_ping: dial tcp 64.233.188.82:443: i/o timeout

把这个没拉取到镜像想办法下载到这台机器上。当我们看到状态为 Running 说明 tiller 已经成功运行了:

  1. $ kubectl get pods -n kube-system | grep tiller
  2. tiller-deploy-dccdb6fd9-2df4r                   1/1       Running   1          41d

默认安装的 tiller 权限很小,我们执行下面的脚本给它加最大权限,这样方便我们可以用 helm 部署应用到任意 namespace 下:

  1. kubectl create serviceaccount --namespace=kube-system tiller
  3. kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
  5. kubectl patch deploy --namespace=kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'

更多参考官方文档: https://helm.sh/docs/using_helm/#quickstart-guide

安装 Helm V3

https://github.com/helm/helm/releases 找到对应系统的二进制包下载,比如下载 v3.0.0-beta.3linux amd64 版:

  1. $ wget https://get.helm.sh/helm-v3.0.0-beta.3-linux-amd64.tar.gz

解压并移动到 PATH 下面:

  1. $ tar -zxvf helm-v3.0.0-beta.3-linux-amd64.tar.gz
  2. linux-amd64/
  3. linux-amd64/LICENSE
  4. linux-amd64/helm
  5. linux-amd64/README.md
  6. $ cd linux-amd64/
  7. $ ls
  8. LICENSE  README.md  helm
  9. $ mv helm /usr/local/bin/helm3