《OpenShift 4.x HOL教程汇总》
说明:本文已经在OpenShift 4.8环境中验证
文章目录
Helm架构及其组件下载helm客户端在控制台用Helm Chart安装部署应用通过外部Helm Repo安装部署应用使用本地Helm Repo安装部署应用定制Helm Chart创建新的Helm Chart修改更新Helm Chart回退Helm Chart配置参考Helm架构及其组件
在OpenShift 4中内置了Helm 3,我们可以使用Helm Chart部署OpenShift应用。Helm使用Chart记录要部署资源的配置,这非常类似OpenShift自带的Template:
下载helm客户端
下载helm客户端,并查看版本。
$ sudo curl -L /pub/openshift-v4/clients/helm/latest/helm-linux-amd64 -o /usr/local/bin/helm$ sudo chmod +x /usr/local/bin/helm$ helm versionversion.BuildInfo{Version:"v3.6.2+5.el8", GitCommit:"eb607dd4f123eaedab662cef21008d177f2c3426", GitTreeState:"clean", GoVersion:"go1.15.13"}
在控制台用Helm Chart安装部署应用
创建项目$ oc new-project helm-nodejs
进入OpenShift控制台的“开发者”视图,点击“+添加”菜单,然后找到“Helm Chart”进入。通过在“Languages”中查找“nodejs”,找到下面的Helm Chart,然后点击进入。
在右滑的安装界面中点击“安装Helm Chart”按钮,然后在“安装Helm Chart”页面中接受缺省配置,最后点击“安装”按钮,此时页面将跳转到“拓扑”。此时OpenShift会根据这个Helm Chart拉取Nodejs应用代码,然后通过Build构建应用镜像,最后再部署运行。部署完成后如下图,此时可通过Route访问部署好的应用了。
进入“Helm”菜单,在列表中进入“nodejs”,可在“资源”中查看所有通过Helm Chart创建的OpenShift资源。
通过外部Helm Repo安装部署应用
创建项目。$ oc new-project helm-nginx
执行命令,查看包含nginx的helm hub的Repo源。
$ helm search hub nginxURL CHART VERSION APP VERSION DESCRIPTIONhttps://artifacthub.io/packages/helm/test-nginx...0.1.0 1.16.0 A Helm chart for Kuberneteshttps://artifacthub.io/packages/helm/shubhamtat...0.1.121.19.6 Nginx Helm chart for Kuberneteshttps://artifacthub.io/packages/helm/dysnix/nginx 7.1.8 1.19.4 Chart for the nginx serverhttps://artifacthub.io/packages/helm/mirantis/n...0.1.0 1.16.0 A NGINX Docker Community based Helm chart for K...https://artifacthub.io/packages/helm/bitnami/nginx9.4.2 1.21.1 Chart for the nginx serverhttps://artifacthub.io/packages/helm/bitnami-ak...9.4.2 1.21.1 Chart for the nginx serverhttps://artifacthub.io/packages/helm/krakazyabr...1.0.0 1.19.0 Nginx Helm chart for Kuberneteshttps://artifacthub.io/packages/helm/wiremind/n...2.1.1An NGINX HTTP serverhttps://artifacthub.io/packages/helm/t3n/nginx0.1.1Simple nginx deployment usable for deploying pr...https://artifacthub.io/packages/helm/slamdev/nginx0.0.171.19.10 Helm chart to deploy [nginx](https://www.nginx....https://artifacthub.io/packages/helm/cocainefar...1.0.1 latest A chart to do nginx thingshttps://artifacthub.io/packages/helm/douban/nginx 0.1.2 0.16.0 A Helm chart for Kuberneteshttps://artifacthub.io/packages/helm/ingress-ng...4.0.0 1.0.0-beta.1 Ingress controller for Kubernetes using NGINX a...https://artifacthub.io/packages/helm/nginx-edge...0.0.0-edge1.12.0 NGINX Ingress Controllerhttps://artifacthub.io/packages/helm/nginx/ngin...0.10.01.12.0 NGINX Ingress Controllerhttps://artifacthub.io/packages/helm/okteto/ngi...1.41.2v0.34.1 An nginx Ingress controller that uses ConfigMap...https://artifacthub.io/packages/helm/hkube/ngin...1.31.1002 0.29.0 An nginx Ingress controller that uses ConfigMap...https://artifacthub.io/packages/helm/wenerme/in...4.0.0 1.0.0-beta.1 Ingress controller for Kubernetes using NGINX a...https://artifacthub.io/packages/helm/api/ingres...3.29.10.45.0 Ingress controller for Kubernetes using NGINX a...https://artifacthub.io/packages/helm/ngrok-ingr...0.3.0 1.16.0 Nginx example demonstrates usage of a helm char...https://artifacthub.io/packages/helm/nexclipper...0.1.3 0.1.3 A Helm chart for the Prometheus NGINX Exporterhttps://artifacthub.io/packages/helm/drpsychick...0.0.2 8-fpm-alpine A chart for an nginx pod with multiple phpfpm podshttps://artifacthub.io/packages/helm/ygqygq2/ng...1.1.0 1.14.2 Chart for the nginx serverhttps://artifacthub.io/packages/helm/bitnami-ak...5.2.4 1.17.10 Chart for the nginx serverhttps://artifacthub.io/packages/helm/ygqygq2/fa...1.0.2 V5.11 FastDFS-Nginx chart for Kuberneteshttps://artifacthub.io/packages/helm/cloudposse...0.1.8A Helm chart for Nginx Ingresshttps://artifacthub.io/packages/helm/psu-swe/ng...0.2.0 1.16.1 An nginx chart built to simply provide redirect...https://artifacthub.io/packages/helm/cocainefar...0.7.0 latest A Dockerfile for nginx-rtmp-module + FFmpeg fro...https://artifacthub.io/packages/helm/newrelic/s...1.1.1 1.1 A Helm chart for installing a simple nginxhttps://artifacthub.io/packages/helm/cloudposse...0.5.0A Helm chart for nginx-default-backend to be us...https://artifacthub.io/packages/helm/microfunct...7.5.0 0.44.0 Chart for the nginx Ingress controllerhttps://artifacthub.io/packages/helm/bitnami/ng...7.6.180.48.1 Chart for the nginx Ingress controller。。。
用浏览器查看查询结果中的https://artifacthub.io/packages/helm/bitnami/nginx
执行命令,将上图的/bitnami加入到当前helm的repo中。
$ helm repo add bitnami /bitnami"bitnami" has been added to your repositories
查看本地Helm Repo列表,确认有名为bitnami的Repo,并且其中包含nginx的Chart。
$ helm repo listNAME URLbitnami /bitnami$ helm search repo bitnami/nginxNAMECHART VERSION APP VERSIONDESCRIPTIONbitnami/nginx 9.4.2 1.21.1Chart for the nginx serverbitnami/nginx-ingress-controller 7.6.180.48.1Chart for the nginx Ingress controller
根据bitnami/nginx的Chart创建应用资源。
$ helm install my-nginx bitnami/nginx --set service.type=ClusterIPNAME: my-nginxLAST DEPLOYED: Thu Dec 24 13:03:47 NAMESPACE: helm-nginxSTATUS: deployedREVISION: 1TEST SUITE: NoneNOTES:** Please be patient while the chart is being deployed **NGINX can be accessed through the following DNS name from within your cluster:my-nginx.helm-nginx.svc.cluster.local (port 80)To access NGINX from outside the cluster, follow the steps below:1. Get the NGINX URL by running these commands:export SERVICE_PORT=$(kubectl get --namespace helm-nginx -o jsonpath="{.spec.ports[0].port}" services my-nginx)kubectl port-forward --namespace helm svc/my-nginx ${SERVICE_PORT}:${SERVICE_PORT} &echo "http://127.0.0.1:${SERVICE_PORT}"
执行命令,查看当前project中通过helm部署的Chart,确认有名为my-ngin的Chart资源。
$ helm lsNAME NAMESPACE REVISION UPDATED STATUSCHART APP VERSIONmy-nginx helm-nginx1-12-24 13:03:47.342110531 +0000 UTC deployed nginx-9.4.21.21.1
确认此时Deployment、Pod、Service等资源已经部署好。
$ oc get deployment -n helm-nginxNAME READY UP-TO-DATE AVAILABLE AGEmy-nginx 1/11 1 33m$ oc get pods -n helm-nginxNAME READY STATUSRESTARTS AGEmy-nginx-f5c84bc49-dnp7b 1/1Running021m$ $ oc get services -n helm-nginxNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S)AGEmy-nginx ClusterIP 172.30.134.59 <none> 80/TCP,443/TCP 22m
根据Service生成Route,然后用浏览器访问Route地址。
$ oc expose svc/my-nginx -n helm-nginxroute.route.openshift.io/my-nginx exposed$ oc get routes -n helm-nginxNAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARDmy-nginx my-nginx-helm-nginx.apps.cluster-pek-99bc.pek-99bc.my-nginx http None
删除my-nginx的Chart包括的相关资源以及Route资源。
$ helm uninstall my-nginxrelease "my-nginx" uninstalled$ oc delete route my-nginx -n helm-nginx$ oc get all -n helm-nginxNo resources found in helm-nginx namespace.
使用本地Helm Repo安装部署应用
创建新项目$ oc new-project helm-mysql
下载项目Repo到本地
$ git clone /liuxiaoyu-git/helm-repoCloning into 'helm-repo'...remote: Enumerating objects: 39, done.remote: Total 39 (delta 0), reused 0 (delta 0), pack-reused 39Unpacking objects: 100% (39/39), done.
根据本地Repo安装mysql应用
$ helm install mysql ./helm-repo/incubator/mysqlNAME: mysql LAST DEPLOYED: Mon Mar 2 07:02:53 NAMESPACE: helm-mysql STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: MySQL can be accessed via port 3306 on the following DNS name from within your cluster: mysql-mysql.helm-mysql.svc.cluster.local To get your root password run:MYSQL_ROOT_PASSWORD=$(oc get secret --namespace helm-mysql mysql-mysql -o jsonpath="{.data.database-root-password}" | base64 --decode; echo)To know your database: MYSQL_DATABASE=$(oc get secret --namespace helm-mysql mysql-mysql -o jsonpath="{.data.database-name}" | base64 --decode; echo) To connect to your database: (1). Run an Centos pod that you can use as a client:oc run -i --rm --tty centos --image=centos/mysql-57-centos7 --restart=Never -- bash -il (2). Connect using the mysql cli, then provide your password:$ mysql -h mysql-mysql.helm-mysql.svc.cluster.local -u root -p${MYSQL_ROOT_PASSWORD} ${MYSQL_DATABASE} To connect to your database directly from outside the K8s cluster: MYSQL_HOST=127.0.0.1 MYSQL_PORT=3306## Execute the following commands to route the connection: export POD_NAME=$(oc get pods --namespace helm-mysql -l "app=mysql-mysql" -o jsonpath="{.items[0].metadata.name}"; echo)oc port-forward --namespace helm-mysql $POD_NAME 3306:3306 mysql -h ${MYSQL_HOST} -P${MYSQL_PORT} -u root -p${MYSQL_ROOT_PASSWORD} ${MYSQL_DATABASE}
查看应用的Pod运行部署状态
$ oc get pod -n helm-mysqlNAME READY STATUS RESTARTS AGEmysql-mysql-7dd478658f-cxjhh 1/1Running 034m
定制Helm Chart
创建新的Helm Chart
在my-chart-nginx项目中创建名为my-chart-nginx的Chart。$ oc new-project my-chart-nginx$ helm create my-chart-nginx
查看Helm创建的my-chart目录包括的资源。
$ tree my-chart-nginxmy-chart-nginx├── charts├── Chart.yaml├── templates│ ├── deployment.yaml│ ├── _helpers.tpl│ ├── hpa.yaml│ ├── ingress.yaml│ ├── NOTES.txt│ ├── serviceaccount.yaml│ ├── service.yaml│ └── tests│ └── test-connection.yaml└── values.yaml3 directories, 10 files
为了简化,可以删除以下不必要的配置文件。
$ rm my-chart-nginx/templates/hpa.yaml$ rm my-chart-nginx/templates/ingress.yaml$ rm my-chart-nginx/templates/NOTES.txt$ rm my-chart-nginx/templates/serviceaccount.yaml
修改my-chart-nginx/templates/deployment.yaml文件,确保文件为以下内容:
apiVersion: apps/v1kind: Deploymentmetadata:name: {{include "my-chart-nginx.fullname" . }}labels:app.kubernetes.io/name: {{include "my-chart-nginx.name" . }}helm.sh/chart: {{include "my-chart-nginx.chart" . }}app.kubernetes.io/instance: {{.Release.Name }}app.kubernetes.io/managed-by: {{.Release.Service }}spec:replicas: {{.Values.replicaCount }}selector:matchLabels:app.kubernetes.io/name: {{include "my-chart-nginx.name" . }}app.kubernetes.io/instance: {{.Release.Name }}template:metadata:labels:app.kubernetes.io/name: {{include "my-chart-nginx.name" . }}app.kubernetes.io/instance: {{.Release.Name }}spec:containers:- name: {{.Chart.Name }}image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"imagePullPolicy: {{.Values.image.pullPolicy }}ports:- name: httpcontainerPort: 8080protocol: TCP
修改my-chart-nginx/templates/service.yaml文件,确保文件为以下内容:
apiVersion: v1kind: Servicemetadata:name: {{include "my-chart-nginx.fullname" . }}labels:app.kubernetes.io/name: {{include "my-chart-nginx.name" . }}helm.sh/chart: {{include "my-chart-nginx.chart" . }}app.kubernetes.io/instance: {{.Release.Name }}app.kubernetes.io/managed-by: {{.Release.Service }}spec:type: {{.Values.service.type }}ports:- port: {{.Values.service.port }}targetPort: httpprotocol: TCPname: httpselector:app.kubernetes.io/name: {{include "my-chart-nginx.name" . }}app.kubernetes.io/instance: {{.Release.Name }}
编辑my-chart-nginx/values.yaml文件,确保image部分的内容为以下内容。
replicaCount: 1image:repository: "bitnami/nginx"tag: "latest"pullPolicy: IfNotPresentservice:type: NodePortport: 80
执行命令检查Chart目录中资源。
$ helm lint ./my-chart-nginx/==> Linting ./my-chart-nginx/[INFO] Chart.yaml: icon is recommended1 chart(s) linted, 0 chart(s) failed
执行命令,根据my-chart创建资源。
$ helm install my-chart-nginx ./my-chart-nginxNAME: my-chart-nginxLAST DEPLOYED: Fri Dec 25 03:01:02 NAMESPACE: my-chart-nginxSTATUS: deployedREVISION: 1
执行命令,查看helm部署的Chart。
$ helm ls NAME NAMESPACE REVISION UPDATED STATUSCHART APP VERSIONmy-chart-nginx my-chart-nginx 1-12-25 03:01:02.016558706 +0000 UTC deployed my-chart-nginx-0.1.0 1.16.0
查看通过Chart部署的资源。
$ oc get all -n my-chart-nginxNAME READY STATUS RESTARTS AGEpod/my-chart-nginx-6d5876c89b-svx9w 1/1Running 0108sNAME TYPE CLUSTER-IPEXTERNAL-IP PORT(S) AGEservice/my-chart-nginx NodePort 172.30.83.106 <none> 80:31047/TCP 108sNAME READY UP-TO-DATE AVAILABLE AGEdeployment.apps/my-chart-nginx 1/11 1 108sNAMEDESIRED CURRENT READY AGEreplicaset.apps/my-chart-nginx-6d5876c89b 1 1 1 108s
生成Route,然后用浏览器访问route
$ oc expose svc my-chart-nginx -n my-chart-nginxroute.route.openshift.io/my-chart-nginx exposed$ oc get route -n my-chart-nginxNAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARDmy-chart-nginx my-chart-nginx-my-chart-nginx.apps.cluster-pek-99bc.pek-99bc.my-chart-nginx http None
修改更新Helm Chart
删除刚刚手动创建的Route对象$ oc delete route my-chart-nginx -n my-chart-nginx
新建内容如下的my-chart-nginx/templates/routes.yaml文件
apiVersion: route.openshift.io/v1kind: Routemetadata:name: {{include "my-chart-nginx.fullname" . }}labels:{{- include "my-chart-nginx.labels" . | nindent 4 }}spec:port:targetPort: httpto:kind: Servicename: {{include "my-chart-nginx.fullname" . }}weight: 100wildcardPolicy: None
执行命令,更新Helm Chart
$ helm upgrade my-chart-nginx ./my-chart-nginxRelease "my-chart-nginx" has been upgraded. Happy Helming!NAME: my-chart-nginxLAST DEPLOYED: Fri Dec 25 03:11:19 NAMESPACE: my-chart-nginxSTATUS: deployedREVISION: 2
确认已经Helm创建出Route类型对象。
$ oc get route -n my-chart-nginxNAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARDmy-chart-nginx my-chart-nginx-my-chart-nginx.apps.cluster-pek-99bc.pek-99bc.my-chart-nginx http None
回退Helm Chart配置
进入OpenShift的“开发者”视图的“Helm”菜单,然后进入my-chart-nginx,在“Helm 修改历史”中可以看到Helm每次更新的记录。在my-chart-nginx的“资源”中可查看通过Helm Chart创建的资源。
点击上图“操作”下拉菜单中的“回滚”项目,此时界面将显示下图。选中“修订”为“1”的版本,然后点击“回滚”按钮。
此时再次查看my-chart-nginx的“资源”,确认Route资源已经没有了。这说明Helm Chart已经回退到最开始的配置了。
再次查看my-chart-nginx的“Helm 修改历史”,确认“修订”当前版本为“3”。根据描述,“3”版是从“1”版回滚的。
参考
/developing-on-openshift/helm/
/container-platform/4.6/cli_reference/helm_cli/getting-started-with-helm-on-openshift-container-platform.html
/kubernetes-helm