Helm 是 Kubernetes 的包管理工具,类似于 Linux 系统中的 apt、yum 或者 Python 中的 pip。它可以帮助你:
- 定义、安装和升级 Kubernetes 应用
- 管理 Kubernetes 资源的模板化部署(使用模板语言)
- 通过 Charts 来打包和分发应用
Helm核心概念
-
Chart:封装Kubernetes应用的打包文件,包含
YAML模板、配置文件(values.yaml)和元数据(Chart.yaml)[^2^][^3^]。 -
Release:Chart在集群中的运行实例,支持多版本管理和回滚[^3^][^4^]。
-
Values:用于自定义Chart配置的参数,通过
values.yaml或命令行传递[^2^][^3^]。 -
Repository:存储和共享Chart的远程仓库,类似Python的PyPI[^3^][^4^]。
1 Helm安装步骤
- 下载客户端
- Helm 3(推荐版本):
- Helm 3(推荐版本):
wget https://get.helm.sh/helm-v3.18.2-linux-amd64.tar.gz
[root@master231 ~]# tar xf helm-v3.18.2-linux-amd64.tar.gz -C /usr/local/bin/ linux-amd64/helm –strip-components=1
[root@master231 ~]#
[root@master231 ~]# ll /usr/local/bin/helm
-rwxr-xr-x 1 1001 fwupd-refresh 59683000 Jun 2 21:00 /usr/local/bin/helm*
[root@master231 ~]#
[root@master231 ~]# helm version
[root@master231 ~]# helm completion bash > /etc/bash_completion.d/helm
[root@master231 ~]# source /etc/bash_completion.d/helm
[root@master231 ~]# echo ‘source /etc/bash_completion.d/helm’ >> ~/.bashrc
“`
2 基本操作
2.1 Chart基本管理
1.创建Chart
[root@master231 helm-Chart]# helm create test
Creating test
2.查看Chart结构
[root@master231 helm-Chart]# tree test/
test/
├── charts # 包含chart依赖的其他chart
├── Chart.yaml # 包含了chart信息的YAML文件
├── templates # 模板目录, 当和values 结合时,可生成有效的Kubernetes manifest文件
│ ├── deployment.yaml
│ ├── _helpers.tpl
│ ├── hpa.yaml
│ ├── ingress.yaml
│ ├── NOTES.txt # 可选: 包含简要使用说明的纯文本文件
│ ├── serviceaccount.yaml
│ ├── service.yaml
│ └── tests
│ └── test-connection.yaml
└── values.yaml # chart 默认的配置值
3.修改默认的values.yaml
[root@master231 helm-Chart]# grep "repository:" test/values.yaml
repository: nginx
[root@master231 helm-Chart]#
[root@master231 helm-Chart]# sed -i "/repository\:/s#nginx#registry.cn-hangzhou.aliyuncs.com/cmy-k8s/apps#" test/values.yaml
[root@master231 helm-Chart]# sed -ri '/tag\:/s#tag: ""#tag: v1#' test/values.yaml
4.基于Chart安装服务发行Release
[root@master231 helm-Chart]# helm install test test
NAME: test
LAST DEPLOYED: Tue Jun 10 09:28:35 2025
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
1. Get the application URL by running these commands:
export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=test,app.kubernetes.io/instance=test" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace default $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl --namespace default port-forward $POD_NAME 8080:$CONTAINER_PORT
[root@master231 helm-Chart]#
5.查看服务
[root@master231 helm-Chart]# helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
test default 1 2025-06-10 09:28:35.148003139 +0800 CST deployed test-0.1.0 1.16.0
[root@master231 helm-Chart]#
[root@master231 helm-Chart]# kubectl get deploy,svc,pods
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/test-test 1/1 1 1 2m4s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.200.0.1 <none> 443/TCP 10d
service/test-test ClusterIP 10.200.75.36 <none> 80/TCP 2m4s
NAME READY STATUS RESTARTS AGE
pod/test-test-dc8c665ff-29rjt 1/1 Running 0 2m4s
6.卸载服务
[root@master231 helm-Chart]# helm uninstall test
release "test" uninstalled
[root@master231 helm-Chart]#
[root@master231 helm-Chart]# helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
[root@master231 helm-Chart]#
[root@master231 helm-Chart]# kubectl get deploy,svc,po
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.200.0.1 <none> 443/TCP 10d
[root@master231 helm-Chart]#
2.2 helm的两种升级方式
不更改 Chart 版本,而是通过修改配置(比如 values.yaml 文件或者使用 --set 参数)来调整应用的运行参数,从而实现“逻辑上的升级”。
基于文件方式升级
helm upgrade test -f test/values.yaml test/
基于环境变量方式升级
helm upgrade test --set replicaCount=5,image.tag=v3 test
2.3 helm的回滚
helm的回滚实战
1.查看RELEASE历史版本
[root@master231 helm-Chart]# helm history test
REVISION UPDATED STATUS CHART APP VERSION DESCRIPTION
1 Tue Jun 10 10:10:45 2025 superseded test-0.1.0 1.16.0 Install complete
2 Tue Jun 10 10:13:59 2025 superseded test-0.1.0 1.16.0 Upgrade complete
3 Tue Jun 10 10:16:22 2025 deployed test-0.1.0 1.16.0 Upgrade complete
[root@master231 helm-Chart]#
2.回滚到上一个版本
[root@master231 helm-Chart]# helm rollback test
Rollback was a success! Happy Helming!
3.回滚到指定版本
[root@master231 helm-Chart]# helm history test
REVISION UPDATED STATUS CHART APP VERSION DESCRIPTION
1 Tue Jun 10 10:10:45 2025 superseded test-0.1.0 1.16.0 Install complete
2 Tue Jun 10 10:13:59 2025 superseded test-0.1.0 1.16.0 Upgrade complete
3 Tue Jun 10 10:16:22 2025 superseded test-0.1.0 1.16.0 Upgrade complete
4 Tue Jun 10 10:18:29 2025 superseded test-0.1.0 1.16.0 Rollback to 2
5 Tue Jun 10 10:21:20 2025 deployed test-0.1.0 1.16.0 Rollback to 3
[root@master231 helm-Chart]#
[root@master231 helm-Chart]#
[root@master231 helm-Chart]# helm rollback test 1
Rollback was a success! Happy Helming!
[root@master231 helm-Chart]#
[root@master231 helm-Chart]# helm history test
REVISION UPDATED STATUS CHART APP VERSION DESCRIPTION
1 Tue Jun 10 10:10:45 2025 superseded test-0.1.0 1.16.0 Install complete
2 Tue Jun 10 10:13:59 2025 superseded test-0.1.0 1.16.0 Upgrade complete
3 Tue Jun 10 10:16:22 2025 superseded test-0.1.0 1.16.0 Upgrade complete
4 Tue Jun 10 10:18:29 2025 superseded test-0.1.0 1.16.0 Rollback to 2
5 Tue Jun 10 10:21:20 2025 superseded test-0.1.0 1.16.0 Rollback to 3
6 Tue Jun 10 10:22:35 2025 deployed test-0.1.0 1.16.0 Rollback to 1
[root@master231 helm-Chart]#
3 helm自定义chart
3.1 环境准备
- helm环境准备
1.安装helm环境
略,见视频。
2.创建Chart
[root@master231 Chart]# helm create cmy-linux
3.清空目录结构
[root@master231 Chart]# rm -rf cmy-linux/templates/*
[root@master231 Chart]#
[root@master231 Chart]# > cmy-linux/values.yaml
[root@master231 Chart]#
[root@master231 Chart]# tree cmy-linux/
cmy-linux/
├── charts
├── Chart.yaml
├── templates
└── values.yaml
2 directories, 2 files
[root@master231 Chart]#
4.准备资源清单
[root@master231 Chart]# tree cmy-linux/
cmy-linux/
├── charts
├── Chart.yaml
├── templates
│ ├── configmaps.yaml
│ ├── deployments.yaml
│ ├── hpa.yaml
│ ├── ingress.yaml
│ └── service.yaml
└── values.yaml
2 directories, 7 files
[root@master231 Chart]#
[root@master231 Chart]# cat > cmy-linux/templates/deployments.yaml << EOF
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-xiuxian
spec:
replicas: 3
selector:
matchLabels:
app: xiuxian
template:
metadata:
labels:
app: xiuxian
spec:
volumes:
- name: data
configMap:
name: cm-xiuxian
items:
- key: default.conf
path: default.conf
containers:
- image: registry.cn-hangzhou.aliyuncs.com/cmy-k8s/apps:v1
ports:
- containerPort: 80
volumeMounts:
- name: data
mountPath: /etc/nginx/conf.d/default.conf
subPath: default.conf
name: c1
livenessProbe:
failureThreshold: 8
httpGet:
path: /
port: 80
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 15
readinessProbe:
failureThreshold: 3
httpGet:
path: /
port: 80
periodSeconds: 1
timeoutSeconds: 15
resources:
requests:
cpu: 0.2
memory: 200Mi
limits:
cpu: 0.5
memory: 300Mi
EOF
[root@master231 Chart]# cat > cmy-linux/templates/configmaps.yaml << EOF
apiVersion: v1
kind: ConfigMap
metadata:
name: cm-xiuxian
data:
default.conf: |
server {
listen 80;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
EOF
[root@master231 Chart]# cat > cmy-linux/templates/hpa.yaml << EOF
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
name: deploy-xiuxian
spec:
maxReplicas: 5
minReplicas: 2
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: deploy-xiuxian
EOF
[root@master231 Chart]# cat > cmy-linux/templates/service.yaml << EOF
apiVersion: v1
kind: Service
metadata:
name: svc-xiuxian
spec:
clusterIP: 10.200.20.25
ports:
- port: 80
selector:
app: xiuxian
type: NodePort
EOF
[root@master231 Chart]# cat > cmy-linux/templates/ingress.yaml << EOF
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ing-xiuxian
spec:
ingressClassName: traefik-server
rules:
- host: xiuxian.cmy.com
http:
paths:
- backend:
service:
name: svc-xiuxian
port:
number: 80
path: /
pathType: Prefix
EOF
[root@master231 Charts]# tree cmy-linux/
cmy-linux/
├── charts
├── Chart.yaml
├── templates
│ ├── configmaps.yaml
│ ├── deployments.yaml
│ ├── hpa.yaml
│ ├── ingress.yaml
│ └── service.yaml
└── values.yaml
2 directories, 7 files
[root@master231 Charts]#
5.安装测试
[root@master231 Charts]# helm install myapp cmy-linux -n kube-public
NAME: myapp
LAST DEPLOYED: Thu Jun 12 15:53:04 2025
NAMESPACE: kube-public
STATUS: deployed
REVISION: 1
TEST SUITE: None
[root@master231 Charts]#
[root@master231 Charts]# helm -n kube-public list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
myapp kube-public 1 2025-06-12 15:53:04.43529251 +0800 CST deployed cmy-linux-0.1.0 1.16.0
[root@master231 Charts]#
[root@master231 Charts]# kubectl get deploy,svc,hpa,cm,po -n kube-public
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/deploy-xiuxian 3/3 3 3 14s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/svc-xiuxian NodePort 10.200.20.25 <none> 80:49248/TCP 14s
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
horizontalpodautoscaler.autoscaling/deploy-xiuxian Deployment/deploy-xiuxian <unknown>/80% 2 5 0 14s
NAME DATA AGE
configmap/cm-xiuxian 1 14s
configmap/kube-root-ca.crt 1 65s
NAME READY STATUS RESTARTS AGE
pod/deploy-xiuxian-7f95b8844f-7q7vl 1/1 Running 0 14s
pod/deploy-xiuxian-7f95b8844f-8q8h4 1/1 Running 0 14s
pod/deploy-xiuxian-7f95b8844f-b8w4v 1/1 Running 0 14s
[root@master231 Charts]#
[root@master231 Charts]# tree cmy-linux/
cmy-linux/
├── charts
├── Chart.yaml
├── templates
│ ├── configmaps.yaml
│ ├── deployments.yaml
│ ├── hpa.yaml
│ ├── ingress.yaml
│ └── service.yaml
└── values.yaml
2 directories, 7 files
[root@master231 Charts]#
3.2 Chart的基本信息定义
- Chart的基本信息定义
1.卸载服务
[root@master231 Charts]# helm list -n kube-public
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
myapp kube-public 1 2025-06-12 15:53:04.43529251 +0800 CST deployed cmy-linux-0.1.0 1.16.0
[root@master231 Charts]#
[root@master231 Charts]# helm -n kube-public uninstall myapp
release "myapp" uninstalled
[root@master231 Charts]#
[root@master231 Charts]# helm list -n kube-public
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
[root@master231 Charts]#
2.修改Chart.yaml文件
[root@master231 Chart]# cat > cmy-linux/Chart.yaml <<'EOF'
# 指定Chart的版本,一般无需修改。
apiVersion: v2
# 指定Chart的名称
name: cmy-linux
# 表示Chart描述信息,描述此Chart的作用
description: cmy Linux Kubernetes helm case demo。
# 指定Chart的类型,有效值为: application和library
# application:
# 此类型的Chart可以被独立部署,打包等。
# library:
# 无法被独立部署。但可以被application类型的Chart进行引用。
type: application
# 定义当前Chart版本,建议命令遵循: https://semver.org/
# 核心语法: MAJOR.MINOR.PATCH
# MAJOR: 进行不兼容的API更改时的主要版本,对应的大版本变化。
# MINOR: 在大版本(MAJOR)架构基础之上新增各种功能。
# PATCH: 修复功能的各种BUG,说白了,就是各种打补丁。
version: 25.06.12
# 表示当前正在部署的Release发行版本。
appVersion: "v1.2.0"
EOF
3.部署测试
[root@master231 Charts]# helm -n kube-public list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
[root@master231 Charts]#
[root@master231 Charts]# helm -n kube-public install myapp cmy-linux
NAME: myapp
LAST DEPLOYED: Thu Jun 12 16:05:32 2025
NAMESPACE: kube-public
STATUS: deployed
REVISION: 1
TEST SUITE: None
[root@master231 Charts]#
[root@master231 Charts]# helm -n kube-public list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
myapp kube-public 1 2025-06-12 16:05:32.907562031 +0800 CST deployed cmy-linux-25.06.12 v1.2.0
[root@master231 Charts]#
[root@master231 Charts]#
3.3 自定义values变量引用
1.values.yaml配置文件说明
可以自定义字段在values.yaml文件中。
在templates目录下的所有资源清单均可以基于jija2语法引用values.yaml文件的自定义字段。
2.实战案例
2.1 修改values文件内容
[root@master231 Chart]# cat > cmy-linux/values.yaml <<EOF
service:
port: 90
EOF
2.2 templates目录下的资源清单进行引用
[root@master231 Chart]# tree cmy-linux/
cmy-linux/
├── charts
├── Chart.yaml
├── templates
│ ├── configmaps.yaml
│ ├── deployments.yaml
│ ├── hpa.yaml
│ ├── ingress.yaml
│ └── service.yaml
└── values.yaml
2 directories, 7 files
[root@master231 Chart]#
[root@master231 Chart]# cat > cmy-linux/templates/configmaps.yaml <<'EOF'
apiVersion: v1
kind: ConfigMap
metadata:
name: cm-xiuxian
data:
default.conf: |
server {
listen {{ .Values.service.port }};
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
EOF
[root@master231 Chart]# cat > cmy-linux/templates/deployments.yaml <<'EOF'
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-xiuxian
spec:
replicas: 3
selector:
matchLabels:
app: xiuxian
template:
metadata:
labels:
app: xiuxian
spec:
volumes:
- name: data
configMap:
name: cm-xiuxian
items:
- key: default.conf
path: default.conf
containers:
- image: registry.cn-hangzhou.aliyuncs.com/cmy-k8s/apps:v1
ports:
- containerPort: {{ .Values.service.port }}
volumeMounts:
- name: data
mountPath: /etc/nginx/conf.d/default.conf
subPath: default.conf
name: c1
livenessProbe:
failureThreshold: 8
httpGet:
path: /
port: {{ .Values.service.port }}
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 15
readinessProbe:
failureThreshold: 3
httpGet:
path: /
port: {{ .Values.service.port }}
periodSeconds: 1
timeoutSeconds: 15
resources:
requests:
cpu: 0.2
memory: 200Mi
limits:
cpu: 0.5
memory: 300Mi
EOF
[root@master231 Chart]# cat > cmy-linux/templates/service.yaml <<'EOF'
apiVersion: v1
kind: Service
metadata:
name: svc-xiuxian
spec:
clusterIP: 10.200.20.25
ports:
- port: {{ .Values.service.port }}
selector:
app: xiuxian
type: NodePort
EOF
[root@master231 Chart]# cat > cmy-linux/templates/ingress.yaml <<'EOF'
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ing-xiuxian
spec:
ingressClassName: traefik-server
rules:
- host: xiuxian.cmy.com
http:
paths:
- backend:
service:
name: svc-xiuxian
port:
number: {{ .Values.service.port }}
path: /
pathType: Prefix
EOF
2.3 安装服务
[root@master231 Charts]# helm -n kube-public install myapp cmy-linux
NAME: myapp
LAST DEPLOYED: Thu Jun 12 16:15:13 2025
NAMESPACE: kube-public
STATUS: deployed
REVISION: 1
TEST SUITE: None
[root@master231 Charts]#
[root@master231 Charts]# helm -n kube-public list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
myapp kube-public 1 2025-06-12 16:15:13.890129594 +0800 CST deployed cmy-linux-25.06.12 v1.2.0
[root@master231 Charts]#
[root@master231 Charts]#
2.4 测试访问
[root@master231 ~]# kubectl -n kube-public get deploy,hpa,svc,po -o wide
NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR
deployment.apps/deploy-xiuxian 3/3 3 3 20s c1 registry.cn-hangzhou.aliyuncs.com/cmy-k8s/apps:v1 app=xiuxian
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
horizontalpodautoscaler.autoscaling/deploy-xiuxian Deployment/deploy-xiuxian <unknown>/80% 2 5 0 20s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
service/svc-xiuxian NodePort 10.200.20.25 <none> 90:9694/TCP 20s app=xiuxian
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
pod/deploy-xiuxian-77f65bc6dd-6v6jx 1/1 Running 0 20s 10.100.203.155 worker232 <none> <none>
pod/deploy-xiuxian-77f65bc6dd-kmffc 1/1 Running 0 20s 10.100.140.127 worker233 <none> <none>
pod/deploy-xiuxian-77f65bc6dd-xjs8f 1/1 Running 0 20s 10.100.160.184 master231 <none> <none>
[root@master231 ~]#
[root@master231 ~]#
[root@master231 ~]# curl 10.200.20.25:90
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
<title>cmy apps v1</title>
<style>
div img {
width: 900px;
height: 600px;
margin: 0;
}
</style>
</head>
<body>
<h1 style="color: green">凡人修仙传 v1 </h1>
<div>
<img src="1.jpg">
<div>
</body>
</html>
[root@master231 ~]#
2.5 卸载服务
[root@master231 Chart]# helm uninstall myapp
release "myapp" uninstalled
[root@master231 Chart]#
[root@master231 Chart]# helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
[root@master231 Chart]#
3.4 基于NOTES配置安装文档
参考链接:
https://helm.sh/zh/docs/chart_template_guide/notes_files/
1.NOTES.txt概述
NOTES.txt功能主要是为chart添加安装说明。
该文件是纯文本,但会像模板一样处理, 所有正常的模板函数和对象都是可用的。
2.实战案例
2.1 添加NOTES.txt文件
[root@master231 Chart]# cat > cmy-linux/templates/NOTES.txt <<'EOF'
###########################################################
###########################################################
Duang~恭喜您,服务部署成功啦~
当前的部署的信息如下:
Chart名称: {{ .Chart.Name }}
Chart版本: {{ .Chart.Version }}
Release名称: {{ .Release.Name }}
K8S集群内部可以使用如下命令测试:
ClusterIP=$(kubectl -n kube-public get svc svc-xiuxian -o jsonpath='{.spec.clusterIP}')
curl ${ClusterIP}:{{ .Values.service.port }}
EOF
2.2 安装测试
[root@master231 Charts]# helm -n kube-public install myapp cmy-linux
NAME: myapp
LAST DEPLOYED: Thu Jun 12 16:27:12 2025
NAMESPACE: kube-public
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
###########################################################
Duang~恭喜您,服务部署成功啦~
当前的部署的信息如下:
Chart名称: cmy-linux
Chart版本: 25.06.12
Release名称: myapp
K8S集群内部可以使用如下命令测试:
ClusterIP=$(kubectl -n kube-public get svc svc-xiuxian -o jsonpath='{.spec.clusterIP}')
curl ${ClusterIP}:100
[root@master231 Charts]#
[root@master231 Charts]# ClusterIP=$(kubectl -n kube-public get svc svc-xiuxian -o jsonpath='{.spec.clusterIP}')
[root@master231 Charts]# curl ${ClusterIP}:100
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
<title>cmy apps v1</title>
<style>
div img {
width: 900px;
height: 600px;
margin: 0;
}
</style>
</head>
<body>
<h1 style="color: green">凡人修仙传 v1 </h1>
<div>
<img src="1.jpg">
<div>
</body>
</html>
[root@master231 Charts]#
3.卸载服务
[root@master231 Charts]# helm uninstall myapp -n kube-public
release "myapp" uninstalled
[root@master231 Charts]#
[root@master231 Charts]# helm -n kube-public list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
[root@master231 Charts]#
3.5 helm的函数篇(进阶)
helm的函数篇(进阶)
参考链接:
https://helm.sh/zh/docs/chart_template_guide/function_list/
1.helm概述概述
说白了,就是一系列处理文本的功能函数。
2.实战案例
[root@master231 Chart]# cat > cmy-linux/values.yaml <<EOF
service:
port: 90
deployments:
image: registry.cn-hangzhou.aliyuncs.com/cmy-k8s/apps
tag: v1
env:
school: cmy
class: linux97
probe:
enable: true
code:
livenessProbe:
failureThreshold: 8
httpGet:
path: /
port: 90
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 15
readinessProbe:
failureThreshold: 3
httpGet:
path: /
port: 90
periodSeconds: 1
timeoutSeconds: 15
resources:
requests:
cpu: 0.2
memory: 200Mi
limits:
cpu: 0.5
memory: 300Mi
EOF
[root@master231 Chart]# cat > cmy-linux/templates/deployments.yaml <<'EOF'
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-xiuxian
spec:
replicas: 3
selector:
matchLabels:
app: xiuxian
template:
metadata:
labels:
app: xiuxian
spec:
volumes:
- name: data
configMap:
name: cm-xiuxian
items:
- key: default.conf
path: default.conf
containers:
- image: "{{ .Values.deployments.image }}:{{ .Values.deployments.tag}}"
env:
- name: XIXI
value: {{ .Values.deployments.env.school | upper }}
- name: HAHA
value: {{ .Values.deployments.env.class | title | indent 4 }}
- name: HEHE
value: {{ .Values.service.port | quote }}
ports:
- containerPort: {{ .Values.service.port }}
volumeMounts:
- name: data
mountPath: /etc/nginx/conf.d/default.conf
subPath: default.conf
name: c1
{{- toYaml .Values.probe.code | nindent 8}}
EOF
3.测试验证
[root@master231 Charts]# helm -n kube-public install myapp cmy-linux --dry-run=client
3.6 helm的流程控制(进阶)
参考链接:
https://helm.sh/zh/docs/chart_template_guide/control_structures/
1.流程控制
可以进行判断,遍历等操作。
2.实战案例
[root@master231 Chart]# cat > cmy-linux/values.yaml <<EOF
service:
port: 90
# kind: NodePort
kind: LoadBalancer
deployments:
image: registry.cn-hangzhou.aliyuncs.com/cmy-k8s/apps
tag: v1
env:
school: cmy
class: linux97
probe:
# enable: true
enable: false
code:
livenessProbe:
failureThreshold: 8
httpGet:
path: /
port: 90
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 15
readinessProbe:
failureThreshold: 3
httpGet:
path: /
port: 90
periodSeconds: 1
timeoutSeconds: 15
resources:
requests:
cpu: 0.2
memory: 200Mi
limits:
cpu: 0.5
memory: 300Mi
jianshenTopics:
- pulati
- quanji
- suxing
- lashen
- zengji
- youyang
EOF
[root@master231 Chart]# cat > cmy-linux/templates/deployments.yaml <<EOF
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-xiuxian
spec:
replicas: 3
selector:
matchLabels:
app: xiuxian
template:
metadata:
labels:
app: xiuxian
spec:
volumes:
- name: data
configMap:
name: cm-xiuxian
items:
- key: default.conf
path: default.conf
containers:
- image: "{{ .Values.deployments.image }}:{{ .Values.deployments.tag}}"
env:
{{- with .Values.deployments.env }}
- name: XIXI
value: {{ .school | upper }}
- name: HAHA
value: {{ .class | title | indent 4 }}
{{- end }}
- name: HEHE
value: {{ .Values.service.port | quote }}
ports:
- containerPort: {{ .Values.service.port }}
volumeMounts:
- name: data
mountPath: /etc/nginx/conf.d/default.conf
subPath: default.conf
name: c1
{{- if .Values.probe.enable }}
{{- toYaml .Values.probe.code | nindent 8}}
{{- end }}
EOF
[root@master231 Chart]# cat > cmy-linux/templates/configmaps.yaml <<EOF
apiVersion: v1
kind: ConfigMap
metadata:
name: cm-xiuxian
data:
default.conf: |
server {
listen {{ .Values.service.port }};
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
jianshenTopics: |
{{- range .Values.jianshenTopics }}
- {{ . | title | quote }}
{{- end }}
EOF
[root@master231 Chart]# cat > cmy-linux/templates/service.yaml <<EOF
apiVersion: v1
kind: Service
metadata:
name: svc-xiuxian
spec:
clusterIP: 10.200.20.25
{{- if eq .Values.service.kind "NodePort" }}
type: {{ .Values.service.kind }}
ports:
- port: {{ .Values.service.port }}
nodePort: 30090
{{- else if eq .Values.service.kind "LoadBalancer" }}
type: {{ .Values.service.kind }}
ports:
- port: {{ .Values.service.port }}
nodePort: 30110
{{- else }}
type: {{ .Values.service.kind }}
ports:
- port: {{ .Values.service.port }}
{{- end }}
selector:
app: xiuxian
EOF
3.测试脚本
[root@master231 Charts]# helm install myapp cmy-linux --dry-run=client
3.7 helm自定义模板实战案例
参考链接:
https://helm.sh/zh/docs/chart_template_guide/named_templates/
1.自定义模板文件
_helpers.tpl用于存放自定义的模板文件。
2.参考案例
[root@master231 Chart]# cat > cmy-linux/templates/_helpers.tpl <<EOF
{{- define "cmy-deploy" }}
replicas: 3
selector:
matchLabels:
app: xiuxian
template:
metadata:
labels:
app: xiuxian
spec:
volumes:
- name: data
configMap:
name: cm-xiuxian
items:
- key: default.conf
path: default.conf
containers:
- image: "{{ .Values.deployments.image }}:{{ .Values.deployments.tag}}"
env:
{{- with .Values.deployments.env }}
- name: XIXI
value: {{ .school | upper }}
- name: HAHA
value: {{ .class | title | indent 4 }}
{{- end }}
- name: HEHE
value: {{ .Values.service.port | quote }}
ports:
- containerPort: {{ .Values.service.port }}
volumeMounts:
- name: data
mountPath: /etc/nginx/conf.d/default.conf
subPath: default.conf
name: c1
{{- if .Values.probe.enable }}
{{- toYaml .Values.probe.code | nindent 8}}
{{- end }}
{{- end }}
EOF
[root@master231 Chart]# cat > cmy-linux/templates/deployments.yaml <<EOF
apiVersion: apps/v1
kind: Deployment
metadata:
name: deploy-xiuxian
spec:
{{- template "cmy-deploy" . }}
EOF
3.测试脚本
[root@master231 Charts]# tree
.
└── cmy-linux
├── charts
├── Chart.yaml
├── templates
│ ├── configmaps.yaml
│ ├── deployments.yaml
│ ├── _helpers.tpl
│ ├── hpa.yaml
│ ├── ingress.yaml
│ ├── NOTES.txt
│ └── service.yaml
└── values.yaml
3 directories, 9 files
[root@master231 Charts]#
[root@master231 Charts]# helm install myapp cmy-linux --dry-run=client
3.8 helm的打包并推送到harbor仓库
- helm的打包并推送到harbor仓库
1.harbor创建项目
建议项目名称为 "cmy-helm"
2.打包Chart
[root@master231 Charts]# ll
total 12
drwxr-xr-x 3 root root 4096 Jun 12 15:45 ./
drwxr-xr-x 32 root root 4096 Jun 12 15:44 ../
drwxr-xr-x 4 root root 4096 Jun 12 17:13 cmy-linux/
[root@master231 Charts]#
[root@master231 Charts]# helm package cmy-linux
Successfully packaged chart and saved it to: /cmy/manifests/Charts/cmy-linux-25.06.12.tgz
[root@master231 Charts]#
[root@master231 Charts]# ll
total 16
drwxr-xr-x 3 root root 4096 Jun 12 17:20 ./
drwxr-xr-x 32 root root 4096 Jun 12 15:44 ../
drwxr-xr-x 4 root root 4096 Jun 12 17:13 cmy-linux/
-rw-r--r-- 1 root root 2350 Jun 12 17:20 cmy-linux-25.06.12.tgz
[root@master231 Charts]#
[root@master231 Charts]# tar tf cmy-linux-25.06.12.tgz
cmy-linux/Chart.yaml
cmy-linux/values.yaml
cmy-linux/templates/NOTES.txt
cmy-linux/templates/_helpers.tpl
cmy-linux/templates/configmaps.yaml
cmy-linux/templates/deployments.yaml
cmy-linux/templates/hpa.yaml
cmy-linux/templates/ingress.yaml
cmy-linux/templates/service.yaml
cmy-linux/.helmignore
[root@master231 Charts]#
3.跳过证书校验并配置认证信息
[root@master231 Charts]# helm push cmy-linux-25.06.12.tgz oci://harbor250.cmy.com/cmy-helm --username admin --password 1 --insecure-skip-tls-verify
Pushed: harbor250.cmy.com/cmy-helm/cmy-linux:25.06.12
Digest: sha256:efe44993f6fd90b50bd86a49bbd85a97702e1a0fe8b8bebfe2925950ee4fbab6
[root@master231 Charts]#
4.harbor仓库验证
略,见视频。
[root@master231 Chart]# scp -p /usr/local/bin/helm 10.0.0.233:/usr/local/bin/
5.拉取harbor仓库的Chart
[root@worker233 ~]# helm pull oci://harbor250.cmy.com/cmy-helm/cmy-linux --version 25.06.12 --insecure-skip-tls-verify
Pulled: harbor250.cmy.com/cmy-helm/cmy-linux:25.06.12
Digest: sha256:efe44993f6fd90b50bd86a49bbd85a97702e1a0fe8b8bebfe2925950ee4fbab6
[root@worker233 ~]#
[root@worker233 ~]# ll cmy-linux-25.06.12.tgz
-rw-r--r-- 1 root root 2350 Jun 12 17:26 cmy-linux-25.06.12.tgz
[root@worker233 ~]#
[root@worker233 ~]# tar xf cmy-linux-25.06.12.tgz
[root@worker233 ~]#
[root@worker233 ~]# tree cmy-linux
cmy-linux
├── Chart.yaml
├── templates
│ ├── configmaps.yaml
│ ├── deployments.yaml
│ ├── _helpers.tpl
│ ├── hpa.yaml
│ ├── ingress.yaml
│ ├── NOTES.txt
│ └── service.yaml
└── values.yaml
1 directory, 9 files
[root@worker233 ~]#
6.打包注意事项
如果有一些文件不想要打包进去,则可以使用'.helmignore'文件进行忽略。达到优化的目的。
参考示例:
http://192.168.14.253/Resources/Kubernetes/Add-ons/helm/cmy-linux-25.04.22.tgz
- 今日内容回顾
- Gateway API **
- Prometheus监控K8S *****
- 部署promethues-operator
- smon架构
- smon监控etcd
- smon监控MySQL
- helm自定义Chart ***
3.9 kubeapps图形化管理Chart组件
-
推荐阅读:
https://github.com/vmware-tanzu/kubeapps/blob/main/site/content/docs/latest/tutorials/getting-started.md
官方的Chart【存在问题,需要去docker官方拉取数据】
https://github.com/bitnami/charts/tree/main/bitnami/kubeapps
温馨提示:
官方对于kubeapps的文档会去从docker官网拉取镜像,国内因素可能无法访问。
1.配置vpn代理
[root@master231 ~]# env | grep http -i
https_proxy=http://10.0.0.1:7890
http_proxy=http://10.0.0.1:7890
[root@master231 ~]#
2.在线安装kubeapps
[root@master231 ~]# helm install kubeapps --namespace kubeapps oci://registry-1.docker.io/bitnamicharts/kubeapps
Pulled: registry-1.docker.io/bitnamicharts/kubeapps:17.1.4
Digest: sha256:a91779b93b2b33a29d1b200b0cb4cd0777e791daef59724b2a9dbc928011d60b
NAME: kubeapps
LAST DEPLOYED: Tue Apr 22 14:42:52 2025
NAMESPACE: kubeapps
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: kubeapps
CHART VERSION: 17.1.4
APP VERSION: 2.12.1
Did you know there are enterprise versions of the Bitnami catalog? For enhanced secure software supply chain features, unlimited pulls from Docker, LTS support, or application customization, see Bitnami Premium or Tanzu Application Catalog. See https://www.arrow.com/globalecs/na/vendors/bitnami for more information.** Please be patient while the chart is being deployed **
Tip:
Watch the deployment status using the command: kubectl get pods -w --namespace kubeapps
Kubeapps can be accessed via port 80 on the following DNS name from within your cluster:
kubeapps.kubeapps.svc.cluster.local
To access Kubeapps from outside your K8s cluster, follow the steps below:
1. Get the Kubeapps URL by running these commands:
echo "Kubeapps URL: http://127.0.0.1:8080"
kubectl port-forward --namespace kubeapps service/kubeapps 8080:80
2. Open a browser and access Kubeapps using the obtained URL.
WARNING: There are "resources" sections in the chart not set. Using "resourcesPreset" is not recommended for production. For production installations, please set the following values according to your workload needs:
- apprepository.resources
- dashboard.resources
- frontend.resources
- kubeappsapis.resources
- postgresql.resources
+info https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
[root@master231 ~]#
3.检查Pod状态
[root@master231 ~]# kubectl get pods -n kubeapps -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
apprepo-kubeapps-sync-bitnami-5298l-22xmk 1/1 Running 0 98s 10.100.140.105 worker233 <none> <none>
apprepo-kubeapps-sync-bitnami-9ppdp-7768r 1/1 Running 0 98s 10.100.140.104 worker233 <none> <none>
kubeapps-56ff8d8d86-vmvmd 1/1 Running 0 3m37s 10.100.140.102 worker233 <none> <none>
kubeapps-56ff8d8d86-xwshm 1/1 Running 0 3m37s 10.100.203.189 worker232 <none> <none>
kubeapps-internal-apprepository-controller-6dff9fd46d-v9tn4 1/1 Running 0 3m37s 10.100.203.188 worker232 <none> <none>
kubeapps-internal-dashboard-7b6b84d96d-m5hsq 1/1 Running 0 3m37s 10.100.203.187 worker232 <none> <none>
kubeapps-internal-dashboard-7b6b84d96d-vw4kd 1/1 Running 0 3m37s 10.100.140.101 worker233 <none> <none>
kubeapps-internal-kubeappsapis-7dfb95f987-fv7hb 1/1 Running 0 3m37s 10.100.140.103 worker233 <none> <none>
kubeapps-internal-kubeappsapis-7dfb95f987-h5vcr 1/1 Running 0 3m37s 10.100.203.186 worker232 <none> <none>
kubeapps-postgresql-0 1/1 Running 0 3m37s 10.100.140.100 worker233 <none> <none>
[root@master231 ~]#
5.开启端口转发
[root@master231 ~]# kubectl port-forward --namespace kubeapps service/kubeapps 8080:80 --address=0.0.0.0
Forwarding from 0.0.0.0:8080 -> 8080
6.创建sa并获取token
[root@master231 Chart]# cat > sa-admin.yaml <<EOF
apiVersion: v1
kind: ServiceAccount
metadata:
name: linux97
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: cluster-linux96
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: linux97
namespace: default
EOF
[root@master231 Chart]# kubectl apply -f sa-admin.yaml
serviceaccount/linux96 created
clusterrolebinding.rbac.authorization.k8s.io/cluster-linux96 created
[root@master231 Chart]#
[root@master231 Chart]# kubectl get secrets `kubectl get sa linux96 -o jsonpath='{.secrets[0].name}'` -o jsonpath='{.data.token}' | base64 -d ;echo
eyJhbGciOiJSUzI1NiIsImtpZCI6InU4RFAyREFKeWhLbGJKa20yUUN6d0lnck5GWWh1aV93OEtFMjIyM3k5blkifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJkZWZhdWx0Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZWNyZXQubmFtZSI6ImxpbnV4OTYtdG9rZW4tdnc5bWYiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoibGludXg5NiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImZhNDQ2ZmMwLTE0MmItNGUwZC05MDhmLTliNDZhYTdkMjdiNiIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDpkZWZhdWx0OmxpbnV4OTYifQ.TCc3RsKqgF9Y7TzxJLnW1k4rpadLXcpBIruwC30eeTJmykcO9pgKXFUZNYy2-Hwf2IDL90m9n3EfT1e6om1dHiZ51arxr3JVIMOmv_A81Uj_kDNwwGcsqWuVzkibg_YrcRvcUY8pekT4MAo300_bMi0TI3QSZ8Z8_ADBn6wL7Mu1AgYctant5tFMGkvE8g2Sdt5UBabMMc37AUYWKXYx_kpDGBLJkWm8WzhOuc0WbvsFTUjiCLDMQotuJSmk_89zyirHWCLE_1SZe5mTrE-lbXbplYstQqsLdIvJVilfzVWqyj9kTOpDjapyMwkOeYjgy6aoUKxX5gvNb-Xc5254iQ
[root@master231 Chart]#
7.登录kubeapps的WebUI
http://10.0.0.231:8080/
使用上一步的token进行登录即可.