helm ってみたが失敗
インストール
ここからバイナリを選択。wget しインストール。/user/local/bin に書き込めなかったので /opt/bin にしておいた。
$ wget https://get.helm.sh/helm-v2.14.3-linux-amd64.tar.gz $ tar xzvf helm-v2.14.3-linux-amd64.tar.gz $ sudo mv linux-amd64/helm /opt/bin/helm
コマンド確認
$ helm
The Kubernetes package manager
To begin working with Helm, run the 'helm init' command:
$ helm init
This will install Tiller to your running Kubernetes cluster.
It will also set up any necessary local configuration.
Common actions from this point include:
- helm search: search for charts
- helm fetch: download a chart to your local directory to view
- helm install: upload the chart to Kubernetes
- helm list: list releases of charts
Environment:
- $HELM_HOME: set an alternative location for Helm files. By default, these are stored in ~/.helm
- $HELM_HOST: set an alternative Tiller host. The format is host:port
- $HELM_NO_PLUGINS: disable plugins. Set HELM_NO_PLUGINS=1 to disable plugins.
- $TILLER_NAMESPACE: set an alternative Tiller namespace (default "kube-system")
- $KUBECONFIG: set an alternative Kubernetes configuration file (default "~/.kube/config")
- $HELM_TLS_CA_CERT: path to TLS CA certificate used to verify the Helm client and Tiller server certificates (default "$HELM_HOME/ca.pem")
- $HELM_TLS_CERT: path to TLS client certificate file for authenticating to Tiller (default "$HELM_HOME/cert.pem")
- $HELM_TLS_KEY: path to TLS client key file for authenticating to Tiller (default "$HELM_HOME/key.pem")
- $HELM_TLS_ENABLE: enable TLS connection between Helm and Tiller (default "false")
- $HELM_TLS_VERIFY: enable TLS connection between Helm and Tiller and verify Tiller server certificate (default "false")
- $HELM_TLS_HOSTNAME: the hostname or IP address used to verify the Tiller server certificate (default "127.0.0.1")
- $HELM_KEY_PASSPHRASE: set HELM_KEY_PASSPHRASE to the passphrase of your PGP private key. If set, you will not be prompted for the passphrase while signing helm charts
Usage:
helm [command]
Available Commands:
completion Generate autocompletions script for the specified shell (bash or zsh)
create create a new chart with the given name
delete given a release name, delete the release from Kubernetes
dependency manage a chart's dependencies
fetch download a chart from a repository and (optionally) unpack it in local directory
get download a named release
help Help about any command
history fetch release history
home displays the location of HELM_HOME
init initialize Helm on both client and server
inspect inspect a chart
install install a chart archive
lint examines a chart for possible issues
list list releases
package package a chart directory into a chart archive
plugin add, list, or remove Helm plugins
repo add, list, remove, update, and index chart repositories
reset uninstalls Tiller from a cluster
rollback roll back a release to a previous revision
search search for a keyword in charts
serve start a local http web server
status displays the status of the named release
template locally render templates
test test a release
upgrade upgrade a release
verify verify that a chart at the given path has been signed and is valid
version print the client/server version information
Flags:
--debug enable verbose output
-h, --help help for helm
--home string location of your Helm config. Overrides $HELM_HOME (default "/home/core/.helm")
--host string address of Tiller. Overrides $HELM_HOST
--kube-context string name of the kubeconfig context to use
--kubeconfig string absolute path to the kubeconfig file to use
--tiller-connection-timeout int the duration (in seconds) Helm will wait to establish a connection to tiller (default 300)
--tiller-namespace string namespace of Tiller (default "kube-system")
Use "helm [command] --help" for more information about a command.
バージョン確認
$ helm version
Client: &version.Version{SemVer:"v2.14.3", GitCommit:"0e7f3b6637f7af8fcfddb3d2941fcc7cbebb0085", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.14.3", GitCommit:"0e7f3b6637f7af8fcfddb3d2941fcc7cbebb0085", GitTreeState:"clean"}
helm init
$ helm init Creating /home/core/.helm Creating /home/core/.helm/repository Creating /home/core/.helm/repository/cache Creating /home/core/.helm/repository/local Creating /home/core/.helm/plugins Creating /home/core/.helm/starters Creating /home/core/.helm/cache/archive Creating /home/core/.helm/repository/repositories.yaml Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com Adding local repo with URL: http://127.0.0.1:8879/charts $HELM_HOME has been configured at /home/core/.helm. Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster. Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy. To prevent this, run `helm init` with the --tiller-tls-verify flag. For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation
install an example chart
ここを見ながら
repo update
$ helm repo update Hang tight while we grab the latest from your chart repositories... ...Skip local chart repository ...Successfully got an update from the "stable" chart repository Update Complete.
チュートリアルではinstallだが inspectしてみる。大量に表示されたこれがチャートなのか。
core@kb21 ~ $ helm inspect stable/mysql apiVersion: v1 appVersion: 5.7.14 description: Fast, reliable, scalable, and easy to use open-source relational database system. engine: gotpl home: https://www.mysql.com/ icon: https://www.mysql.com/common/logos/logo-mysql-170x115.png keywords: - mysql - database - sql maintainers: - email: o.with@sportradar.com name: olemarkus - email: viglesias@google.com name: viglesiasce name: mysql sources: - https://github.com/kubernetes/charts - https://github.com/docker-library/mysql version: 1.3.0 --- ## mysql image version ## ref: https://hub.docker.com/r/library/mysql/tags/ ## image: "mysql" imageTag: "5.7.14" busybox: image: "busybox" tag: "1.29.3" : :
sources:https://github.com/kubernetes/charts とあるので stable/mysql をたどるとどうもここが元っぽい。
helm inspect で得られる yaml と https://github.com/helm/charts/blob/master/stable/mysql/Chart.yaml の並びが異なるのでgithubを直接参照しているのではなさそう。
https://github.com/helm/charts/tree/master/stable/mysql の README.md を読むと軽く使い方が書かれている。
インストール前に気になるのが ls すると設定が足りてないっぽい。
$ helm ls Error: configmaps is forbidden: User "system:serviceaccount:kube-system:default" cannot list resource "configmaps" in API group "" in the namespace "kube-system"
検索するとどうも serviceaccount を作る必要があるようだ。
tiller を作り直すことにした。tiller アンインストール
$ kubectl get pods --namespace kube-system NAME READY STATUS RESTARTS AGE calico-node-66x5m 2/2 Running 4 13d calico-node-86jrf 2/2 Running 4 13d calico-node-qxhsg 2/2 Running 5 13d coredns-5c98db65d4-hplkv 1/1 Running 2 13d coredns-5c98db65d4-x9xmd 1/1 Running 2 13d etcd-kb21 1/1 Running 2 13d kube-apiserver-kb21 1/1 Running 3 13d kube-controller-manager-kb21 1/1 Running 2 13d kube-proxy-7t47d 1/1 Running 2 13d kube-proxy-9tgrc 1/1 Running 2 13d kube-proxy-wm448 1/1 Running 2 13d kube-scheduler-kb21 1/1 Running 2 13d tiller-deploy-75f6c87b87-wplgr 1/1 Running 1 12d $ helm reset Error: configmaps is forbidden: User "system:serviceaccount:kube-system:default" cannot list resource "configmaps" in API group "" in the namespace "kube-system" $ helm reset --force Tiller (the Helm server-side component) has been uninstalled from your Kubernetes Cluster. $ helm ls Error: could not find tiller $ kubectl get pods --namespace kube-system NAME READY STATUS RESTARTS AGE calico-node-66x5m 2/2 Running 4 13d calico-node-86jrf 2/2 Running 4 13d calico-node-qxhsg 2/2 Running 5 13d coredns-5c98db65d4-hplkv 1/1 Running 2 13d coredns-5c98db65d4-x9xmd 1/1 Running 2 13d etcd-kb21 1/1 Running 2 13d kube-apiserver-kb21 1/1 Running 3 13d kube-controller-manager-kb21 1/1 Running 2 13d kube-proxy-7t47d 1/1 Running 2 13d kube-proxy-9tgrc 1/1 Running 2 13d kube-proxy-wm448 1/1 Running 2 13d kube-scheduler-kb21 1/1 Running 2 13d
用語
- helm
- 舵、舵輪、操舵装置
- Helmクライアント
- tiller
- この場合舵柄?舵を回すために、舵の頭に通してある横棒
- Helmサーバー
- chart
- 海図
