helm ってみたが失敗
インストール
ここからバイナリを選択。wget しインストール。/user/local/bin に書き込めなかったので /opt/bin にしておいた。
$ wget https://get.helm.sh/helm-v2.14.3-linux-amd64.tar.gz $ tar xzvf helm-v2.14.3-linux-amd64.tar.gz $ sudo mv linux-amd64/helm /opt/bin/helm
コマンド確認
$ helm The Kubernetes package manager To begin working with Helm, run the 'helm init' command: $ helm init This will install Tiller to your running Kubernetes cluster. It will also set up any necessary local configuration. Common actions from this point include: - helm search: search for charts - helm fetch: download a chart to your local directory to view - helm install: upload the chart to Kubernetes - helm list: list releases of charts Environment: - $HELM_HOME: set an alternative location for Helm files. By default, these are stored in ~/.helm - $HELM_HOST: set an alternative Tiller host. The format is host:port - $HELM_NO_PLUGINS: disable plugins. Set HELM_NO_PLUGINS=1 to disable plugins. - $TILLER_NAMESPACE: set an alternative Tiller namespace (default "kube-system") - $KUBECONFIG: set an alternative Kubernetes configuration file (default "~/.kube/config") - $HELM_TLS_CA_CERT: path to TLS CA certificate used to verify the Helm client and Tiller server certificates (default "$HELM_HOME/ca.pem") - $HELM_TLS_CERT: path to TLS client certificate file for authenticating to Tiller (default "$HELM_HOME/cert.pem") - $HELM_TLS_KEY: path to TLS client key file for authenticating to Tiller (default "$HELM_HOME/key.pem") - $HELM_TLS_ENABLE: enable TLS connection between Helm and Tiller (default "false") - $HELM_TLS_VERIFY: enable TLS connection between Helm and Tiller and verify Tiller server certificate (default "false") - $HELM_TLS_HOSTNAME: the hostname or IP address used to verify the Tiller server certificate (default "127.0.0.1") - $HELM_KEY_PASSPHRASE: set HELM_KEY_PASSPHRASE to the passphrase of your PGP private key. If set, you will not be prompted for the passphrase while signing helm charts Usage: helm [command] Available Commands: completion Generate autocompletions script for the specified shell (bash or zsh) create create a new chart with the given name delete given a release name, delete the release from Kubernetes dependency manage a chart's dependencies fetch download a chart from a repository and (optionally) unpack it in local directory get download a named release help Help about any command history fetch release history home displays the location of HELM_HOME init initialize Helm on both client and server inspect inspect a chart install install a chart archive lint examines a chart for possible issues list list releases package package a chart directory into a chart archive plugin add, list, or remove Helm plugins repo add, list, remove, update, and index chart repositories reset uninstalls Tiller from a cluster rollback roll back a release to a previous revision search search for a keyword in charts serve start a local http web server status displays the status of the named release template locally render templates test test a release upgrade upgrade a release verify verify that a chart at the given path has been signed and is valid version print the client/server version information Flags: --debug enable verbose output -h, --help help for helm --home string location of your Helm config. Overrides $HELM_HOME (default "/home/core/.helm") --host string address of Tiller. Overrides $HELM_HOST --kube-context string name of the kubeconfig context to use --kubeconfig string absolute path to the kubeconfig file to use --tiller-connection-timeout int the duration (in seconds) Helm will wait to establish a connection to tiller (default 300) --tiller-namespace string namespace of Tiller (default "kube-system") Use "helm [command] --help" for more information about a command.
バージョン確認
$ helm version Client: &version.Version{SemVer:"v2.14.3", GitCommit:"0e7f3b6637f7af8fcfddb3d2941fcc7cbebb0085", GitTreeState:"clean"} Server: &version.Version{SemVer:"v2.14.3", GitCommit:"0e7f3b6637f7af8fcfddb3d2941fcc7cbebb0085", GitTreeState:"clean"}
helm init
$ helm init Creating /home/core/.helm Creating /home/core/.helm/repository Creating /home/core/.helm/repository/cache Creating /home/core/.helm/repository/local Creating /home/core/.helm/plugins Creating /home/core/.helm/starters Creating /home/core/.helm/cache/archive Creating /home/core/.helm/repository/repositories.yaml Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com Adding local repo with URL: http://127.0.0.1:8879/charts $HELM_HOME has been configured at /home/core/.helm. Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster. Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy. To prevent this, run `helm init` with the --tiller-tls-verify flag. For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation
install an example chart
ここを見ながら
repo update
$ helm repo update Hang tight while we grab the latest from your chart repositories... ...Skip local chart repository ...Successfully got an update from the "stable" chart repository Update Complete.
チュートリアルではinstallだが inspectしてみる。大量に表示されたこれがチャートなのか。
core@kb21 ~ $ helm inspect stable/mysql apiVersion: v1 appVersion: 5.7.14 description: Fast, reliable, scalable, and easy to use open-source relational database system. engine: gotpl home: https://www.mysql.com/ icon: https://www.mysql.com/common/logos/logo-mysql-170x115.png keywords: - mysql - database - sql maintainers: - email: o.with@sportradar.com name: olemarkus - email: viglesias@google.com name: viglesiasce name: mysql sources: - https://github.com/kubernetes/charts - https://github.com/docker-library/mysql version: 1.3.0 --- ## mysql image version ## ref: https://hub.docker.com/r/library/mysql/tags/ ## image: "mysql" imageTag: "5.7.14" busybox: image: "busybox" tag: "1.29.3" : :
sources:https://github.com/kubernetes/charts
とあるので stable/mysql
をたどるとどうもここが元っぽい。
helm inspect で得られる yaml と https://github.com/helm/charts/blob/master/stable/mysql/Chart.yaml の並びが異なるのでgithubを直接参照しているのではなさそう。
https://github.com/helm/charts/tree/master/stable/mysql の README.md を読むと軽く使い方が書かれている。
インストール前に気になるのが ls すると設定が足りてないっぽい。
$ helm ls Error: configmaps is forbidden: User "system:serviceaccount:kube-system:default" cannot list resource "configmaps" in API group "" in the namespace "kube-system"
検索するとどうも serviceaccount を作る必要があるようだ。
tiller を作り直すことにした。tiller アンインストール
$ kubectl get pods --namespace kube-system NAME READY STATUS RESTARTS AGE calico-node-66x5m 2/2 Running 4 13d calico-node-86jrf 2/2 Running 4 13d calico-node-qxhsg 2/2 Running 5 13d coredns-5c98db65d4-hplkv 1/1 Running 2 13d coredns-5c98db65d4-x9xmd 1/1 Running 2 13d etcd-kb21 1/1 Running 2 13d kube-apiserver-kb21 1/1 Running 3 13d kube-controller-manager-kb21 1/1 Running 2 13d kube-proxy-7t47d 1/1 Running 2 13d kube-proxy-9tgrc 1/1 Running 2 13d kube-proxy-wm448 1/1 Running 2 13d kube-scheduler-kb21 1/1 Running 2 13d tiller-deploy-75f6c87b87-wplgr 1/1 Running 1 12d $ helm reset Error: configmaps is forbidden: User "system:serviceaccount:kube-system:default" cannot list resource "configmaps" in API group "" in the namespace "kube-system" $ helm reset --force Tiller (the Helm server-side component) has been uninstalled from your Kubernetes Cluster. $ helm ls Error: could not find tiller $ kubectl get pods --namespace kube-system NAME READY STATUS RESTARTS AGE calico-node-66x5m 2/2 Running 4 13d calico-node-86jrf 2/2 Running 4 13d calico-node-qxhsg 2/2 Running 5 13d coredns-5c98db65d4-hplkv 1/1 Running 2 13d coredns-5c98db65d4-x9xmd 1/1 Running 2 13d etcd-kb21 1/1 Running 2 13d kube-apiserver-kb21 1/1 Running 3 13d kube-controller-manager-kb21 1/1 Running 2 13d kube-proxy-7t47d 1/1 Running 2 13d kube-proxy-9tgrc 1/1 Running 2 13d kube-proxy-wm448 1/1 Running 2 13d kube-scheduler-kb21 1/1 Running 2 13d
用語
- helm
- 舵、舵輪、操舵装置
- Helmクライアント
- tiller
- この場合舵柄?舵を回すために、舵の頭に通してある横棒
- Helmサーバー
- chart
- 海図