1 Environmental preparation
In the original Harbor 2.1.2 installation Continue to integrate Helm warehouse on the basis of
- Helm is a client tool on the command line. It is mainly used to create, package, publish Kubernetes application Chart, and create and manage local and remote Chart warehouses.
- Tiller is the server of Helm and is deployed in the Kubernetes cluster. Tiller is used to receive Helm's request, generate Kubernetes' deployment file (Helm is called Release) according to Chart, and then submit it to Kubernetes to create an application. Tiller also provides a series of functions such as upgrade, deletion and rollback of Release.
- Chart Helm's software package adopts TAR format. Similar to APT's DEB package or YUM's RPM package, it contains a set of YAML files that define Kubernetes resources
- Repository helm's software warehouse. Repository is essentially a Web server. The server saves a series of Chart packages for users to download, and provides a list file of the Chart package of the repository for query. Helm can manage multiple different repositories at the same time. -- > Harbor
- Release the Chart deployed in the Kubernetes cluster using the helm install command is called release
Note:
helm3 removes the tiller component. By default, it interacts with the cluster through ~ /. kube/config, that is, it uses the same context access permissions as kubctl. If it is not in the default location, it can be specified through the - kubeconfig parameter and installed according to the official installation document
**-------------------------------Harbor server
The relevant operations are as follows----------------------------**
2. Enable the chart repository service of Harbor
By default, the new version of harbor will not enable the chart repository service. If we need to manage helm, we need to add additional parameters during installation
## Default installation
$ cd /usr/local/harbor
$ ./install.sh
## Start the chart repository service
$ cd /usr/local/harbor
$ ./install.sh --with-chartmuseum
Wait for the installation to complete. After that, you will be prompted as follows:
[Step 0]: checking if docker is installed ...
Note: docker version: 20.10.1
[Step 1]: checking docker-compose is installed ...
Note: docker-compose version: 1.27.4
[Step 2]: loading Harbor images ...
Loaded image: goharbor/chartmuseum-photon:v2.1.2
Loaded image: goharbor/prepare:v2.1.2
Loaded image: goharbor/harbor-log:v2.1.2
Loaded image: goharbor/harbor-registryctl:v2.1.2
Loaded image: goharbor/clair-adapter-photon:v2.1.2
Loaded image: goharbor/harbor-db:v2.1.2
Loaded image: goharbor/harbor-jobservice:v2.1.2
Loaded image: goharbor/clair-photon:v2.1.2
Loaded image: goharbor/notary-signer-photon:v2.1.2
Loaded image: goharbor/harbor-portal:v2.1.2
Loaded image: goharbor/redis-photon:v2.1.2
Loaded image: goharbor/nginx-photon:v2.1.2
Loaded image: goharbor/trivy-adapter-photon:v2.1.2
Loaded image: goharbor/harbor-core:v2.1.2
Loaded image: goharbor/registry-photon:v2.1.2
Loaded image: goharbor/notary-server-photon:v2.1.2
[Step 3]: preparing environment ...
[Step 4]: preparing harbor configs ...
prepare base dir is set to /usr/local/harbor
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/log/logrotate.conf
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/nginx/nginx.conf
Clearing the configuration file: /config/core/env
Clearing the configuration file: /config/core/app.conf
Clearing the configuration file: /config/registry/passwd
Clearing the configuration file: /config/registry/config.yml
Clearing the configuration file: /config/registry/root.crt
Clearing the configuration file: /config/registryctl/env
Clearing the configuration file: /config/registryctl/config.yml
Clearing the configuration file: /config/db/env
Clearing the configuration file: /config/jobservice/env
Clearing the configuration file: /config/jobservice/config.yml
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
loaded secret from file: /data/secret/keys/secretkey
Generated configuration file: /config/chartserver/env
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir
Note: stopping existing Harbor instance ...
Stopping harbor-jobservice ... done
Stopping nginx ... done
Stopping harbor-core ... done
Stopping harbor-portal ... done
Stopping redis ... done
Stopping registryctl ... done
Stopping registry ... done
Stopping harbor-db ... done
Stopping harbor-log ... done
Removing harbor-jobservice ... done
Removing nginx ... done
Removing harbor-core ... done
Removing harbor-portal ... done
Removing redis ... done
Removing registryctl ... done
Removing registry ... done
Removing harbor-db ... done
Removing harbor-log ... done
Removing network harbor_harbor
Removing network harbor_harbor-chartmuseum
WARNING: Network harbor_harbor-chartmuseum not found.
[Step 5]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating network "harbor_harbor-chartmuseum" with the default driver
Creating harbor-log ... done
Creating harbor-db ... done
Creating registry ... done
Creating registryctl ... done
Creating redis ... done
Creating harbor-portal ... done
Creating chartmuseum ... done
Creating harbor-core ... done
Creating nginx ... done
Creating harbor-jobservice ... done
✔ ----Harbor has been installed and started successfully.----
After that, the above harbor can be used to manage helm charts.
3 graphical interface operation
3.1 create project
First, you need to create a project named helm repo on harbor, as shown in the figure:
3.2 create test user
**-------------------------------kmaster server
The relevant operations are as follows----------------------------**
4 k8s cluster side, helm, etc
4.1 installing helm
$ wget https://get.helm.sh/helm-v3.4.2-linux-amd64.tar.gz
$ tar -zxvf helm-v3.4.2-linux-amd64.tar.gz
$ cd linux-amd64/
# Copy helm to / usr/local/bin
$ cp helm /usr/local/bin
4.2 verification helm
$ helm
The Kubernetes package manager
Common actions for Helm:
- helm search: search for charts - helm pull: download a chart to your local directory to view - helm install: upload the chart to Kubernetes - helm list: list releases of charts
$ helm version
version.BuildInfo{Version:"v3.4.2", GitCommit:"23dd3af5e19a02d4f4baa5b2f242645a1a3af629", GitTre eState:"clean", GoVersion:"go1.14.13"}5 chart warehouse
5.1 adding hostname
$ vi /etc/hosts
192.168.8.131 reg.local.com
5.1 add chart warehouse
5.1.1 add certification
cat /etc/docker/daemon.json
{"exec-opts":["native.cgroupdriver=systemd"],"log-driver":"json-file","log-opts":{"max-size":"100m"},"insecure-registries": ["reg.local.com"]}**-------------------------------Authentication information of harbor service
Copy to kmaster server----------------------------**
5.1.2 copy the authentication information of harbor to the same location of kmaster server
[root@harbor cert]# ll
total 32
-rw-r--r--. 1 root root 2033 Dec 31 04:25 ca.crt
-rw-r--r--. 1 root root 3243 Dec 31 04:25 ca.key
-rw-r--r--. 1 root root 17 Dec 31 04:25 ca.srl
-rw-r--r--. 1 root root 2094 Dec 31 04:25 reg.local.com.cert
-rw-r--r--. 1 root root 2094 Dec 31 04:25 reg.local.com.crt
-rw-r--r--. 1 root root 1708 Dec 31 04:25 reg.local.com.csr
-rw-r--r--. 1 root root 3247 Dec 31 04:25 reg.local.com.key
-rw-r--r--. 1 root root 263 Dec 31 04:25 v3.ext
[root@kmaster cert]# ll
total 32
-rw-r--r-- 1 root root 2033 Dec 31 04:25 ca.crt
-rw-r--r-- 1 root root 3243 Dec 31 04:25 ca.key
-rw-r--r-- 1 root root 17 Dec 31 04:25 ca.srl
-rw-r--r-- 1 root root 2094 Dec 31 04:25 reg.local.com.cert
-rw-r--r-- 1 root root 2094 Dec 31 04:25 reg.local.com.crt
-rw-r--r-- 1 root root 1708 Dec 31 04:25 reg.local.com.csr
-rw-r--r-- 1 root root 3247 Dec 31 04:25 reg.local.com.key
-rw-r--r-- 1 root root 263 Dec 31 04:25 v3.ext
-------------------------------Operations related to kmaster server are as follows----------------------------
5.1.3 add private warehouse
$ helm repo add stable https://charts.helm.sh/stable
$ helm repo add --ca-file /data/cert/ca.crt --cert-file /data/cert/reg.local.com.cert --key-file /data/cert/reg.local.com.key test https://reg.local.com/chartrepo/helm-repo
"test" has been added to your repositories
5.2 update chart list
$ helm repo update
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "test" chart repository
...Successfully got an update from the "stable" chart repository
5.3 installing mysql using helm
$ helm install stable/mysql --generate-name
5.4 check whether mysql has been successfully installed
$ helm ls
5.5 push application
helm3 does not support pushing to the charts library by default. You need to install the plug-in helm push
5.5.1 installing plug-ins
$ helm plugin install https://github.com/chartmuseum/helm-push
Downloading and installing helm-push v0.9.0 ...
https://github.com/chartmuseum/helm-push/releases/download/v0.9.0/helm-push_0.9.0_linux_amd64.tar.gz
Installed plugin: push
5.5.2 view the added chart warehouse
$ helm repo list
NAME URL
stable https://charts.helm.sh/stable
test https://reg.local.com/chartrepo/helm-repo
5.5.3 create chart
$ helm create mychart
Creating mychart
$ ll
total 8
drwxr-xr-x 2 root root 6 Jan 6 15:15 charts
-rw-r--r-- 1 root root 1098 Jan 6 15:15 Chart.yaml
drwxr-xr-x 3 root root 162 Jan 6 15:15 templates
-rw-r--r-- 1 root root 1800 Jan 6 15:15 values.yaml
5.5.4 check chart
$ helm lint ./mychart
==> Linting ./mychart
Error unable to check Chart.yaml file in chart: stat mychart/Chart.yaml: no such file or directory
Error: 1 chart(s) linted, 1 chart(s) failed
[root@kmaster mychart]# cd ..
[root@kmaster ~]# helm lint ./mychart
==> Linting ./mychart
[INFO] Chart.yaml: icon is recommended
1 chart(s) linted, 0 chart(s) failed
5.5.5 push chart
$ helm push mychart test --ca-file /data/cert/ca.crt -u admin -p Harbor12345
Pushing mychart-0.1.0.tgz to test...
Done.
-------------------------------The related operations of harbor server are as follows----------------------------
6. Verify the successful chart just pushed
Version 0.1.0
-------------------------------Operations related to kmaster server are as follows----------------------------
7 installation from chart warehouse
7.1 existing installed chart
$ helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
7.2 installing mychart 0.1.0
$ helm install my1 mychart
NAME: my1
LAST DEPLOYED: Wed Jan 6 15:57:47 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
1. Get the application URL by running these commands:
export POD_NAME=$(kubectl get pods --namespace default -l "app.kubernetes.io/name=mychart,app.kubernetes.io/instance=my1" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace default $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl --namespace default port-forward $POD_NAME 8080:$CONTAINER_PORT7.3 uninstall mychart 0.1.0
$ helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
my1 default 1 2021-01-06 15:57:47.410255239 +0900 JST deployed mychart-0.1.0 1.16.0
$ helm uninstall my1
release "my1" uninstalled
8 pull the web demo image from Harbor to see the results
8.1 image pull down
docker pull reg.local.com/dev/web-demo:v1.0
v1.0: Pulling from dev/web-demo
7448db3b31eb: Pull complete
c36604fa7939: Pull complete
29e8ef0e3340: Pull complete
a0c934d2565d: Pull complete
a360a17c9cab: Pull complete
cfcc996af805: Pull complete
2cf014724202: Pull complete
4bc402a00dfe: Pull complete
7f506d2e6327: Pull complete
577ef7ca6761: Pull complete
Digest: sha256:80530996e66df715a51f3407423802a106271b1bc4267114d5a6cc5f9a0a87ef
Status: Downloaded newer image for reg.local.com/dev/web-demo:v1.0
reg.local.com/dev/web-demo:v1.0
8.2 check the image
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
reg.local.com/dev/web-demo v1.0 e03f3e0f181f 41 hours ago 677MB
8.3 execute the image and place port 8080 as 8888
docker run --publish 8888:8080 reg.local.com/dev/web-demo:v1.0
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
\\/ ___)| |_)| | | | | || (_| | ) ) ) )
' |____| .__|_| |_|_| |_\__, | / / / /
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v2.4.1)
2021-01-06 17:41:12.950 INFO 1 --- [ main] com.local.demo.DemoApplication : Starting DemoApplication v0.0.1-SNAPSHOT using Java 1.8.0_111 on 8f2fb5b3f985 with PID 1 (/app.jar started by root in /)
2021-01-06 17:41:12.957 INFO 1 --- [ main] com.local.demo.DemoApplication : No active profile set, falling back to default profiles: default
2021-01-06 17:41:14.150 INFO 1 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8080 (http)
2021-01-06 17:41:14.160 INFO 1 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
2021-01-06 17:41:14.160 INFO 1 --- [ main] org.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/9.0.41]
2021-01-06 17:41:14.212 INFO 1 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2021-01-06 17:41:14.212 INFO 1 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 1177 ms
2021-01-06 17:41:14.476 INFO 1 --- [ main] o.s.s.concurrent.ThreadPoolTaskExecutor : Initializing ExecutorService 'applicationTaskExecutor'
2021-01-06 17:41:14.641 INFO 1 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8080 (http) with context path ''
2021-01-06 17:41:14.651 INFO 1 --- [ main] com.local.demo.DemoApplication : Started DemoApplication in 2.136 seconds (JVM running for 2.486)
2021-01-06 17:41:30.169 INFO 1 --- [nio-8080-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring DispatcherServlet 'dispatcherServlet'
2021-01-06 17:41:30.169 INFO 1 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : Initializing Servlet 'dispatcherServlet'
2021-01-06 17:41:30.170 INFO 1 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet : Completed initialization in 1 ms
8.4 check the screen with the browser
For other deployment methods, refer to: k8s+jenkins realizes automatic deployment and application to k8s cluster