1. 程式人生 > >Kubernetes使用helm安裝Harbor管理image和chart

Kubernetes使用helm安裝Harbor管理image和chart

net 參考 work http png director reat 定義 下載失敗

Kubernetes使用helm安裝Harbor管理image和chart

[TOC]

1. 環境說明

  • 可用的kubernetes集群
  • 可用的helm服務端、客戶端
  • 可用的kubeapps

2. helm安裝Harbor

根據官方文檔安裝,可能失敗的是下載redis依賴包:

helm dependency update

Downloading redis from repo https://kubernetes-charts.storage.googleapis.com
Save error occurred:  could not download https://kubernetes-charts.storage.googleapis.com/redis-3.2.5.tgz: Get https://kubernetes-charts.storage.googleapis.com/redis-3.2.5.tgz: dial tcp 216.58.200.240:443: i/o timeout

如果下載失敗,可以手動準備redis:

[root@lab1 harbor]# helm search redis     
NAME                                    CHART VERSION   APP VERSION     DESCRIPTION                                       
aliyun/redis                            1.1.15          4.0.8           Open source, advanced key-value store. It is of...
aliyun/redis-ha                         2.0.1                           Highly available Redis cluster with multiple se...
bitnami/redis                           4.0.1           4.0.11          Open source, advanced key-value store. It is of...
incubator/redis-cache                   0.3.3           3               A pure in-memory redis cache, using statefulset...
mycharts/redis-ha                       2.0.1                           Highly available Redis cluster with multiple se...
stable/prometheus-redis-exporter        0.3.2           0.21.1          Prometheus exporter for Redis metrics             
stable/redis                            4.0.1           4.0.11          Open source, advanced key-value store. It is of...
stable/redis-ha                         2.2.3           4.0.8-r0        Highly available Redis cluster with multiple se...
aliyun/sensu                            0.2.0                           Sensu monitoring framework backed by the Redis ...
stable/sensu                            0.2.3           0.28            Sensu monitoring framework backed by the Redis ...
[root@lab1 harbor]# helm repo list
NAME            URL                                                        
monocular       https://helm.github.io/monocular                           
bitnami         https://charts.bitnami.com/bitnami                         
gitlab          https://charts.gitlab.io/                                  
incubator       https://kubernetes-charts-incubator.storage.googleapis.com/
aliyun          https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts     
stable          https://kubernetes-charts.storage.googleapis.com/          
mycharts        https://reg.linuxba.com/chartrepo/pub                      
[root@lab1 harbor]# cd charts/
[root@lab1 charts]# helm fetch aliyun/redis --untar     

後面安裝基本沒有什麽問題。

3. kubeapps添加harbor倉庫

比如我用的倉庫名為:pub

技術分享圖片

可以手動上傳一個chart包,然後進入查看詳情,可以看到倉庫地址:

技術分享圖片

在kubeapps中添加倉庫時,需要使用bearer token,下面是獲取方法:

curl -i -k -u "admin:password" "https://reg.linuxba.com/service/token?account=admin&service=harbor-registry&scope=repository:pub/"

4. 效果圖

以下是我的使用效果圖
技術分享圖片

技術分享圖片

5. 一個上傳chart腳本

#!/usr/bin/env bash
##############################################################
# File Name: 
# Version: V1.0
# Author: Chinge_Yang
# Blog: http://blog.csdn.net/ygqygq2
# Created Time : 2018-09-25 15:32:50
# Description: 上傳chart包到harbor倉庫
##############################################################

#獲取腳本所存放目錄
cd `dirname $0`
bash_path=`pwd`

chart_name="$1"
user_name="admin"
password="password"
project_name="${2:-pub}"
request_url="https://reg.linuxba.com/api/chartrepo/$project_name/charts"
charts_dir=$bash_path/charts

#腳本名
me=$(basename $0)
log_dir=$bash_path/log
shell_log=$log_dir/${USER}_${me}.log

#定義保存日誌函數
function save_log () {
    echo -e "`date +%F\ %T` $*" >> $shell_log
}

[ ! -d $log_dir ] && mkdir -p $log_dir

#定義輸出顏色函數
function red_echo () {
#用法:  red_echo "內容"
    local what=$*
    echo -e "\e[1;31m ${what} \e[0m"
}

function green_echo () {
#用法:  green_echo "內容"
    local what=$*
    echo -e "\e[1;32m ${what} \e[0m"
}

function yellow_echo () {
#用法:  yellow_echo "內容"
    local what=$*
    echo -e "\e[1;33m ${what} \e[0m"
}

function twinkle_echo () {
#用法:  twinkle_echo $(red_echo "內容")  ,此處例子為紅色閃爍輸出
    local twinkle=‘\e[05m‘
    local what="${twinkle} $*"
    echo -e "${what}"
}

function return_echo () {
    [ $? -eq 0 ] && green_echo "$* 成功" && return 0 || red_echo "$* 失敗" && return 1 
}

function return_error_exit () {
    [ $? -eq 0 ] && REVAL="0"
    local what=$*
    if [ "$REVAL" = "0" ];then
        [ ! -z "$what" ] && green_echo "$what 成功"
    else
        red_echo "$* 失敗,腳本退出"
        exit 1
    fi
}

#定義確認函數
function user_verify_function () {
    while true;do
        echo ""
        read -p "是否確認?[Y/N]:" Y
        case $Y in
    [yY]|[yY][eE][sS])
        echo -e "answer:  \\033[20G [ \e[1;32m是\e[0m ] \033[0m"
        break   
        ;;
    [nN]|[nN][oO])
        echo -e "answer:  \\033[20G [ \e[1;32m否\e[0m ] \033[0m"          
        exit 1
        ;;
      *)
        continue
        ;;
        esac
    done
}

#定義跳過函數
function user_pass_function () {
    while true;do
        echo ""
        read -p "是否確認?[Y/N]:" Y
        case $Y in
            [yY]|[yY][eE][sS])
            echo -e "answer:  \\033[20G [ \e[1;32m是\e[0m ] \033[0m"
            break   
            ;;
            [nN]|[nN][oO])
            echo -e "answer:  \\033[20G [ \e[1;32m否\e[0m ] \033[0m"          
            return 1
            ;;
            *)
            continue
            ;;
            esac
    done
}

function usage() {
    if [ $# -lt 1 ]; then
        echo $"Usage: $0 {chart_file|chart_directory}"
        exit 0
    fi
}

function push () {
    if [ ! "$(ls ${chart_name} 2>/dev/null|grep ‘.tgz‘)" ]; then
        if [ -d $chart_name ]; then
            echo -e "helm package $(basename $chart_name)"
            helm package $(basename $chart_name)
            #echo -e "mv -f *.tgz charts/"
            mv -f *.tgz charts/
            chart_file=$(ls -r $charts_dir/$(echo ${chart_name}|sed -r ‘s@\/$@@‘)-*.tgz|head -n 1)
        else
            return_error_exit "檢查目錄"
        fi
    else
        if [ -f $chart_name ]; then
            chart_file=$chart_name
        else
            return_error_exit "檢查文件"
        fi
    fi

    result=$(curl -i -u "$user_name:$password" -k -X POST "${request_url}"         -H "accept: application/json"         -H "Content-Type: multipart/form-data"         -F "chart=@${chart_file};type=application/x-compressed" 2>/dev/null
    )
    if echo $result |grep ‘{"saved":true}‘>/dev/null; then
        save_log push ${chart_file} sucessed
    else
        save_log push ${chart_file} failed
    fi
}

usage $*
push

參考資料:
[1] https://github.com/goharbor/harbor
[2] https://github.com/goharbor/harbor-helm
[3] https://github.com/goharbor/harbor/blob/master/docs/swagger.yaml

Kubernetes使用helm安裝Harbor管理image和chart