什麽是Helm？這可不是暗黑破壞神裏裝備的名稱：頭盔，而是Kubernetes的一個包管理工具，用來簡化Kubernetes應用的部署和管理。我們Helm和Kubernetes的關系，我們可以理解成yum和CentOS，apt-get和Ubuntu的關系。

Helm由兩部分組成，客戶端helm和服務端tiller。

其中tiller運行在Kubernetes集群上，管理chart，而客戶端helm就是一個命令行工具，可在本地運行，一般運行在持續集成/持續交付的服務器上 。

下圖是helm的架構圖。

我們現在就來試用下helm。

首先安裝helm客戶端。

下載helm執行文件的壓縮包：

wget -O helm.tar.gz https://storage.googleapis.com/kubernetes-helm/helm-v2.11.0-linux-amd64.tar.gz tar -xzf helm.tar.gz

解壓完畢後，將helm文件移到目錄/usr/local/bin/helm下面：

mv linux-amd64/helm /usr/local/bin/helm

給這個文件加上執行權限：

chmod +x /usr/local/bin/helm

首先使用-namespace參數指定使用的namespace，我例子裏的命名空間是part-0110:

helm init --tiller-namespace part-0110 --service-account access

helm init --tiller-namespace part-0110 --service-account access

Creating /home/vagrant/.helm

Creating /home/vagrant/.helm/repository

Creating /home/vagrant/.helm/repository/cache

Creating /home/vagrant/.helm/repository/local

Creating /home/vagrant/.helm/plugins

Creating /home/vagrant/.helm/starters

Creating /home/vagrant/.helm/cache/archive

Creating /home/vagrant/.helm/repository/repositories.yaml

Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com

Adding local repo with URL: http://127.0.0.1:8879/charts

$HELM_HOME has been configured at /home/vagrant/.helm.

Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.

Please note: by default, Tiller is deployed with an insecure ‘allow unauthenticated users‘ policy.

For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation

Happy Helming!

從helm的init命令輸出，我們可以觀察到，該命令生成了大量和helm server交互所必須的repository。

現在可以使用helm version命令行參數查看helm客戶端和服務器端的版本號：

helm version --tiller-connection-timeout=5 --tiller-namespace part-0110

vagrant@vagrant:~/.kube$ helm version --tiller-connection-timeout=5 --tiller-namespace part-0110

Client: &version.Version{SemVer:"v2.9.1", GitCommit:"20adb27c7c5868466912eebdf6664e7390ebe710", GitTreeState:"clean"}

Server: &version.Version{SemVer:"v2.9.1", GitCommit:"20adb27c7c5868466912eebdf6664e7390ebe710", GitTreeState:"clean"}

使用命令helm repo list查看helm倉庫列表：

根據名稱搜索helm chart：

helm search chaoskube

使用下面的命令行安裝chart。命令行中的參數jerry可以根據需要改成你自己期望的名字。

helm install --name jerry stable/chaoskube --set namespaces=part-0110 --set rbac.serviceAccountName=access --tiller-namespace part-0110 --debug

下面是helm install命令的輸出，供您參考：

vagrant@vagrant:~/.kube$ helm install --name jerry stable/chaoskube --set namespaces=part-0110 --set rbac.serviceAccountName=access --tiller-namespace part-0110 --debug

[debug] Created tunnel using local port: ‘36408‘

[debug] SERVER: "127.0.0.1:36408"

[debug] Original chart version: ""

[debug] Fetched stable/chaoskube to /home/vagrant/.helm/cache/archive/chaoskube-0.10.0.tgz

[debug] CHART PATH: /home/vagrant/.helm/cache/archive/chaoskube-0.10.0.tgz

NAME: jerry

REVISION: 1

RELEASED: Thu Nov 15 16:37:19 2018

CHART: chaoskube-0.10.0

USER-SUPPLIED VALUES:

namespaces: part-0110

rbac:

serviceAccountName: access

COMPUTED VALUES:

affinity: {}

annotations: null

debug: false

dryRun: true

excludedDaysOfYear: null

excludedTimesOfDay: null

excludedWeekdays: null

image: quay.io/linki/chaoskube

imageTag: v0.10.0

interval: 10m

labels: null

minimumAge: 0s

name: chaoskube

namespaces: part-0110

nodeSelector: {}

priorityClassName: ""

rbac:

create: false

serviceAccountName: access

replicas: 1

resources: {}

timezone: UTC

tolerations: []

HOOKS:

MANIFEST:

Source: chaoskube/templates/deployment.yaml

apiVersion: apps/v1beta1

kind: Deployment

metadata:

name: jerry-chaoskube

labels:

app: chaoskube

heritage: "Tiller"

release: "jerry"

chart: chaoskube-0.10.0

spec:

replicas: 1

selector:

matchLabels:

app: chaoskube

release: jerry

template:

metadata:

labels:

app: chaoskube

heritage: "Tiller"

release: "jerry"

chart: chaoskube-0.10.0

spec:

containers:

• name: chaoskube

image: quay.io/linki/chaoskube:v0.10.0

args:

• --interval=10m

• --labels=

• --annotations=

• --namespaces=part-0110

• --excluded-weekdays=

• --excluded-times-of-day=

• --excluded-days-of-year=

• --timezone=UTC

• --minimum-age=0s

resources:

{}

serviceAccountName: "access"

LAST DEPLOYED: Thu Nov 15 16:37:19 2018

NAMESPACE: part-0110

STATUS: DEPLOYED

RESOURCES:

==> v1beta1/Deployment

NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE

jerry-chaoskube 1 1 1 0 2s

==> v1/Pod(related)

NAME READY STATUS RESTARTS AGE

jerry-chaoskube-6689695476-kchtn 0/1 ContainerCreating 0 1s

NOTES:

chaoskube is running and will kill arbitrary pods every 10m.

You can follow the logs to see what chaoskube does:

POD=$(kubectl -n part-0110 get pods -l=‘release=jerry-chaoskube‘ --output=jsonpath=‘{.items[0].metadata.name}‘)

kubectl -n part-0110 logs -f $POD

You are running in dry-run mode. No pod is actually terminated.

使用helm list命令，現在就能查看到剛才安裝的名為jerry的chart了。

helm list --tiller-namespace part-0110

使用helm命令查看這個chart的明細（類似kubectl describe pod XXX )

helm status jerry --tiller-namespace part-0110

上圖也顯示了自動生成的pod名稱為jerry-chaoskube-6689695476-kchtn，可以用kubectl log命令查看其運行日誌：

kubectl log jerry-chaoskube-6689695476-kchtn

要獲取更多Jerry的原創文章，請關註公眾號"汪子熙":

Kubernetes Helm入門指南