kubernetes Helm之通過kubeapps使用圖形部署helm應用
kubeapps應用可以爲Helm提供web UI界面管理。
一、部署kubeapps
首先需要添加一個第三方庫:
[root@server1 helm]# helm repo add bitnami https://charts.bitnami.com/bitnami
"bitnami" has been added to your repositories
[root@server1 helm]#
[root@server1 helm]# helm search repo kubeapps
NAME CHART VERSION APP VERSION DESCRIPTION
bitnami/kubeapps 3.6.0 v1.10.0 Kubeapps is a dashboard for your Kubernetes clu...
最新的版本是3.6.0,我們使用3.4.3,拉取解壓部署文件:
[root@server1 helm]# helm pull bitnami/kubeapps --version 3.4.3
[root@server1 helm]# ls
kubeapps-3.4.3.tgz nfs-client-provisioner nginx-ingress pvc.yaml
mychart nfs-client-provisioner-1.2.8.tgz nginx-ingress-1.36.3.tgz
[root@server1 helm]# tar zxf kubeapps-3.4.3.tgz
[root@server1 helm]# ls
kubeapps mychart nfs-client-provisioner-1.2.8.tgz nginx-ingress-1.36.3.tgz
kubeapps-3.4.3.tgz nfs-client-provisioner nginx-ingress pvc.yaml
[root@server1 helm]# cd kubeapps/
[root@server1 kubeapps]# ls
charts Chart.yaml crds README.md requirements.lock requirements.yaml templates values.schema.json values.yaml
可以發現對比以前的應用多了一個requirements.yaml文件,這個文件定義了應用的依賴性:
[root@server1 kubeapps]# cat requirements.yaml
dependencies:
- name: mongodb
version: ">= 0"
repository: https://kubernetes-charts.storage.googleapis.com
condition: mongodb.enabled
- name: postgresql
version: ">= 0"
repository: https://kubernetes-charts.storage.googleapis.com
condition: postgresql.enabled
可以看出其依賴mongodb以及postgresql。
部署kubeapps需要的鏡像:
可以在變量文件中查看鏡像的版本,爲了方便這裏新建了一個harbor項目bitnami(文件中的鏡像就是這個地址)。
編輯變量文件:
[root@server1 kubeapps]# vim values.yaml
默認鏡像倉庫爲docker.io我們需要在全局指定我們的鏡像倉庫:
使用helm v3版本:
打開ingress並指定主機名:
定義初始化倉庫:
其他的我們不做更改。
安裝:
[root@server1 kubeapps]# kubectl create namespace kubeapps
namespace/kubeapps created
[root@server1 kubeapps]# helm -n kubeapps install kubeapps .
等待一會查看狀態:
[root@server1 kubeapps]# kubectl -n kubeapps get all
NAME READY STATUS RESTARTS AGE
pod/apprepo-kubeapps-sync-bitnami-1589314200-j8w4d 0/1 Completed 0 28m
pod/apprepo-kubeapps-sync-bitnami-1589314800-6rcsc 0/1 Completed 0 18m
pod/apprepo-kubeapps-sync-bitnami-1589315400-86k5k 0/1 Completed 4 8m2s
pod/apprepo-kubeapps-sync-bitnami-nzpwn-7nt47 0/1 Completed 2 115m
pod/apprepo-kubeapps-sync-stable-1589314200-j5h4j 0/1 Completed 0 28m
pod/apprepo-kubeapps-sync-stable-1589314800-xnsnm 0/1 Completed 0 18m
pod/apprepo-kubeapps-sync-stable-1589315400-n79lb 0/1 Completed 0 8m2s
pod/apprepo-kubeapps-sync-stable-f2m2x-7bsfb 0/1 Completed 0 115m
pod/kubeapps-6688575df9-cqt2m 1/1 Running 0 116m
pod/kubeapps-6688575df9-j7qx6 1/1 Running 0 116m
pod/kubeapps-internal-apprepository-controller-8cdf54665-d7fgv 1/1 Running 0 116m
pod/kubeapps-internal-assetsvc-6b94785ffb-6rwzm 1/1 Running 3 116m
pod/kubeapps-internal-assetsvc-6b94785ffb-vvk9l 1/1 Running 2 116m
pod/kubeapps-internal-dashboard-6b65678647-54vc4 1/1 Running 0 116m
pod/kubeapps-internal-dashboard-6b65678647-dpkms 1/1 Running 0 116m
pod/kubeapps-internal-kubeops-59887fdbf8-hgqpr 1/1 Running 0 116m
pod/kubeapps-internal-kubeops-59887fdbf8-mm9x8 1/1 Running 0 116m
pod/kubeapps-mongodb-685d4c95d9-lmr2h 1/1 Running 0 116m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubeapps ClusterIP 10.104.41.207 <none> 80/TCP 116m
service/kubeapps-internal-assetsvc ClusterIP 10.107.221.83 <none> 8080/TCP 116m
service/kubeapps-internal-dashboard ClusterIP 10.102.5.115 <none> 8080/TCP 116m
service/kubeapps-internal-kubeops ClusterIP 10.102.76.222 <none> 8080/TCP 117m
service/kubeapps-mongodb ClusterIP 10.104.39.53 <none> 27017/TCP 116m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/kubeapps 2/2 2 2 116m
deployment.apps/kubeapps-internal-apprepository-controller 1/1 1 1 116m
deployment.apps/kubeapps-internal-assetsvc 2/2 2 2 116m
deployment.apps/kubeapps-internal-dashboard 2/2 2 2 116m
deployment.apps/kubeapps-internal-kubeops 2/2 2 2 116m
deployment.apps/kubeapps-mongodb 1/1 1 1 116m
NAME DESIRED CURRENT READY AGE
replicaset.apps/kubeapps-6688575df9 2 2 2 116m
replicaset.apps/kubeapps-internal-apprepository-controller-8cdf54665 1 1 1 116m
replicaset.apps/kubeapps-internal-assetsvc-6b94785ffb 2 2 2 116m
replicaset.apps/kubeapps-internal-dashboard-6b65678647 2 2 2 116m
replicaset.apps/kubeapps-internal-kubeops-59887fdbf8 2 2 2 116m
replicaset.apps/kubeapps-mongodb-685d4c95d9 1 1 1 116m
NAME COMPLETIONS DURATION AGE
job.batch/apprepo-kubeapps-sync-bitnami-1589314200 1/1 14s 28m
job.batch/apprepo-kubeapps-sync-bitnami-1589314800 1/1 17s 18m
job.batch/apprepo-kubeapps-sync-bitnami-1589315400 1/1 2m31s 8m2s
job.batch/apprepo-kubeapps-sync-bitnami-nzpwn 1/1 6m 115m
job.batch/apprepo-kubeapps-sync-stable-1589314200 1/1 27s 28m
job.batch/apprepo-kubeapps-sync-stable-1589314800 1/1 26s 18m
job.batch/apprepo-kubeapps-sync-stable-1589315400 1/1 22s 8m2s
job.batch/apprepo-kubeapps-sync-stable-f2m2x 1/1 3m43s 115m
NAME SCHEDULE SUSPEND ACTIVE LAST SCHEDULE AGE
cronjob.batch/apprepo-kubeapps-sync-bitnami */10 * * * * False 0 8m9s 115m
cronjob.batch/apprepo-kubeapps-sync-stable */10 * * * * False 0 8m9s 115m
可以看出創建了兩個cronjob,每隔10分鐘同步我們定義的兩個倉庫。
部署成功
二、kubeapps的登陸
首先需要做解析:
[root@foundation63 ~]# cat /etc/hosts
......
172.25.63.3 kubeapps.redhat.org www1.westos.org www2.westos.org www3.westos.org
瀏覽器訪問kubeapps.redhat.org:
需要token登陸,因此我們需要創建sa併爲其附加cluster-admin的權限:
[root@server1 kubeapps]# kubectl create serviceaccount kubeapps-operator -n kubeapps
serviceaccount/kubeapps-operator created
[root@server1 kubeapps]#
[root@server1 kubeapps]# kubectl -n kubeapps get sa
NAME SECRETS AGE
default 1 122m
kubeapps-internal-apprepository-controller 1 122m
kubeapps-internal-kubeops 1 122m
kubeapps-operator 1 6s
[root@server1 kubeapps]#
[root@server1 kubeapps]# kubectl create clusterrolebinding kubeapps-operator --clusterrole=cluster-admin --serviceaccount=kubeapps:kubeapps-operator
clusterrolebinding.rbac.authorization.k8s.io/kubeapps-operator created
查看token:
[root@server1 kubeapps]# kubectl -n kubeapps describe sa kubeapps-operator
Name: kubeapps-operator
Namespace: kubeapps
Labels: <none>
Annotations: <none>
Image pull secrets: <none>
Mountable secrets: kubeapps-operator-token-5gb84
Tokens: kubeapps-operator-token-5gb84
Events: <none>
[root@server1 kubeapps]# kubectl -n kubeapps describe secrets kubeapps-operator-token-5gb84
Name: kubeapps-operator-token-5gb84
Namespace: kubeapps
Labels: <none>
Annotations: kubernetes.io/service-account.name: kubeapps-operator
kubernetes.io/service-account.uid: aa9f9695-e250-4f89-962b-225e375a198d
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1025 bytes
namespace: 8 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6Ilp5SmtWcG42LUZiMGhaR3Rac3dUT01HQ0RkdFpvaE00ZkNGNnJuend6dmMifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlYXBwcyIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlYXBwcy1vcGVyYXRvci10b2tlbi01Z2I4NCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlYXBwcy1vcGVyYXRvciIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImFhOWY5Njk1LWUyNTAtNGY4OS05NjJiLTIyNWUzNzVhMTk4ZCIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlYXBwczprdWJlYXBwcy1vcGVyYXRvciJ9.ecyGNwfTqXS7JyhNFXqjfS0iYZT5lbwE0iRETJHOqNF75w1DzVD88RNQ8ofgWqqQtPTJXDCyEkSmKaRR0re55DAifdvmx5qtySN07j7sjznsoNk1doKKWRMjV_zBzNGfB-XPL1JGgDPP2pTRR6_sBnpG2mhS6RhJ3fcVjgJF_B10LXw6Fhi-HeyAMhY9i4hAtWb6sDOkPGPp4NTJTQhlgDWRg7HHGrfW-v-gsvUzIl8Rn-sD3NXR6NRhuvenCdyTMbetVRrZrRa_tdSDjA6WA4c8qgVs_y5rROLsRb0-K1FEOnWV937GA8VCrS0mq-BCzGUP94_Z6DfgNMvxuHb4ig
複製token到網頁端登陸:
登陸成功。
三、kubeapps的使用
查看所有的namespace:
上面展示的就是我們之前部署過的應用。
添加自己的chart庫
因爲我們倉庫的地址爲reg.westos.org,在pod內不能解析這個地址,因此我們首先需要添加pod內解析:
[root@server1 kubeapps]# kubectl -n kube-system get cm
NAME DATA AGE
coredns 1 25d
extension-apiserver-authentication 6 25d
kube-flannel-cfg 2 25d
kube-proxy 2 25d
kubeadm-config 2 25d
kubelet-config-1.18 1 25d
[root@server1 kubeapps]# kubectl -n kube-system edit cm coredns
configmap/coredns edited
之後網頁端添加倉庫:
信息填寫完成後安裝。
安裝後會進行同步。
[root@server1 kubeapps]# kubectl -n kubeapps get pod
NAME READY STATUS RESTARTS AGE
......
apprepo-kubeapps-sync-mychart-5xqzz-mh72q 0/1 Completed 0 49s
apprepo-kubeapps-sync-mychart-c6m9f-qlgk9 0/1 ContainerCreating 0 27s
apprepo-kubeapps-sync-mychart-q5kbv-kngz4 0/1 Completed 0 30s
......
同步完成後會顯示Completed。
在網頁端就可以搜到:
點進入可以看到兩個版本0.1.0和0.2.0:
使用chart部署ingress-nginx應用
點擊Deploy:
更改部署文件,使用ingress:
更改後提交,等待一會變成ready:
測試訪問:
部署成功。
更新應用
點擊Upgrade,更改版本號:
更改後點擊提交:
再次訪問發現應用已更新:
應用回滾
等待ready後,再次測試訪問:
可以看出已經回滾到了v1.
應用刪除
可以看出通過kubeapps圖形部署應用極大的簡化了我們部署helm應用的過程。