安装

安装Helm-client

建议：将helm client安装在k8s的master节点上

我们通过编译好的二进文件进行安装。从https://github.com/helm/helm/releases下载最新版本的压缩包（此时最新版本为v2.13.1，linux系统一般下载linux-amd64）。下载后解压，然后把其中的heml可执行文件拷贝到/usr/local/bin/目录下

$ wget https://storage.googleapis.com/kubernetes-helm/helm-v2.13.1-linux-amd64.tar.gz
$ tar xzvf helm-v2.13.1-linux-amd64.tar.gz
$ cp -vf linux-amd64/helm /usr/local/bin/

然后执行helm help即可看到帮助信息。

安装tiller

集群内安装

最简单的安装tiller的方法就是执行helm init命令，这样helm client便会把tiller安装到k8s集群中。

[root@peng01 linux-amd64]# helm init
Creating /root/.helm
Creating /root/.helm/repository
Creating /root/.helm/repository/cache
Creating /root/.helm/repository/local
Creating /root/.helm/plugins
Creating /root/.helm/starters
Creating /root/.helm/cache/archive
Creating /root/.helm/repository/repositories.yaml
Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com
Adding local repo with URL: http://127.0.0.1:8879/charts
$HELM_HOME has been configured at /root/.helm.

Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.

Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.
To prevent this, run `helm init` with the --tiller-tls-verify flag.
For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation
Happy Helming!

这里你可能会有疑问，helm client是如何知道把tiller安装到哪个集群中的呢？其实，helm client会读取环境变量KUBECONFIG的配置，即kubectl可以连接到哪个集群，则helm client就能连接到哪个集群，所以我们都是建议将helm client安装在k8s的master节点上。

helm init默认会连接https://kubernetes-charts.storage.googleapis.com以及去storage.googleapis.com拉取镜像，很容易被墙。可以通过以下的方法指定tiller镜像版本及stable-repo-url

$ helm init --upgrade --tiller-image registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.13.1 --stable-repo-url https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts

当我们把tiller安装在k8s集群中时，由于tiller需要访问apiserver，所以需要给tiller配置serviceaccount并给该serviceaccount授权。

$ kubectl create serviceaccount --namespace kube-system tiller
$ kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller

然后，更改tiller-deploy使用tiller这个ServiceAccount

$ kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'

当安装好以后，执行helm version命令即可查看tiller的状态

$ helm version
Client: &version.Version{SemVer:"v2.13.1", GitCommit:"618447cbf203d147601b4b9bd7f8c37a5d39fbb4", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.13.1", GitCommit:"618447cbf203d147601b4b9bd7f8c37a5d39fbb4", GitTreeState:"clean"}

发布一个chart

执行命令helm install stable/tomcat:0.2.0即可安装一个chart，但由于stable这个repository在google，国内访问不了，所以我们可以先翻墙把这个chart下载下来，然后再安装：

$ wget https://kubernetes-charts.storage.googleapis.com/tomcat-0.2.0.tgz 

$ helm install ./tomcat-0.2.0.tgz 
NAME:   incendiary-saola
LAST DEPLOYED: Thu Apr 25 09:07:25 2019
NAMESPACE: default
STATUS: DEPLOYED

RESOURCES:
==> v1/Pod(related)
NAME                                      READY  STATUS    RESTARTS  AGE
incendiary-saola-tomcat-79dbb4ccd7-s8rmt  0/1    Init:0/1  0         0s

==> v1/Service
NAME                     TYPE          CLUSTER-IP      EXTERNAL-IP  PORT(S)       AGE
incendiary-saola-tomcat  LoadBalancer  10.109.200.121  <pending>    80:32604/TCP  0s

==> v1beta2/Deployment
NAME                     READY  UP-TO-DATE  AVAILABLE  AGE
incendiary-saola-tomcat  0/1    1           0          0s


NOTES:
1. Get the application URL by running these commands:
     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
           You can watch the status of by running 'kubectl get svc -w incendiary-saola-tomcat'
  export SERVICE_IP=$(kubectl get svc --namespace default incendiary-saola-tomcat -o jsonpath='{.status.loadBalancer.ingress[0].hostname}')
  echo http://$SERVICE_IP:

执行该命令后，会在default命令空间中生成了一个名字包含tomcat的Deployment与Service。

$ kubectl get deploy | grep tomcat
incendiary-saola-tomcat    1/1     1            1           15m

$ kubectl get service | grep tomcat
incendiary-saola-tomcat    LoadBalancer   10.109.200.121   <pending>     80:32604/TCP   15m

Reference

• https://helm.sh/docs/using_helm/#installing-helm

• https://www.hi-linux.com/posts/21466.html