Helm是Kubernetes的包管理工具,文章详细介绍了Helm的三大核心概念——Chart(应用程序包)、Repository(存储和共享Chart的仓库)和Release(Chart在集群中的实例)。此外,还列举了Helm的各种命令,如搜索、安装、升级、查看状态、回滚和卸载Release等,以及如何创建自己的Chart。
目录
helm search hub/repo - 查找可用的Charts
helm show values - 查看Chart的values.yaml内容
helm get values - 查看release设置的value
helm history - 查看release版本历史信息
helm uninstall - 删除(卸载)release
Helm三大概念
Chart
Chart是Helm的包。它包含在 Kubernetes 集群内部运行应用程序,工具或服务所需的所有资源定义。可视作Yum RPM 在Kubernetes 中的等价物。
Repository
Repository(仓库) 是用来存放和共享 charts 的地方。
Release
Release 是运行在 Kubernetes 集群中的 chart 的实例。一个 chart 通常可以在同一个集群中安装多次。每一次安装都会创建一个新的 release。
Helm 安装 charts 到 Kubernetes 集群中,每次安装都会创建一个新的 release。你可以在 Helm 的 chart repositories 中寻找新的 chart。
Helm相关命令
helm 命令公共参数
Global Flags:
--debug enable verbose output
--kube-apiserver string the address and the port for the Kubernetes API server
--kube-as-group stringArray group to impersonate for the operation, this flag can be repeated to specify multiple groups.
--kube-as-user string username to impersonate for the operation
--kube-ca-file string the certificate authority file for the Kubernetes API server connection
--kube-context string name of the kubeconfig context to use
--kube-token string bearer token used for authentication
--kubeconfig string path to the kubeconfig file
-n, --namespace string namespace scope for this request
--registry-config string path to the registry config file (default "/root/.config/helm/registry/config.json")
--repository-cache string path to the file containing cached repository indexes (default "/root/.cache/helm/repository")
--repository-config string path to the file containing repository names and URLs (default "/root/.config/helm/repositories.yaml")helm search hub/repo - 查找可用的Charts
- helm search hub 从 Artifact Hub 中查找并列出 helm charts。 Artifact Hub中存放了大量不同的仓库。
- helm search repo 从你添加(使用
helm repo add REPO_NAME URL)到本地 helm 客户端中的仓库中进行查找。该命令基于本地数据进行搜索,无需连接互联网。
helm repo - 仓库操作
- helm repo list - 查看配置的仓库
- helm repo add - 添加新的仓库
- helm repo remove - 移除仓库
helm install - 安装Chart
Usage:
helm install [NAME] [CHART] [flags]
Flags:
--atomic if set, the installation process deletes the installation on failure. The --wait flag will be set automatically if --atomic is used
--ca-file string verify certificates of HTTPS-enabled servers using this CA bundle
--cert-file string identify HTTPS client using this SSL certificate file
--create-namespace create the release namespace if not present
--dependency-update update dependencies if they are missing before installing the chart
--description string add a custom description
--devel use development versions, too. Equivalent to version '>0.0.0-0'. If --version is set, this is ignored
--disable-openapi-validation if set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema
--dry-run simulate an install
-g, --generate-name generate the name (and omit the NAME parameter)
-h, --help help for install
--insecure-skip-tls-verify skip tls certificate checks for the chart download
--key-file string identify HTTPS client using this SSL key file
--keyring string location of public keys used for verification (default "/root/.gnupg/pubring.gpg")
--name-template string specify template used to name the release
--no-hooks prevent hooks from running during install
-o, --output format prints the output in the specified format. Allowed values: table, json, yaml (default table)
--pass-credentials pass credentials to all domains
--password string chart repository password where to locate the requested chart
--post-renderer postrenderer the path to an executable to be used for post rendering. If it exists in $PATH, the binary will be used, otherwise it will try to look for the executable at the given path (default exec)
--render-subchart-notes if set, render subchart notes along with the parent
--replace re-use the given name, only if that name is a deleted release which remains in the history. This is unsafe in production
--repo string chart repository url where to locate the requested chart
--set stringArray set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)
--set-file stringArray set values from respective files specified via the command line (can specify multiple or separate values with commas: key1=path1,key2=path2)
--set-string stringArray set STRING values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)
--skip-crds if set, no CRDs will be installed. By default, CRDs are installed if not already present
--timeout duration time to wait for any individual Kubernetes operation (like Jobs for hooks) (default 5m0s)
--username string chart repository username where to locate the requested chart
-f, --values strings specify values in a YAML file or a URL (can specify multiple)
--verify verify the package before using it
--version string specify a version constraint for the chart version to use. This constraint can be a specific tag (e.g. 1.1.1) or it may reference a valid range (e.g. ^2.0.0). If this is not specified, the latest version is used
--wait if set, will wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment, StatefulSet, or ReplicaSet are in a ready state before marking the release as successful. It will wait for as long as --timeout
--wait-for-jobs if set and --wait enabled, will wait until all Jobs have been completed before marking the release as successful. It will wait for as long as --timeout
常用参数:
-n 指定namespace
--values / -f 使用 YAML 文件覆盖配置。可以指定多次,优先使用最右边的文件。
--set 通过命令行的方式对指定配置进行赋值。
helm install 命令可以从多个来源进行安装:
- chart 的仓库(如上所述)
- 本地 chart 压缩包(helm install foo foo-0.1.1.tgz)
- 解压后的 chart 目录(helm install foo path/to/foo)
- 完整的 URL(helm install foo https://example.com/charts/foo-1.2.3.tgz)
Helm按照以下顺序安装资源:
Namespace
NetworkPolicy
ResourceQuota
LimitRange
PodSecurityPolicy
PodDisruptionBudget
ServiceAccount
Secret
SecretList
ConfigMap
StorageClass
PersistentVolume
PersistentVolumeClaim
CustomResourceDefinition
ClusterRole
ClusterRoleList
ClusterRoleBinding
ClusterRoleBindingList
Role
RoleList
RoleBinding
RoleBindingList
Service
DaemonSet
Pod
ReplicationController
ReplicaSet
Deployment
HorizontalPodAutoscaler
StatefulSet
Job
CronJob
Ingress
APIServicehelm status - 查看release状态
Usage:
helm status RELEASE_NAME [flags]
Flags:
-h, --help help for status
-o, --output format prints the output in the specified format. Allowed values: table, json, yaml (default table)
--revision int if set, display the status of the named release with revision
--show-desc if set, display the description message of the named release
helm show values - 查看Chart的values.yaml内容
Usage:
helm show values [CHART] [flags]
Flags:
--ca-file string verify certificates of HTTPS-enabled servers using this CA bundle
--cert-file string identify HTTPS client using this SSL certificate file
--devel use development versions, too. Equivalent to version '>0.0.0-0'. If --version is set, this is ignored
-h, --help help for values
--insecure-skip-tls-verify skip tls certificate checks for the chart download
--jsonpath string supply a JSONPath expression to filter the output
--key-file string identify HTTPS client using this SSL key file
--keyring string location of public keys used for verification (default "/root/.gnupg/pubring.gpg")
--pass-credentials pass credentials to all domains
--password string chart repository password where to locate the requested chart
--repo string chart repository url where to locate the requested chart
--username string chart repository username where to locate the requested chart
--verify verify the package before using it
--version string specify a version constraint for the chart version to use. This constraint can be a specific tag (e.g. 1.1.1) or it may reference a valid range (e.g. ^2.0.0). If this is not specified, the latest version is used
helm get values - 查看release设置的value
Usage:
helm get values RELEASE_NAME [flags]
Flags:
-a, --all dump all (computed) values
-h, --help help for values
-o, --output format prints the output in the specified format. Allowed values: table, json, yaml (default table)
--revision int get the named release with revision
helm upgrade - release更新
Usage:
helm upgrade [RELEASE] [CHART] [flags]
Flags:
--atomic if set, upgrade process rolls back changes made in case of failed upgrade. The --wait flag will be set automatically if --atomic is used
--ca-file string verify certificates of HTTPS-enabled servers using this CA bundle
--cert-file string identify HTTPS client using this SSL certificate file
--cleanup-on-fail allow deletion of new resources created in this upgrade when upgrade fails
--create-namespace if --install is set, create the release namespace if not present
--dependency-update update dependencies if they are missing before installing the chart
--description string add a custom description
--devel use development versions, too. Equivalent to version '>0.0.0-0'. If --version is set, this is ignored
--disable-openapi-validation if set, the upgrade process will not validate rendered templates against the Kubernetes OpenAPI Schema
--dry-run simulate an upgrade
--force force resource updates through a replacement strategy
-h, --help help for upgrade
--history-max int limit the maximum number of revisions saved per release. Use 0 for no limit (default 10)
--insecure-skip-tls-verify skip tls certificate checks for the chart download
-i, --install if a release by this name doesn't already exist, run an install
--key-file string identify HTTPS client using this SSL key file
--keyring string location of public keys used for verification (default "/root/.gnupg/pubring.gpg")
--no-hooks disable pre/post upgrade hooks
-o, --output format prints the output in the specified format. Allowed values: table, json, yaml (default table)
--pass-credentials pass credentials to all domains
--password string chart repository password where to locate the requested chart
--post-renderer postrenderer the path to an executable to be used for post rendering. If it exists in $PATH, the binary will be used, otherwise it will try to look for the executable at the given path (default exec)
--render-subchart-notes if set, render subchart notes along with the parent
--repo string chart repository url where to locate the requested chart
--reset-values when upgrading, reset the values to the ones built into the chart
--reuse-values when upgrading, reuse the last release's values and merge in any overrides from the command line via --set and -f. If '--reset-values' is specified, this is ignored
--set stringArray set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)
--set-file stringArray set values from respective files specified via the command line (can specify multiple or separate values with commas: key1=path1,key2=path2)
--set-string stringArray set STRING values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)
--skip-crds if set, no CRDs will be installed when an upgrade is performed with install flag enabled. By default, CRDs are installed if not already present, when an upgrade is performed with install flag enabled
--timeout duration time to wait for any individual Kubernetes operation (like Jobs for hooks) (default 5m0s)
--username string chart repository username where to locate the requested chart
-f, --values strings specify values in a YAML file or a URL (can specify multiple)
--verify verify the package before using it
--version string specify a version constraint for the chart version to use. This constraint can be a specific tag (e.g. 1.1.1) or it may reference a valid range (e.g. ^2.0.0). If this is not specified, the latest version is used
--wait if set, will wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment, StatefulSet, or ReplicaSet are in a ready state before marking the release as successful. It will wait for as long as --timeout
--wait-for-jobs if set and --wait enabled, will wait until all Jobs have been completed before marking the release as successful. It will wait for as long as --timeout常用
--description string 添加描述
每当发生了一次安装、升级或回滚操作,revision 的值就会加1。第一次 revision 的值永远是1。我们可以使用
helm history [RELEASE]命令来查看一个特定 release 的修订版本号。
helm history - 查看release版本历史信息
Usage:
helm history RELEASE_NAME [flags]
Aliases:
history, hist
Flags:
-h, --help help for history
--max int maximum number of revision to include in history (default 256)
-o, --output format prints the output in the specified format. Allowed values: table, json, yaml (default table)helm rollback - release版本回滚
Usage:
helm rollback <RELEASE> [REVISION] [flags]
Flags:
--cleanup-on-fail allow deletion of new resources created in this rollback when rollback fails
--dry-run simulate a rollback
--force force resource update through delete/recreate if needed
-h, --help help for rollback
--history-max int limit the maximum number of revisions saved per release. Use 0 for no limit (default 10)
--no-hooks prevent hooks from running during rollback
--recreate-pods performs pods restart for the resource if applicable
--timeout duration time to wait for any individual Kubernetes operation (like Jobs for hooks) (default 5m0s)
--wait if set, will wait until all Pods, PVCs, Services, and minimum number of Pods of a Deployment, StatefulSet, or ReplicaSet are in a ready state before marking the release as successful. It will wait for as long as --timeout
--wait-for-jobs if set and --wait enabled, will wait until all Jobs have been completed before marking the release as successful. It will wait for as long as --timeouthelm uninstall - 删除(卸载)release
Usage:
helm uninstall RELEASE_NAME [...] [flags]
Aliases:
uninstall, del, delete, un
Flags:
--description string add a custom description
--dry-run simulate a uninstall
-h, --help help for uninstall
--keep-history remove all associated resources and mark the release as deleted, but retain the release history
--no-hooks prevent hooks from running during uninstallation
--timeout duration time to wait for any individual Kubernetes operation (like Jobs for hooks) (default 5m0s)
--wait if set, will wait until all the resources are deleted before returning. It will wait for as long as --timeout在 Helm 3 中,删除也会移除 release 的记录。 如果你想保留删除记录,使用
helm uninstall --keep-history。使用helm list --uninstalled只会展示使用了--keep-history删除的 release。
helm list --all会展示 Helm 保留的所有 release 记录,包括失败或删除的条目(指定了--keep-history)
helm list / ls - 查看release
Usage:
helm list [flags]
Aliases:
list, ls
Flags:
-a, --all show all releases without any filter applied
-A, --all-namespaces list releases across all namespaces
-d, --date sort by release date
--deployed show deployed releases. If no other is specified, this will be automatically enabled
--failed show failed releases
-f, --filter string a regular expression (Perl compatible). Any releases that match the expression will be included in the results
-h, --help help for list
-m, --max int maximum number of releases to fetch (default 256)
--offset int next release index in the list, used to offset from start value
-o, --output format prints the output in the specified format. Allowed values: table, json, yaml (default table)
--pending show pending releases
-r, --reverse reverse the sort order
-l, --selector string Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2). Works only for secret(default) and configmap storage backends.
-q, --short output short (quiet) listing format
--superseded show superseded releases
--time-format string format time using golang time formatter. Example: --time-format "2006-01-02 15:04:05Z0700"
--uninstalled show uninstalled releases (if 'helm uninstall --keep-history' was used)
--uninstalling show releases that are currently being uninstalledhelm create - 创建自己的Chart
Usage:
helm create NAME [flags]
Flags:
-h, --help help for create
-p, --starter string the name or absolute path to Helm starter scaffold其他更多helm子命令
Usage:
helm [command]
Available Commands:
completion generate autocompletion scripts for the specified shell
create create a new chart with the given name
dependency manage a chart's dependencies
env helm client environment information
get download extended information of a named release
help Help about any command
history fetch release history
install install a chart
lint examine a chart for possible issues
list list releases
package package a chart directory into a chart archive
plugin install, list, or uninstall Helm plugins
pull download a chart from a repository and (optionally) unpack it in local directory
push push a chart to remote
registry login to or logout from a registry
repo add, list, remove, update, and index chart repositories
rollback roll back a release to a previous revision
search search for a keyword in charts
show show information of a chart
status display the status of the named release
template locally render templates
test run tests for a release
uninstall uninstall a release
upgrade upgrade a release
verify verify that a chart at the given path has been signed and is valid
version print the client version information
扫一扫
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
