kubernetes 学习之helm包管理器离线安装nfs-client-provisioner
施雅懿
前言:
helm是k8s的专有包管理器,使用helm的chart包可以快速简单的实现一个或者多个微服务的部署,好处太多在这就不说了,当然,坏处也是有的,就是定制化部署比较困难,因此,本次实验目的是通过下载的chart包,离线部署实现nfs的存储类实现,并在nfs的存储类实现的基础上,通过helm部署一个redis简单的集群。
实验步骤:
一,
首先,我们需要一个关于helm的nfs-client-provisioner的chart包,在此基础上将该包的内容做适当的修改,然后通过helm快递的部署一个nfs的存储类。
其次,需要一个redis的关于helm的chart包,不修改此包,直接通过helm快速部署一个简单的redis集群。
相关chart包以及镜像在以下链接:
链接:https://pan.baidu.com/s/1LXZRo1kmFE_5bsLZuc1X9A?pwd=k8ss
提取码:k8ss
二,
helm的安装
这个比较简单了,上传NFS目录下的helm文件到服务器,放入系统环境变量内即可。命令是:
mv helm /usr/local/bin/ &&chmod a+x /usr/local/bin/helm三,
自定义 PROVISIONER
这一步需要修改chart文件nfs-client-provisioner-0.1.1.tgz,将该文件解压后,可以看到一个文件夹:
[root@master ~]# ls nfs-client-provisioner
Chart.yaml templates values.yaml编辑values.yaml这个文件(该文件是一个模板文件):
image:
repository: registry.cn-shanghai.aliyuncs.com/c7n/nfs-client-provisioner
tag: v3.1.0-k8s1.11
pullPolicy: IfNotPresent
strategy:
type: Recreate
storageClass:
name: nfs-client-provisioner
provisioner: nfs-client-provisioner
archiveOnDelete: true
这个provisioner的值修改为自己想要的值即可。修改完毕后删除原tar包nfs-client-provisioner-0.1.1.tgz,重新使用helm打包即可。
rm -rf nfs-client-provisioner-0.1.1.tgz
helm package ./nfs-client-provisioner四,
在部署之前,需要将镜像registry.cn-shanghai.aliyuncs.com_c7n_nfs-client-provisioner_v3.1.0-k8s1.11.tar导入到集群各个节点内,导入命令为:
docker load <registry.cn-shanghai.aliyuncs.com_c7n_nfs-client-provisioner_v3.1.0-k8s1.11.tar部署nfs的存储类
helm install nfs-client-provisioner ./nfs-client-provisioner-0.1.1.tgz --set rbac.create=true --set persistence.enabled=true --set storageClass.name=nfs-provisioner --set persistence.nfsServer=192.168.217.16 --set persistence.nfsPath=/data/nfs-sc --version 0.1.2 --namespace kube-system参数说明:
--set storageClass.name=nfs-provisioner #这个值自定义
--set persistence.nfsServer=192.168.217.16 #这里是nfs服务器的IP地址,根据实际情况填写
--set persistence.nfsPath=/data/nfs-sc #这里是nfs服务的共享目录,也是根据实际填写,我定义的是/data/nfs-sc
--set rbac.create=true #这个不能更改
--version 0.1.2 #这里的版本定义,可自定义
--namespace kube-system # namespace不要使用default,一般是设置为kube-system
helm非常的方便,一般部署服务都是一句话就搞定了,nfs的存储类部署也是同样的简单,下面做一个简单的测试:
(1)获取sc信息,验证提供者provisioner是否正确:
[root@master ~]# k get sc
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
nfs-provisioner (default) nfs-client-provisioner Delete Immediate false 21m
(2)
为了以后使用的方便,将该StorageClass设置为默认存储类:
kubectl patch storageclass nfs-provisioner -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'(3)
helm查看部署的是否正确:
[root@master ~]# helm list -A
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
nfs-client-provisioner kube-system 1 2022-07-17 17:49:21.281270901 +0800 CST deployed nfs-client-provisioner-0.1.1 v3.1.0-k8s1.11
(4)
查看nfs存储类的pod是否运行正常:
[root@master ~]# k get po -A |grep nfs
kube-system nfs-client-provisioner-57c749cf94-s5vmr 1/1 Running 0 26m
五,
安装redis集群:
这个就非常简单了,一条命令就可以了,因为是使用的默认设置,当然,也可以像nfs存储类一样,修改values.yaml 文件重新打包
解压redis的chart包:
tar zxf redis-16.4.1.tgz镜像导入:
registry.hand-china.com_tools_redis_6.2.6-debian-10-r120这个镜像在集群各个节点都导入,导入命令:
docker load <registry.hand-china.com_tools_redis_6.2.6-debian-10-r120
直接部署:
helm install redis ./redis --namespace kube-system此命令输出如下:
NAME: redis
LAST DEPLOYED: Sun Jul 17 17:54:25 2022
NAMESPACE: kube-system
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: redis
CHART VERSION: 16.4.1
APP VERSION: 6.2.6
** Please be patient while the chart is being deployed **
Redis™ can be accessed on the following DNS names from within your cluster:
redis-master.kube-system.svc.cluster.local for read/write operations (port 6379)
redis-replicas.kube-system.svc.cluster.local for read-only operations (port 6379)
To get your password run:
export REDIS_PASSWORD=$(kubectl get secret --namespace kube-system redis -o jsonpath="{.data.redis-password}" | base64 --decode)
To connect to your Redis™ server:
1. Run a Redis™ pod that you can use as a client:
kubectl run --namespace kube-system redis-client --restart='Never' --env REDIS_PASSWORD=$REDIS_PASSWORD --image registry.hand-china.com/tools/redis:6.2.6-debian-10-r120 --command -- sleep infinity
Use the following command to attach to the pod:
kubectl exec --tty -i redis-client \
--namespace kube-system -- bash
2. Connect using the Redis™ CLI:
REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h redis-master
REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h redis-replicas
To connect to your database from outside the cluster execute the following commands:
kubectl port-forward --namespace kube-system svc/redis-master : &
REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h 127.0.0.1 -p
单元测试:
(1)
查看pvc和pv是否正常:
[root@master ~]# k get pvc -A
NAMESPACE NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
kube-system redis-data-redis-master-0 Bound pvc-0a788b58-a806-43ac-9c80-8d35684587d4 8Gi RWO nfs-provisioner 52m
kube-system redis-data-redis-replicas-0 Bound pvc-cca6d8b0-1f2f-437a-bcdd-f978234cc551 8Gi RWO nfs-provisioner 52m
kube-system redis-data-redis-replicas-1 Bound pvc-d2ec683c-9d18-4d91-9bb4-b7995814d76e 8Gi RWO nfs-provisioner 51m
kube-system redis-data-redis-replicas-2 Bound pvc-ea3d3d4f-255b-493d-8406-d9c563054c08 8Gi RWO nfs-provisioner 51m
[root@master ~]# k get pv -A
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
pvc-0a788b58-a806-43ac-9c80-8d35684587d4 8Gi RWO Delete Bound kube-system/redis-data-redis-master-0 nfs-provisioner 52m
pvc-cca6d8b0-1f2f-437a-bcdd-f978234cc551 8Gi RWO Delete Bound kube-system/redis-data-redis-replicas-0 nfs-provisioner 52m
pvc-d2ec683c-9d18-4d91-9bb4-b7995814d76e 8Gi RWO Delete Bound kube-system/redis-data-redis-replicas-1 nfs-provisioner 51m
pvc-ea3d3d4f-255b-493d-8406-d9c563054c08 8Gi RWO Delete Bound kube-system/redis-data-redis-replicas-2 nfs-provisioner 51m
(2)
执行命令获取redis集群的密码:
[root@master ~]# kubectl get secret --namespace kube-system redis -o jsonpath="{.data.redis-password}" | base64 --decode
u2vXM3RHVM查看pod:
u2vXM3RHVM[root@master ~]# k get po -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-6c76c8bb89-tfcrm 1/1 Running 4 34d
kube-system coredns-6c76c8bb89-vnlwg 1/1 Running 4 34d
kube-system etcd-c7n.cnn 1/1 Running 4 34d
kube-system kube-apiserver-c7n.cnn 1/1 Running 4 34d
kube-system kube-controller-manager-c7n.cnn 1/1 Running 2 81m
kube-system kube-flannel-ds-hgx56 1/1 Running 3 33h
kube-system kube-flannel-ds-nwgv8 1/1 Running 3 33h
kube-system kube-flannel-ds-r8ckj 1/1 Running 3 33h
kube-system kube-proxy-7v5mj 1/1 Running 4 34d
kube-system kube-proxy-mtttm 1/1 Running 4 34d
kube-system kube-proxy-zwmwf 1/1 Running 4 34d
kube-system kube-scheduler-c7n.cnn 1/1 Running 2 81m
kube-system nfs-client-provisioner-57c749cf94-s5vmr 1/1 Running 0 60m
kube-system redis-master-0 1/1 Running 0 55m
kube-system redis-replicas-0 1/1 Running 0 55m
kube-system redis-replicas-1 1/1 Running 0 54m
kube-system redis-replicas-2 1/1 Running 0 54m
登录redis的master节点:
[root@master ~]# kubectl exec --tty -i redis-master-0 --namespace kube-system -- bash命令输出如下:
[root@master ~]# kubectl exec --tty -i redis-master-0 --namespace kube-system -- bash
I have no name!连接redis数据库(使用前面查询出来的密码登录该集群的master):
I have no name!@redis-master-0:/$ redis-cli -h redis-master -a u2vXM3RHVM
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
redis-master:6379> auth u2vXM3RHVM
OK
redis-master:6379> set msg fuck
OK
redis-master:6379> get msg
"fuck"
多说一句,如果想要固定redis集群的密码,可以修改values.yaml 文件的这一段:
global:
imageRegistry: ""
## E.g.
## imagePullSecrets:
## - myRegistryKeySecretName
##
imagePullSecrets: []
storageClass: ""
redis:
password: ""自定义的密码添加完毕后,使用helm重新打包这个文件夹即可,然后在重新安装,如果正常的话,集群将会使用自定义的固定密码,打包命令:
helm package ./redis/重新打包后的安装命令是:
helm upgrade --install redis ./redis-16.4.1.tgz --namespace kube-system
类似资料: