1、下载helm
wget https://get.helm.sh/helm-v3.4.2-linux-amd64.tar.gz
tar xzvf helm-v3.4.2-linux-amd64.tar.gz
cp linux-amd64/helm /usr/local/bin/
2、添加国内源
helm repo add stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
helm repo add jenkins https://charts.jenkins.io
[root@k8s01 jenkins]# helm repo list
azure http://mirror.azure.cn/kubernetes/charts/
stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
3、helm 检索下helm内容
[root@k8s01 jenkins]# helm search repo stable/jenkins -l
NAME CHART VERSION APP VERSION DESCRIPTION
stable/jenkins 0.13.5 2.73 Open source continuous integration server. It s...
stable/jenkins 0.13.2 2.73 Open source continuous integration server. It s...
stable/jenkins 0.9.0 2.67 Open source continuous integration server. It s...
stable/jenkins 0.8.6 2.67 Open source continuous integration server. It s...
stable/jenkins 0.8.2 2.67 Open source continuous integration server. It s...
4、创建命名空间
[root@k8s01 jenkins]# kubectl create namespace helm-jenkins
namespace/helm-jenkins created
[root@k8s01 jenkins]# kubectl get namespace
NAME STATUS AGE
default Active 110d
helm-jenkins Active 3s
kube-node-lease Active 110d
kube-public Active 110d
kube-system Active 110d
5、搭建NFS Server
[root@localhost ~]# mkdir /nfs/k8s -p
[root@localhost ~]# chmod 777 /nfs/k8s
[root@localhost ~]# echo "/nfs/k8s 10.0.0.0(rw,async,no_root_squash)" >> /etc/exports
[root@localhost ~]# systemctl start rpcbind
[root@localhost ~]# systemctl start nfs-server
[root@localhost ~]# systemctl enable nfs-server
Created symlink from /etc/systemd/system/multi-user.target.wants/nfs-server.service to /usr/lib/systemd/system/nfs-server.service.
[root@localhost ~]# systemctl enable rpcbind
6、创建pv pvc,查看下nfs权限是否OK
[root@k8s01 storage]# cat pvc.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-test
spec:
capacity:
storage: 1Gi
accessModes:
-
ReadWriteMany
persistentVolumeReclaimPolicy: Recycle
nfs:
path: /nfs/k8s
server: 10.0.0.181kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: pvc-test
spec:
accessModes: - ReadWriteMany
resources:
requests:
storage: 100Mi
验证可以申请pv并且创建pvc
[root@k8s01 storage]# kubectl get pv
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
pv-test 1Gi RWX Recycle Bound default/pvc-test 21s
[root@k8s01 storage]# kubectl get pvc
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
pvc-test Bound pv-test 1Gi RWX 22s
7、创建provsioner
helm install --name my-nfs_v1 --set nfs.server=10.0.0.181 --set nfs.path=/nfs/k8s stable/nfs-client-provisioner
开户rbac授权,安装nfs-storage
apiVersion: v1
kind: ServiceAccount
metadata:
name: nfs-client-provisioner
namespace: default
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: nfs-client-provisioner-runner
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete"] - apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update"] - apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"] -
apiGroups: [""]
resources: ["events"]
verbs: ["create", "update", "patch"]kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: run-nfs-client-provisioner
subjects: -
kind: ServiceAccount
name: nfs-client-provisioner
namespace: default
roleRef:
kind: ClusterRole
name: nfs-client-provisioner-runner
apiGroup: rbac.authorization.k8s.iokind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner
namespace: default
rules: -
apiGroups: [""]
resources: ["endpoints"]
verbs: ["get", "list", "watch", "create", "update", "patch"]kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: leader-locking-nfs-client-provisioner
namespace: default
subjects: - kind: ServiceAccount
name: nfs-client-provisioner
namespace: default
roleRef:
kind: Role
name: leader-locking-nfs-client-provisioner
apiGroup: rbac.authorization.k8s.io
[root@k8s01 storage]# helm install nfs-storage azure/nfs-client-provisioner --set nfs.server=10.0.0.181 --set nfs.path=/nfs/k8s --set storageClass.name=nfs-storage --set storageClass.defaultClass=true
WARNING: This chart is deprecated
NAME: nfs-storage
LAST DEPLOYED: Fri Jan 1 23:49:25 2021
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
申请 pvc资源并验证
[root@k8s01 storage]# cat nfs-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc-storageclass
spec:
storageClassName: "nfs-storage"
accessModes:
- ReadWriteMany
resources:
requests:
storage: 10Mi
[root@k8s01 storage]# kubectl get sc
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
nfs-storage (default) cluster.local/nfs-storage-nfs-client-provisioner Delete Immediate true 42s
[root@k8s01 storage]# kubectl get pvc
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
pvc-storageclass Bound pvc-6b3944f3-522e-4a6a-adc3-f73dcad5df4e 10Mi RWX nfs-storage 7m19s
pvc-test Bound pv-test 1Gi RWX 43m
执行helm 命令安装,由于k8s 1.15版本使用的是apps,helm配置文件用的是beta。需要修改deployment.yaml文件中的apiVersion,改为apps/v1
[root@k8s01 storage]# helm install stable/jenkins -n helm-jenkins
Error: unable to build kubernetes objects from release manifest: unable to recognize "": no matches for kind "Deployment" in version "extensions/v1beta1"
heml pull stable/jenkins
tar xf jenkins-0.13.5.tgz
vim jenkins-master-deployment.yaml
[root@k8s01 storage]# helm install jenkins ./jenkins -n helm-jenkins
查看jenkins登陆地址
登陆master节点的31700端口