Helm的使用(部署dashboard仪表盘)

文章目录


前言

一、Helm是什么?

Helm 是 Kubernetes 的开源包管理器。它提供了提供、共享和使用为 Kubernetes 构建的软件的能力.
使用前提:

  1. 一个 Kubernetes 集群
  2. 确定你安装版本的安全配置
  3. 安装和配置Helm。

二、安装

1.helm3安装

  1. 首先去helm官网下载压缩包,按照官方的步骤操作即可。
    Helm的使用(部署dashboard仪表盘)

  2. 然后进行解压,并将linux-amd64中的helm移动到/usr/local/bin目录中。

[root@master helm]# ll
总用量 13384
-rw-r--r-- 1 root root 13701153 7月  14 17:35 helm-v3.6.2-linux-amd64.tar.gz
[root@master helm]# tar -xzvf helm-v3.6.2-linux-amd64.tar.gz 
linux-amd64/
linux-amd64/helm
linux-amd64/LICENSE
linux-amd64/README.md
[root@master helm]# ll
总用量 13384
-rw-r--r-- 1 root root 13701153 7月  14 17:35 helm-v3.6.2-linux-amd64.tar.gz
drwxr-xr-x 2 3434 3434       50 6月  29 23:41 linux-amd64
[root@master helm]# cd linux-amd64/
[root@master linux-amd64]# ll
总用量 44068
-rwxr-xr-x 1 3434 3434 45109248 6月  29 23:31 helm
-rw-r--r-- 1 3434 3434    11373 6月  29 23:41 LICENSE
-rw-r--r-- 1 3434 3434     3367 6月  29 23:41 README.md
[root@master linux-amd64]# cp helm /usr/local/bin
[root@master helm]# chmod u+x /usr/local/bin/helm 
 version.BuildInfo{Version:"v3.6.2", 
 GitCommit:"ee407bdf364942bcb8e8c665f82e15aa28009b71", 
 GitTreeState:"clean", GoVersion:"go1.16.5"}
[root@master helm]#

2.helm2安装

  1. 安装helm客户端
[root@master helm]# wget https://get.helm.sh/helm-v2.15.2-linux-amd64.tar.gz
-rw-r--r-- 1 root root 24525846 10月 30 2019 helm-v2.15.2-linux-amd64.tar.gz
[root@master helm]# tar -xzvf helm-v2.15.2-linux-amd64.tar.gz 
drwxr-xr-x 2 root root       64 10月 30 2019 linux-amd64
[root@master helm]# cp  helm /usr/local/bin/
[root@master helm]# chmod u+x /usr/local/bin/helm 
  1. 安装Tiller server(需要创建授权用户)

vim rbac-config.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: tiller
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: tiller
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
  - kind: ServiceAccount
    name: tiller
    namespace: kube-syste
[root@master helm]# kubectl create -f rbac-config.yaml 
serviceaccount/tiller created
clusterrolebinding.rbac.authorization.k8s.io/tiller created
[root@master helm]# helm init --service-account=tiller
$HELM_HOME has been configured at /root/.helm.

Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.

Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.
To prevent this, run `helm init` with the --tiller-tls-verify flag.
For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation
[root@master helm]# kubectl get pod -n kube-system 
NAME                             READY   STATUS             RESTARTS   AGE
coredns-7ff77c879f-llqmd         1/1     Running            2          4d5h
coredns-7ff77c879f-vn2z2         1/1     Running            2          4d5h
etcd-master                      1/1     Running            2          4d5h
kube-apiserver-master            1/1     Running            2          4d5h
kube-controller-manager-master   1/1     Running            2          4d5h
kube-flannel-ds-bq4tr            1/1     Running            3          4d4h
kube-flannel-ds-j9jhg            1/1     Running            0          9h
kube-flannel-ds-mxkb8            1/1     Running            0          144m
kube-proxy-fdrqk                 1/1     Running            0          37h
kube-proxy-h8rkp                 1/1     Running            2          4d5h
kube-proxy-vm6kq                 1/1     Running            0          25h
kube-scheduler-master            1/1     Running            3          4d5h
tiller-deploy-6d59867c45-ll2g8   0/1     ImagePullBackOff   0          13m
# tiller的镜像没有下载成功,需要修改到阿里云的镜像
[root@master helm]# kubectl  edit  pod tiller-deploy-6d59867c45-ll2g8 -n kube-system
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: "2021-07-14T14:54:01Z"
  generateName: tiller-deploy-6d59867c45-
  labels:
    app: helm
    name: tiller
    pod-template-hash: 6d59867c45
  managedFields:
  - apiVersion: v1
    fieldsType: FieldsV1
......#此处省略
spec:
  automountServiceAccountToken: true
  containers:
  - env:
    - name: TILLER_NAMESPACE
      value: kube-system
    - name: TILLER_HISTORY_MAX
      value: "0"
    image: gcr.io/kubernetes-helm/tiller:v2.15.2
   #image: registry.cn-hangzhou.aliyuncs.com/google_containers/tiller:v2.15.2 替换即可
    imagePullPolicy: IfNotPresent
    livenessProbe:
      failureThreshold: 3
      httpGet:
        path: /liveness
        port: 44135
        scheme: HTTP
      initialDelaySeconds: 1
      periodSeconds: 10
      successThreshold: 1
      timeoutSeconds: 1
    name: tiller
    ......
  1. 配置Helm仓库
[root@master helm]# helm repo list # 查看仓库列表 默认是谷歌的
NAME  	URL                                             
stable	https://kubernetes-charts.storage.googleapis.com
local 	http://127.0.0.1:8879/charts                    
[root@master helm]#  helm repo add stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts # 替换为阿里云的镜像
"stable" has been added to your repositories
[root@master helm]# helm repo list 
NAME  	URL                                                   
stable	https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
local 	http://127.0.0.1:8879/charts                          
[root@master helm]# helm repo update # 更新仓库
Hang tight while we grab the latest from your chart repositories...
...Skip local chart repository
...Successfully got an update from the "stable" chart repository
Update Complete.
[root@master helm]# helm version # 只有Client和Server同时出现完成 最后就完成安装了。
Client: &version.Version{SemVer:"v2.15.2", GitCommit:"8dce272473e5f2a7bf58ce79bb5c3691db54c96b", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.15.2", GitCommit:"8dce272473e5f2a7bf58ce79bb5c3691db54c96b", GitTreeState:"clean"}

三、部署dashboard

  1. 我的k8s集群环境是Kubernetes v1.18.0,需要去找到兼容的dashboard版本,这里使用的dashboard版本是v2.0.1.

  2. 请查看helm官方文档中安装的步骤。
    Helm的使用(部署dashboard仪表盘)
    Helm的使用(部署dashboard仪表盘)
    Helm的使用(部署dashboard仪表盘)
    Helm的使用(部署dashboard仪表盘)

  3. 执行命令

[root@master dashboard]#helm repo add k8s-dashboard https://kubernetes.github.io/dashboard
[root@master dashboard]# helm install  k8s-dashboard/kubernetes-dashboard -n kubernetes-dashboard --namespace kube-system  --version 2.0.1  必须要指定命名空间--namespace helm2 同时需要指定Chart的名称 -name
NAME:   kubernetes-dashboard
LAST DEPLOYED: Thu Jul 15 22:33:45 2021
NAMESPACE: kube-system
STATUS: DEPLOYED

RESOURCES:
==> v1/ClusterRole
NAME                          AGE
kubernetes-dashboard-metrics  0s

==> v1/ClusterRoleBinding
NAME                          AGE
kubernetes-dashboard-metrics  0s

==> v1/Deployment
NAME                  READY  UP-TO-DATE  AVAILABLE  AGE
kubernetes-dashboard  0/1    1           0          0s

==> v1/Pod(related)
NAME                                  READY  STATUS             RESTARTS  AGE
kubernetes-dashboard-6b6487b96-7jhz2  0/1    ContainerCreating  0         0s

==> v1/Role
NAME                  AGE
kubernetes-dashboard  0s

==> v1/RoleBinding
NAME                  AGE
kubernetes-dashboard  0s

==> v1/Secret
NAME                             TYPE    DATA  AGE
kubernetes-dashboard-certs       Opaque  0     0s
kubernetes-dashboard-csrf        Opaque  0     0s
kubernetes-dashboard-key-holder  Opaque  0     0s

==> v1/Service
NAME                  TYPE       CLUSTER-IP    EXTERNAL-IP  PORT(S)  AGE
kubernetes-dashboard  ClusterIP  10.97.183.66  <none>       443/TCP  0s

==> v1/ServiceAccount
NAME                  SECRETS  AGE
kubernetes-dashboard  1        0s


NOTES:
*********************************************************************************
*** PLEASE BE PATIENT: kubernetes-dashboard may take a few minutes to install ***
*********************************************************************************

Get the Kubernetes Dashboard URL by running:
  export POD_NAME=$(kubectl get pods -n kube-system -l "app.kubernetes.io/name=kubernetes-dashboard,app.kubernetes.io/instance=kubernetes-dashboard" -o jsonpath="{.items[0].metadata.name}")
  echo https://127.0.0.1:8443/
  kubectl -n kube-system port-forward $POD_NAME 8443:8443
  #编辑kubernetes-dashboard 类型为NodePort
[root@master dashboard]# kubectl edit svc kubernetes-dashboard -n kube-system  
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: "2021-07-15T14:33:47Z"
  labels:
    app.kubernetes.io/component: kubernetes-dashboard
    app.kubernetes.io/instance: kubernetes-dashboard
    app.kubernetes.io/managed-by: Tiller
    app.kubernetes.io/name: kubernetes-dashboard
    app.kubernetes.io/version: 2.0.1
    helm.sh/chart: kubernetes-dashboard-2.0.1
    kubernetes.io/cluster-service: "true"
  managedFields:
  - apiVersion: v1
    fieldsType: FieldsV1
    fieldsV1:
      f:metadata:
        f:labels:
          .: {}
          f:app.kubernetes.io/component: {}
          f:app.kubernetes.io/instance: {}
          f:app.kubernetes.io/managed-by: {}
          f:app.kubernetes.io/name: {}
          f:app.kubernetes.io/version: {}
          f:helm.sh/chart: {}
          f:kubernetes.io/cluster-service: {}
      f:spec:
        f:ports:
          .: {}
          k:{"port":443,"protocol":"TCP"}:
            .: {}
            f:name: {}
            f:port: {}
            f:protocol: {}
            f:targetPort: {}
        f:selector:
          .: {}
          f:app.kubernetes.io/component: {}
          f:app.kubernetes.io/instance: {}
          f:app.kubernetes.io/name: {}
        f:sessionAffinity: {}
    manager: Go-http-client
    operation: Update
    time: "2021-07-15T14:33:47Z"
  - apiVersion: v1
    fieldsType: FieldsV1
    fieldsV1:
      f:spec:
        f:externalTrafficPolicy: {}
        f:type: {}
    manager: kubectl
    operation: Update
    time: "2021-07-15T14:35:05Z"
  name: kubernetes-dashboard
  namespace: kube-system
  resourceVersion: "582640"
  selfLink: /api/v1/namespaces/kube-system/services/kubernetes-dashboard
  uid: 59ed5213-a5e2-4717-afad-0b3c7a25709e
spec:
  clusterIP: 10.97.183.66
  externalTrafficPolicy: Cluster
  ports:
  - name: https
    nodePort: 31709
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    app.kubernetes.io/component: kubernetes-dashboard
    app.kubernetes.io/instance: kubernetes-dashboard
    app.kubernetes.io/name: kubernetes-dashboard
  sessionAffinity: None
  type: NodePort
status:
  loadBalancer: {}

[root@master dashboard]# kubectl get svc -o wide -n kube-system 
NAME                   TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)                  AGE     SELECTOR
kube-dns               ClusterIP   10.96.0.10     <none>        53/UDP,53/TCP,9153/TCP   5d4h    k8s-app=kube-dns
kubernetes-dashboard   NodePort    10.97.183.66   <none>        443:31709/TCP            2m52s   app.kubernetes.io/component=kubernetes-dashboard,app.kubernetes.io/instance=kubernetes-dashboard,app.kubernetes.io/name=kubernetes-dashboard
tiller-deploy          ClusterIP   10.99.39.200   <none>        44134/TCP                23h     app=helm,name=tiller

[root@master dashboard]# kubectl -n kube-system get secret | grep kubernetes-dashboard-token  
kubernetes-dashboard-token-t42mf                 kubernetes.io/service-account-token   3      97s
[root@master dashboard]# kubectl describe secret kubernetes-dashboard-token-t42mf -n kube-system 
Name:         kubernetes-dashboard-token-t42mf
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: kubernetes-dashboard
              kubernetes.io/service-account.uid: c9ecb062-434c-49e2-a9b6-61dd680247b1

Type:  kubernetes.io/service-account-token

Data
====
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IkwtM25SRno5RE9GcUJucmFRRktvQXZIajlkZmZnTTZzRndqT2Z0eldTRUUifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi10NDJtZiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImM5ZWNiMDYyLTQzNGMtNDllMi1hOWI2LTYxZGQ2ODAyNDdiMSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.b7ETa4u-ydUSuQKCftMYU5jSc7x8aXUybrAFPqrF05b2KRuyvj5QDSRDq4OQBw-geKRufGRRHG0T6GkwKkbN3i3Nzye0XUjKDktZaqzCZ1L3hPWMU85tW1AoIIvvY8BedvpghFbQU_W-CgJSx6HESWjtQcMdRPl9iWLUln-iixXgUiH-lV46FaCgCRu14RXINzKb--o4VSVTnu_tbm0wJ5Y4TXi5cO1JMiSKeV81CJHFgy4cqCMf61eCbAmrqq8tUlcZp1Pax1cYmQJ1X4KwlHjEklEXeH-MQFI6pojNSQwikjkbaBVsHx1n0nGahbNJluTDDMwmJ9XGzU6T9yOOFA
ca.crt:     1025 bytes
namespace:  11 bytes

  1. 访问dashboard(使用的是火狐,谷歌可能会有问题)
    Helm的使用(部署dashboard仪表盘)

  2. 输入刚刚查询到Token,登录成功
    Helm的使用(部署dashboard仪表盘)

上一篇:2021-07-16


下一篇:监控EC2的预留实例使用情况并设置使用率告警