Skip to main content

Helm

brew install helm

# 客户端版本
helm version

helm repo add stable http://mirror.azure.cn/kubernetes/charts/
helm search repo stable

helm show values stable/nextcloud
helm pull stable/nextcloud
helm pull stable/nextcloud --untar

# 安装本地 chart
helm install --namespace apisix -f values.yaml apisix ./

helm create my-chart

路径

系统缓存配置数据
Linux$HOME/.cache/helm$HOME/.config/helm$HOME/.local/share/helm
macOS$HOME/Library/Caches/helm$HOME/Library/Preferences/helm$HOME/Library/helm
Windows%TEMP%\helm%APPDATA%\helm%APPDATA%\helm
  • /
    • cache/
      • archive/
    • plugins/
    • repository/
      • repositories.lock
      • repositories.yaml
      • cache/
        • ${NAME}-index.yaml
      • local/
        • index.yaml
    • starters/

常用仓库

NAMEURL
wener
offcial collection		https://wenerme.github.io/charts
https://charts.wener.tech/
traefikhttps://containous.github.io/traefik-helm-chart
jetstackhttps://charts.jetstack.io
hashicorphttps://helm.releases.hashicorp.com
harborhttps://helm.goharbor.io
bitnamihttps://charts.bitnami.com/bitnami
Deprecaed⚠️
stablehttps://kubernetes-charts.storage.googleapis.com/
incubatorhttps://kubernetes-charts-incubator.storage.googleapis.com
stable
azure mirror		http://mirror.azure.cn/kubernetes/charts/
incubator
azure mirror		http://mirror.azure.cn/kubernetes/charts-incubator/

仓库

index.yaml

local

helm repo reindex local-repo

chartmuseum

# 本地存储
docker run --rm -it \
  -p 8080:8080 \
  -e DEBUG=1 \
  -e STORAGE=local \
  -e STORAGE_LOCAL_ROOTDIR=/charts \
  -v $(pwd)/charts:/charts \
  --name chartmuseum chartmuseum/chartmuseum:latest

# UI
# https://github.com/chartmuseum/ui
docker run --rm -it \
  -p 80:8080 \
  -e CHART_MUSESUM_URL: http://chartmuseum:8080 \
  --link chartmuseum:chartmuseum \
  --name chartmuseumui idobry/chartmuseumui:latest
# Aliyun OSS
# ALIBABA_CLOUD_ACCESS_KEY_ID
# ALIBABA_CLOUD_ACCESS_KEY_SECRET
chartmuseum --debug --port=8080 \
  --storage="alibaba" \
  --storage-alibaba-bucket="my-oss-bucket" \
  --storage-alibaba-prefix="" \
  --storage-alibaba-endpoint="oss-cn-beijing.aliyuncs.com"

registry

# < 3.8.0
export HELM_EXPERIMENTAL_OCI=1

helm registry login -u myuser index.docker.io

# 推送到服务器
helm push argo-cd-5.45.1.tgz oci://index.docker.io/wcharts/
helm pull oci://index.docker.io/wcharts/argo-cd:5.45.1

# 推送新的 tgz
# https://hub.docker.com/u/wcharts
# ls -tr -l --time-style=+"%Y-%m-%d %H:%M:%S" | awk '{print $6, $7, $8}' | tail # 最新的
LAST=$(ls -lt | grep ^- | head -n1 | awk '{print $NF}')
git pull
# https://hub.docker.com/r/wcharts/sealed-secrets/tags
find . -iname '*.tgz' -newer $LAST | xargs -I {} -n 1 helm push {} oci://index.docker.io/wcharts

find . -type f -newermt 2017-09-24
find . -type f -newerat 2017-09-25
name: argocd
apiVersion: v2
dependencies:
  - name: argo-cd
    version: 5.45.1
    repository: oci://registry-1.docker.io/wcharts

version: 1.0.0

repo

helm repo add --username=admin myrepo https://xx.xx.xx.xx
# helm plugin install https://github.com/chartmuseum/helm-push
helm push hello-helm-0.1.0.tgz myrepo

Helm 模板

# https://helm.sh/docs/chart_template_guide/
helm install --debug --dry-run goodly-guppy ./mychart

# 渲染单个模板 - 用于测试排查问题
helm template ./mychart --show-only templates/values.yaml > values.yaml
# 渲染整个 chart
helm template ./mychart

Helm Operator

FAQ

oci registry vs chart repository

  • OCI
    • 实验阶段
    • 可直接使用现有 Docker 仓库基础设施
    • 仓库方可能对 chart 支持还不是很好 - Chart 元信息可能展现不完善
    • 部分仓库还不支持
    • Helm 3+
  • Repo
    • Helm 2+
    • 简单易理解 - HTTP 静态文件服务 - 提供 index.yaml 作为索引
    • 现有仓库功能相对完善

helm repo index merge

  • helm repo index --merge 需要不同的目录才能生效 
# 方案A: copy 目录
cp -r charts last
# update charts
helm repo index --merge last/index.yaml charts

# 方案B: 存储在别的位置
helm repo index --merge charts/index.yaml newer
rsync newer/ charts/

unpacked charts cannot be verified