Charts describe a set of Kubernetes resources – e.g. a full web app stack with HTTP servers, databases, caches, etc.
requirements.yaml
defines dependencies using:
Tags: like Ansible
Condition: enabled / disabled – always override tags.
See https://github.com/helm/helm/blob/master/docs/charts.md
Manage charts with helm
:
- create – creates chart
- package – packages
- lint – checks formatting
Getting started with Helm:
1. check kubectl config – i.e. using local minikube
kubectl config view | grep current
2. start helm
helm init
https://medium.com/@anthonyganga/getting-started-with-helm-tiller-in-kubernetes-part-one-3250aa99c6ac
Installing MySQL as a Helm Chart
Running helm install stable/mysql
(which uses: https://github.com/helm/charts/tree/master/stable/mysql )
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59
|
helm install stable/mysql NAME: queenly-seahorse LAST DEPLOYED: Mon Nov 5 11:22:13 2018 NAMESPACE: default STATUS: DEPLOYED RESOURCES: ==> v1/Secret NAME AGE queenly-seahorse-mysql 0s ==> v1/ConfigMap queenly-seahorse-mysql-test 0s ==> v1/PersistentVolumeClaim queenly-seahorse-mysql 0s ==> v1/Service queenly-seahorse-mysql 0s ==> v1beta1/Deployment queenly-seahorse-mysql 0s ==> v1/Pod(related) NAME READY STATUS RESTARTS AGE queenly-seahorse-mysql-6dc964999c-h4w54 0/1 Pending 0 0s NOTES: MySQL can be accessed via port 3306 on the following DNS name from within your cluster: queenly-seahorse-mysql.default.svc.cluster.local To get your root password run: MYSQL_ROOT_PASSWORD=$(kubectl get secret --namespace default queenly-seahorse-mysql -o jsonpath="{.data.mysql-root-password}" | base64 --decode; echo) To connect to your database: 1. Run an Ubuntu pod that you can use as a client: kubectl run -i --tty ubuntu --image=ubuntu:16.04 --restart=Never -- bash -il 2. Install the mysql client: $ apt-get update && apt-get install mysql-client -y 3. Connect using the mysql cli, then provide your password: $ mysql -h queenly-seahorse-mysql -p To connect to your database directly from outside the K8s cluster: MYSQL_HOST=127.0.0.1 MYSQL_PORT=3306 # Execute the following command to route the connection: kubectl port-forward svc/queenly-seahorse-mysql 3306 mysql -h ${MYSQL_HOST} -P${MYSQL_PORT} -u root -p${MYSQL_ROOT_PASSWORD} |
Let’s test we can connect to MySQL.
From the output, let’s get the MySQL password:
kubectl get secret --namespace default queenly-seahorse-mysql -o jsonpath="{.data.mysql-root-password}" | base64 --decode; echo
Copy.
Note: you could have got the pod name with:
kubectl get pods
Now exec into MySQL with:
kubectl exec -it queenly-seahorse-mysql-6dc964999c-h4w54 bash
Install MySQL client:
apt-get update && apt-get install mysql-client -y --force-yes
and connect with:
mysql -h localhost -p
More on:
- kubectl commands here: Kubernetes: kubectl
- MySQL Notes here: https://github.com/helm/charts/blob/master/stable/mysql/templates/NOTES.txt
Installing WordPress as a Helm Chart
|
<span class="pl-s1">helm install --name my-release stable/wordpress</span> |
List with
helm list
and delete with
helm delete my-release
https://github.com/helm/charts/tree/master/stable/wordpress
Errors
Error: no available release name found
https://github.com/helm/helm/issues/3055
also
https://stackoverflow.com/questions/43499971/helm-error-no-available-release-name-found/43513182
Error: Get https://10.96.0.1:443/api/v1/namespaces/kube-system/configmaps?labelSelector=OWNER%!D(MISSING)TILLER: dial tcp 10.96.0.1:443: i/o timeout
When you do a helm list
From https://github.com/helm/helm/issues/3055#issuecomment-385371327
suggests
kubectl delete
the tiller service and deployment.)
|
$ kubectl create serviceaccount --namespace kube-system tiller $ kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller $ helm init --service-account tiller |
So: kubectl delete tiller-deploy-6fd8d857bc-fp5s2
error: resource(s) were provided, but no name, label selector, or –all flag specified
kubectl list
Error: unknown command “list” for “kubectl”
This suggests deleting tiller using
helm reset
but this gives:
|
helm reset Error: Get https://10.96.0.1:443/api/v1/namespaces/kube-system/configmaps?labelSelector=OWNER%!D(MISSING)TILLER: dial tcp 10.96.0.1:443: i/o timeout |
https://stackoverflow.com/questions/47583821/how-to-delete-tiller-from-kubernetes-cluster
and helm ls
|
Error: Get https://10.96.0.1:443/api/v1/namespaces/kube-system/configmaps?labelSelector=OWNER%!D(MISSING)TILLER: dial tcp 10.96.0.1:443: i/o timeout |
Another, not very helpful, issue on why you can’t delete tiller:
https://github.com/helm/helm/issues/3536
Checking tiller:
kubectl get deploy -n kube-system
|
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE coredns 1 1 1 1 12d kube-dns 1 1 1 0 71d kubernetes-dashboard 1 1 1 0 71d tiller-deploy 1 1 1 1 8d |
To see pods in kube-system
kubectl get pods –namespace kube-system
e.g.
tiller-deploy-6fd8d857bc-fp5s2 1/1 Running 7 8d
Notes:
Tiller namespaces and RBAC
Namespaces are for different environments. E.g. production, staging.
https://medium.com/@amimahloof/how-to-setup-helm-and-tiller-with-rbac-and-namespaces-34bf27f7d3c3
RBAC and Service Accounts:
https://docs.helm.sh/using_helm/#securing-your-helm-installation
Further reading
Use ksonnet to generate Kubernetes configurations from Helm Charts