1. 개요


2. 설치

mkdir -p ~/environment
cd ~/environment
curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get > get_helm.sh
chmod +x get_helm.sh
./get_helm.sh

실행해보자.

$ ./get_helm.sh
Downloading https://get.helm.sh/helm-v2.15.2-linux-amd64.tar.gz
Preparing to install helm and tiller into /usr/local/bin
helm installed into /usr/local/bin/helm
tiller installed into /usr/local/bin/tiller
Run 'helm init' to configure helm.

3. tiller

tiller를 위한 계정 및 권한을 설정하는 과정이다.

3.1. RBAC 설정

~/environment/rbac.yaml

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: tiller
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: tiller
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
  - kind: ServiceAccount
    name: tiller
    namespace: kube-system

3.2. 적용

$ kubectl apply -f ~/environment/rbac.yaml
serviceaccount/tiller created
clusterrolebinding.rbac.authorization.k8s.io/tiller created

3.3. 설치

$ helm init --service-account tiller
Creating /home/ubuntu/.helm
Creating /home/ubuntu/.helm/repository
Creating /home/ubuntu/.helm/repository/cache
Creating /home/ubuntu/.helm/repository/local
Creating /home/ubuntu/.helm/plugins
Creating /home/ubuntu/.helm/starters
Creating /home/ubuntu/.helm/cache/archive
Creating /home/ubuntu/.helm/repository/repositories.yaml
Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com
Adding local repo with URL: http://127.0.0.1:8879/charts
$HELM_HOME has been configured at /home/ubuntu/.helm.

Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.

Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.
To prevent this, run `helm init` with the --tiller-tls-verify flag.
For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation

4. Tomcat 설치 예제

4.1. Repo 추가

$ helm repo add bitnami https://charts.bitnami.com
"bitnami" has been added to your repositories

4.2. Chart 설치

$ helm install bitnami/tomcat --version 2.1.3
NAME:   prodding-dingo
LAST DEPLOYED: Thu Oct 31 05:23:39 2019
NAMESPACE: default
STATUS: DEPLOYED

RESOURCES:
==> v1/PersistentVolumeClaim
NAME                   STATUS   VOLUME  CAPACITY  ACCESS MODES  STORAGECLASS  AGE
prodding-dingo-tomcat  Pending  gp2     0s        Filesystem

==> v1/Pod(related)
NAME                                    READY  STATUS   RESTARTS  AGE
prodding-dingo-tomcat-6c9bb449b9-4nhvl  0/1    Pending  0         0s

==> v1/Secret
NAME                   TYPE    DATA  AGE
prodding-dingo-tomcat  Opaque  1     0s

==> v1/Service
NAME                   TYPE          CLUSTER-IP      EXTERNAL-IP  PORT(S)       AGE
prodding-dingo-tomcat  LoadBalancer  10.100.102.164      80:31685/TCP  0s

==> v1beta1/Deployment
NAME                   READY  UP-TO-DATE  AVAILABLE  AGE
prodding-dingo-tomcat  0/1    1           0          0s

NOTES:

** Please be patient while the chart is being deployed **

1. Get the Tomcat URL by running:

** Please ensure an external IP is associated to the prodding-dingo-tomcat service before proceeding **
** Watch the status using: kubectl get svc --namespace default -w prodding-dingo-tomcat **

  export SERVICE_IP=$(kubectl get svc --namespace default prodding-dingo-tomcat --template "{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}")
  echo URL            : http://$SERVICE_IP/
  echo Management URL : http://$SERVICE_IP/manager

2. Login with the following credentials

  echo Username: user
  echo Password: $(kubectl get secret --namespace default prodding-dingo-tomcat -o jsonpath="{.data.tomcat-password}" | base64 --decode)

4.3. 확인

$ kubectl get pod
NAME                                     READY   STATUS    RESTARTS   AGE
prodding-dingo-tomcat-6c9bb449b9-4nhvl   0/1     Running   0          42s
$ kubectl get svc
NAME                    TYPE           CLUSTER-IP       EXTERNAL-IP                                                                   PORT(S)        AGE
kubernetes              ClusterIP      10.100.0.1                                                                                     443/TCP        3h57m
prodding-dingo-tomcat   LoadBalancer   10.100.102.164   a988a7aedfb9e11e993ec028861b4444-997498888.ap-northeast-2.elb.amazonaws.com   80:31685/TCP   46s
 

4.4. 접속

위의 EXTERNAL-IP에 있는 URL로 접속하면 된다. (80포트) 이것은 실제로는 ELB이므로 AWS의 Load Balancer에서도 동일하게 확인이 된다.


5. 기타

$ helm list
NAME            REVISION        UPDATED                         STATUS          CHART           APP VERSION     NAMESPACE
prodding-dingo  1               Thu Oct 31 05:23:39 2019        DEPLOYED        tomcat-2.1.3    8.5.38          default

6. 주요 커맨드

helm package .
helm init -c
helm init -c --skip-refresh