制作网站的免费软件,投简历找工作哪个网站好,新站秒收录接口,千旺crm客户管理系统1、Helm的概念 Kubernetes包管器 Helm是查找、分享和使用软件构件Kubernetes的最优方式。 Helm管理名为chart的Kubernetes包的工具。Helm可以做以下的事情#xff1a; 从头开始创建新的chat将chart打包成归档tgz)文件与存储chat的仓库进行交互在现有的Kubernetes集群中安装和…1、Helm的概念 Kubernetes包管器 Helm是查找、分享和使用软件构件Kubernetes的最优方式。 Helm管理名为chart的Kubernetes包的工具。Helm可以做以下的事情 从头开始创建新的chat将chart打包成归档tgz)文件与存储chat的仓库进行交互在现有的Kubernetes集群中安装和卸载chart管理与Helm一起安装的chart的发布周期
2、Helm的架构
2.1 Helm的三个重要概念
1.chart创建Kubernetes应用程序所必需的一组信息。2.config包含了可以合并到打包的charte中的配置信息用于创建一个可发布的对象。3.release是一个与特定配置相结台的chart的运行实例
2.2 Helm的组件
2.2.1 Helm客户端
Helm客端是终端 用户的命令行客户端负责以下内容 本地chat开发管理仓库管理发布与Helm库建立接口 发送安装的chart发送升级或卸载现有发布的请求
2.2.2 Helm库
Helm库提供执行所有Helm操作的逻辑。与Kubernetes API服务交互并提供以下功能 结合chat和配置来构建版本将chat安装到Kubernetes中并提供后续发布对象与Kubernetes交互升级和卸载chart 独立的Helm库封装了Helm逻辑以便不同的客户端可以使用它。
3、安装Helm
Helm官网https://helm.sh/zh/docs/intro/quickstart/注安装Helm的时候需要注意k8s的版本
3.1 下载二进制文件
wget https://get.helm.sh/helm-v3.10.0-linux-amd64.tar.gz -O helm-v3.10.0-linux-amd64.tar.gz3.2 解压helm-v3.10.0-linux-amd64.tar.gz
tar-xvf helm-v3.10.0-linux-amd64.tar.gz3.3 将helm的可执行文件复制到/usr/local/bin/目录下 mv linux-amd64/helm /usr/local/bin/3.4 添加Helm的仓库阿里云源
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx4、Helm的常用命令
命令作用helm repo列出、增加、更新、删除chart仓库helm search使用关键词搜索charthelm pull拉取远仓库中的chart到本地helm create在本地创建新的charthelm dependency管理chart 依赖helm install安装charthelm list列出所有releasehelm lint检查chart配置是否有误helm package打包本地charthelm rollback回滚release到历史版本helm uninstall卸载releasehelm upgrade升级release
5、chart
5.1 chart的目录结构
mychart
├── Chart.yaml
├── charts # 该目录保存其他依赖的chart子chart
├── templates # chart配置模板用于渲染最终的kubernetes yaml
│ ├── NOTES.txt # 用户运行helm install的提示信息
│ ├── _helpers.tpl # 用于创建模板时的帮助类
│ ├── deployment.yaml # kubernetes deployment 的配置
│ ├── ingress.yaml # kubernetes ingress 配置
│ ├── service.yaml # kubernetes service 配置
│ ├── serviceaccount.yaml # kubernetes serviceaccount 配置
│ └── tests
│ └── test-connection.yaml
└── values.yaml # 定义chart模板中的自定义配置的默认值5.2 redis chart 实战
5.2.1 修改helm源
[rootk8s-master ~]# helm repo list
NAME URL
ingress-nginx https://kubernetes.github.io/ingress-nginx[rootk8s-master ~]# helm repo add bitnami https://charts.bitnami.com/bitnami
bitnami has been added to your repositories[rootk8s-master ~]# helm repo add azure http://mirror.azure.cn/kubernetes/charts
azure has been added to your repositories[rootk8s-master ~]# helm repo add ali-stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
ali-stable has been added to your repositories[rootk8s-master ~]# helm repo list
NAME URL
ingress-nginx https://kubernetes.github.io/ingress-nginx
bitnami https://charts.bitnami.com/bitnami
azure http://mirror.azure.cn/kubernetes/charts
ali-stable https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts5.2.2 搜索redis chart
搜索redis chart helm search repo redis查看redis chart的描述信息helm show readme bitnami/redis 5.2.3 修改配置安装
# 1、拉取redis的chart包
[rootk8s-master k8s]# helm pull bitnami/redis# 2、解压这个redis的chart包
[rootk8s-master k8s]# tar -xvf redis-18.17.0.tgz
redis/Chart.yaml
redis/Chart.lock
redis/values.yaml
redis/values.schema.json
redis/templates/NOTES.txt
redis/templates/_helpers.tpl
redis/templates/configmap.yaml
redis/templates/extra-list.yaml
redis/templates/headless-svc.yaml
redis/templates/health-configmap.yaml
redis/templates/master/application.yaml
redis/templates/master/psp.yaml
redis/templates/master/pvc.yaml
redis/templates/master/service.yaml
redis/templates/master/serviceaccount.yaml
redis/templates/metrics-svc.yaml
redis/templates/networkpolicy.yaml
redis/templates/pdb.yaml
redis/templates/podmonitor.yaml
redis/templates/prometheusrule.yaml
redis/templates/replicas/application.yaml
redis/templates/replicas/hpa.yaml
redis/templates/replicas/service.yaml
redis/templates/replicas/serviceaccount.yaml
redis/templates/role.yaml
redis/templates/rolebinding.yaml
redis/templates/scripts-configmap.yaml
redis/templates/secret-svcbind.yaml
redis/templates/secret.yaml
redis/templates/sentinel/hpa.yaml
redis/templates/sentinel/node-services.yaml
redis/templates/sentinel/ports-configmap.yaml
redis/templates/sentinel/service.yaml
redis/templates/sentinel/statefulset.yaml
redis/templates/serviceaccount.yaml
redis/templates/servicemonitor.yaml
redis/templates/tls-secret.yaml
redis/.helmignore
redis/README.md
redis/charts/common/Chart.yaml
redis/charts/common/values.yaml
redis/charts/common/templates/_affinities.tpl
redis/charts/common/templates/_capabilities.tpl
redis/charts/common/templates/_errors.tpl
redis/charts/common/templates/_images.tpl
redis/charts/common/templates/_ingress.tpl
redis/charts/common/templates/_labels.tpl
redis/charts/common/templates/_names.tpl
redis/charts/common/templates/_resources.tpl
redis/charts/common/templates/_secrets.tpl
redis/charts/common/templates/_storage.tpl
redis/charts/common/templates/_tplvalues.tpl
redis/charts/common/templates/_utils.tpl
redis/charts/common/templates/_warnings.tpl
redis/charts/common/templates/validations/_cassandra.tpl
redis/charts/common/templates/validations/_mariadb.tpl
redis/charts/common/templates/validations/_mongodb.tpl
redis/charts/common/templates/validations/_mysql.tpl
redis/charts/common/templates/validations/_postgresql.tpl
redis/charts/common/templates/validations/_redis.tpl
redis/charts/common/templates/validations/_validations.tpl
redis/charts/common/.helmignore
redis/charts/common/README.md# 3、修改配置## 修改全局的storageClass制备器这个制备器是之前创建nfs的创建的
global:storageClass: managed-nfs-storage## 修改master节点的service类型内部访问
master:service:type: ClusterIP ## 详细配置文件如下
[rootk8s-master k8s]# cat redis/redis.yaml
global:imageRegistry: imagePullSecrets: []storageClass: managed-nfs-storageredis:password:
kubeVersion:
nameOverride:
fullnameOverride:
namespaceOverride:
commonLabels: {}
commonAnnotations: {}
secretAnnotations: {}
clusterDomain: cluster.local
extraDeploy: []
useHostnames: true
nameResolutionThreshold: 5
nameResolutionTimeout: 5
diagnosticMode:enabled: falsecommand:- sleepargs:- infinity
image:registry: docker.iorepository: bitnami/redistag: 7.2.4-debian-12-r9digest: pullPolicy: IfNotPresentpullSecrets: []debug: false
architecture: replication
auth:enabled: truesentinel: truepassword: existingSecret: existingSecretPasswordKey: usePasswordFiles: falseusePasswordFileFromSecret: true
commonConfiguration: |-appendonly yessave
existingConfigmap:
master:count: 1configuration: disableCommands:- FLUSHDB- FLUSHALLcommand: []args: []enableServiceLinks: truepreExecCmds: []extraFlags: []extraEnvVars: []extraEnvVarsCM: extraEnvVarsSecret: containerPorts:redis: 6379startupProbe:enabled: falseinitialDelaySeconds: 20periodSeconds: 5timeoutSeconds: 5successThreshold: 1failureThreshold: 5livenessProbe:enabled: trueinitialDelaySeconds: 20periodSeconds: 5timeoutSeconds: 5successThreshold: 1failureThreshold: 5readinessProbe:enabled: trueinitialDelaySeconds: 20periodSeconds: 5timeoutSeconds: 1successThreshold: 1failureThreshold: 5customStartupProbe: {}customLivenessProbe: {}customReadinessProbe: {}resourcesPreset: noneresources: {}podSecurityContext:enabled: truefsGroupChangePolicy: Alwayssysctls: []supplementalGroups: []fsGroup: 1001containerSecurityContext:enabled: trueseLinuxOptions: nullrunAsUser: 1001runAsGroup: 0runAsNonRoot: trueallowPrivilegeEscalation: falsereadOnlyRootFilesystem: falseseccompProfile:type: RuntimeDefaultcapabilities:drop: [ALL]kind: StatefulSetschedulerName: updateStrategy:type: RollingUpdateminReadySeconds: 0priorityClassName: automountServiceAccountToken: falsehostAliases: []podLabels: {}podAnnotations: {}shareProcessNamespace: falsepodAffinityPreset: podAntiAffinityPreset: softnodeAffinityPreset:type: key: values: []affinity: {}nodeSelector: {}tolerations: []topologySpreadConstraints: []dnsPolicy: dnsConfig: {}lifecycleHooks: {}extraVolumes: []extraVolumeMounts: []sidecars: []initContainers: []persistence:enabled: truemedium: sizeLimit: path: /datasubPath: subPathExpr: storageClass: accessModes:- ReadWriteOncesize: 1Giannotations: {}labels: {}selector: {}dataSource: {}existingClaim: persistentVolumeClaimRetentionPolicy:enabled: falsewhenScaled: RetainwhenDeleted: Retainservice:type: ClusterIPports:redis: 6379nodePorts:redis: externalTrafficPolicy: ClusterextraPorts: []internalTrafficPolicy: ClusterclusterIP: loadBalancerIP: loadBalancerClass: loadBalancerSourceRanges: []externalIPs: []annotations: {}sessionAffinity: NonesessionAffinityConfig: {}terminationGracePeriodSeconds: 30serviceAccount:create: truename: automountServiceAccountToken: falseannotations: {}
replica:kind: StatefulSetreplicaCount: 3configuration: disableCommands:- FLUSHDB- FLUSHALLcommand: []args: []enableServiceLinks: truepreExecCmds: []extraFlags: []extraEnvVars: []extraEnvVarsCM: extraEnvVarsSecret: externalMaster:enabled: falsehost: port: 6379containerPorts:redis: 6379startupProbe:enabled: trueinitialDelaySeconds: 10periodSeconds: 10timeoutSeconds: 5successThreshold: 1failureThreshold: 22livenessProbe:enabled: trueinitialDelaySeconds: 20periodSeconds: 5timeoutSeconds: 5successThreshold: 1failureThreshold: 5readinessProbe:enabled: trueinitialDelaySeconds: 20periodSeconds: 5timeoutSeconds: 1successThreshold: 1failureThreshold: 5customStartupProbe: {}customLivenessProbe: {}customReadinessProbe: {}resourcesPreset: noneresources: {}podSecurityContext:enabled: truefsGroupChangePolicy: Alwayssysctls: []supplementalGroups: []fsGroup: 1001containerSecurityContext:enabled: trueseLinuxOptions: nullrunAsUser: 1001runAsGroup: 0runAsNonRoot: trueallowPrivilegeEscalation: falsereadOnlyRootFilesystem: falseseccompProfile:type: RuntimeDefaultcapabilities:drop: [ALL]schedulerName: updateStrategy:type: RollingUpdateminReadySeconds: 0priorityClassName: podManagementPolicy: automountServiceAccountToken: falsehostAliases: []podLabels: {}podAnnotations: {}shareProcessNamespace: falsepodAffinityPreset: podAntiAffinityPreset: softnodeAffinityPreset:type: key: values: []affinity: {}nodeSelector: {}tolerations: []topologySpreadConstraints: []dnsPolicy: dnsConfig: {}lifecycleHooks: {}extraVolumes: []extraVolumeMounts: []sidecars: []initContainers: []persistence:enabled: truemedium: sizeLimit: path: /datasubPath: subPathExpr: storageClass: accessModes:- ReadWriteOncesize: 8Giannotations: {}labels: {}selector: {}dataSource: {}existingClaim: persistentVolumeClaimRetentionPolicy:enabled: falsewhenScaled: RetainwhenDeleted: Retainservice:type: ClusterIPports:redis: 6379nodePorts:redis: externalTrafficPolicy: ClusterinternalTrafficPolicy: ClusterextraPorts: []clusterIP: loadBalancerIP: loadBalancerClass: loadBalancerSourceRanges: []annotations: {}sessionAffinity: NonesessionAffinityConfig: {}terminationGracePeriodSeconds: 30autoscaling:enabled: falseminReplicas: 1maxReplicas: 11targetCPU: targetMemory: serviceAccount:create: truename: automountServiceAccountToken: falseannotations: {}
sentinel:enabled: falseimage:registry: docker.iorepository: bitnami/redis-sentineltag: 7.2.4-debian-12-r7digest: pullPolicy: IfNotPresentpullSecrets: []debug: falseannotations: {}masterSet: mymasterquorum: 2getMasterTimeout: 90automateClusterRecovery: falseredisShutdownWaitFailover: truedownAfterMilliseconds: 60000failoverTimeout: 180000parallelSyncs: 1configuration: command: []args: []enableServiceLinks: truepreExecCmds: []extraEnvVars: []extraEnvVarsCM: extraEnvVarsSecret: externalMaster:enabled: falsehost: port: 6379containerPorts:sentinel: 26379startupProbe:enabled: trueinitialDelaySeconds: 10periodSeconds: 10timeoutSeconds: 5successThreshold: 1failureThreshold: 22livenessProbe:enabled: trueinitialDelaySeconds: 20periodSeconds: 10timeoutSeconds: 5successThreshold: 1failureThreshold: 6readinessProbe:enabled: trueinitialDelaySeconds: 20periodSeconds: 5timeoutSeconds: 1successThreshold: 1failureThreshold: 6customStartupProbe: {}customLivenessProbe: {}customReadinessProbe: {}persistence:enabled: falsestorageClass: accessModes:- ReadWriteOncesize: 100Miannotations: {}labels: {}selector: {}dataSource: {}medium: sizeLimit: persistentVolumeClaimRetentionPolicy:enabled: falsewhenScaled: RetainwhenDeleted: RetainresourcesPreset: noneresources: {}containerSecurityContext:enabled: trueseLinuxOptions: nullrunAsUser: 1001runAsGroup: 0runAsNonRoot: trueallowPrivilegeEscalation: falsereadOnlyRootFilesystem: falseseccompProfile:type: RuntimeDefaultcapabilities:drop: [ALL]lifecycleHooks: {}extraVolumes: []extraVolumeMounts: []service:type: ClusterIPports:redis: 6379sentinel: 26379nodePorts:redis: sentinel: externalTrafficPolicy: ClusterextraPorts: []clusterIP: loadBalancerIP: loadBalancerClass: loadBalancerSourceRanges: []annotations: {}sessionAffinity: NonesessionAffinityConfig: {}headless:## param sentinel.service.headless.annotations Annotations for the headless service.##annotations: {}terminationGracePeriodSeconds: 30
serviceBindings:enabled: false
networkPolicy:enabled: trueallowExternal: trueallowExternalEgress: trueextraIngress: []extraEgress: []ingressNSMatchLabels: {}ingressNSPodMatchLabels: {}metrics:allowExternal: trueingressNSMatchLabels: {}ingressNSPodMatchLabels: {}
podSecurityPolicy:create: falseenabled: false
rbac:create: falserules: []
serviceAccount:create: truename: automountServiceAccountToken: falseannotations: {}
pdb:create: falseminAvailable: 1maxUnavailable:
tls:enabled: falseauthClients: trueautoGenerated: falseexistingSecret: certificatesSecret: certFilename: certKeyFilename: certCAFilename: dhParamsFilename:
metrics:enabled: falseimage:registry: docker.iorepository: bitnami/redis-exportertag: 1.58.0-debian-12-r3digest: pullPolicy: IfNotPresentpullSecrets: []containerPorts:http: 9121startupProbe:enabled: falseinitialDelaySeconds: 10periodSeconds: 10timeoutSeconds: 5successThreshold: 1failureThreshold: 5livenessProbe:enabled: trueinitialDelaySeconds: 10periodSeconds: 10timeoutSeconds: 5successThreshold: 1failureThreshold: 5readinessProbe:enabled: trueinitialDelaySeconds: 5periodSeconds: 10timeoutSeconds: 1successThreshold: 1failureThreshold: 3customStartupProbe: {}customLivenessProbe: {}customReadinessProbe: {}command: []redisTargetHost: localhostextraArgs: {}extraEnvVars: []containerSecurityContext:enabled: trueseLinuxOptions: nullrunAsUser: 1001runAsGroup: 0runAsNonRoot: trueallowPrivilegeEscalation: falsereadOnlyRootFilesystem: falseseccompProfile:type: RuntimeDefaultcapabilities:drop: [ALL]extraVolumes: []extraVolumeMounts: []resourcesPreset: noneresources: {}podLabels: {}podAnnotations:prometheus.io/scrape: trueprometheus.io/port: 9121service:enabled: truetype: ClusterIPports:http: 9121externalTrafficPolicy: ClusterextraPorts: []loadBalancerIP: loadBalancerClass: loadBalancerSourceRanges: []annotations: {}clusterIP: serviceMonitor:port: http-metricsenabled: falsenamespace: interval: 30sscrapeTimeout: relabellings: []metricRelabelings: []honorLabels: falseadditionalLabels: {}podTargetLabels: []sampleLimit: falsetargetLimit: falseadditionalEndpoints: []podMonitor:port: metricsenabled: falsenamespace: interval: 30sscrapeTimeout: relabellings: []metricRelabelings: []honorLabels: falseadditionalLabels: {}podTargetLabels: []sampleLimit: falsetargetLimit: falseadditionalEndpoints: []prometheusRule:enabled: falsenamespace: additionalLabels: {}rules: []
volumePermissions:enabled: falseimage:registry: docker.iorepository: bitnami/os-shelltag: 12-debian-12-r16digest: pullPolicy: IfNotPresentpullSecrets: []resourcesPreset: noneresources: {}containerSecurityContext:seLinuxOptions: nullrunAsUser: 0
sysctl:enabled: falseimage:registry: docker.iorepository: bitnami/os-shelltag: 12-debian-12-r16digest: pullPolicy: IfNotPresentpullSecrets: []command: []mountHostSys: falseresourcesPreset: noneresources: {}
useExternalDNS:enabled: falsesuffix: annotationKey: external-dns.alpha.kubernetes.io/additionalAnnotations: {}5.2.4 查看安装情况
[rootk8s-master k8s]# kubectl create namespace redis
[rootk8s-master k8s]# helm install redis ./redis/ -n redis
NAME: redis
LAST DEPLOYED: Thu Feb 29 15:00:51 2024
NAMESPACE: redis
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: redis
CHART VERSION: 18.17.0
APP VERSION: 7.2.4** Please be patient while the chart is being deployed **Redisreg; can be accessed on the following DNS names from within your cluster:redis-master.redis.svc.cluster.local for read/write operations (port 6379)redis-replicas.redis.svc.cluster.local for read-only operations (port 6379)To get your password run:export REDIS_PASSWORD$(kubectl get secret --namespace redis redis -o jsonpath{.data.redis-password} | base64 -d)To connect to your Redisreg; server:1. Run a Redisreg; pod that you can use as a client:kubectl run --namespace redis redis-client --restartNever --env REDIS_PASSWORD$REDIS_PASSWORD --image docker.io/bitnami/redis:7.2.4-debian-12-r9 --command -- sleep infinityUse the following command to attach to the pod:kubectl exec --tty -i redis-client \--namespace redis -- bash2. Connect using the Redisreg; CLI:REDISCLI_AUTH$REDIS_PASSWORD redis-cli -h redis-masterREDISCLI_AUTH$REDIS_PASSWORD redis-cli -h redis-replicasTo connect to your database from outside the cluster execute the following commands:kubectl port-forward --namespace redis svc/redis-master 6379:6379 REDISCLI_AUTH$REDIS_PASSWORD redis-cli -h 127.0.0.1 -p 6379WARNING: There are resources sections in the chart not set. Using resourcesPreset is not recommended for production. For production installations, please set the following values according to your workload needs:- master.resources- replica.resources
info https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/# 获取在namespace 是redis的所有资源[rootk8s-master k8s]# kubectl get all -n redis
NAME READY STATUS RESTARTS AGE
pod/redis-master-0 1/1 Running 0 12m
pod/redis-replicas-0 1/1 Running 1 (11m ago) 12m
pod/redis-replicas-1 1/1 Running 0 10m
pod/redis-replicas-2 1/1 Running 0 9m35sNAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/redis-headless ClusterIP None none 6379/TCP 12m
service/redis-master ClusterIP 10.1.165.79 none 6379/TCP 12m
service/redis-replicas ClusterIP 10.1.241.14 none 6379/TCP 12mNAME READY AGE
statefulset.apps/redis-master 1/1 12m
statefulset.apps/redis-replicas 3/3 12m# 获取 pv 的信息
[rootk8s-master k8s]# kubectl get pv -owide -n redis
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE VOLUMEMODE
pvc-276280e7-0606-4c2f-86bf-0f0ee5c780be 8Gi RWO Delete Bound redis/redis-data-redis-replicas-2 managed-nfs-storage 9m54s Filesystem
pvc-3ae8520e-3a40-4e21-9bb8-3659b496846e 1Gi RWO Delete Bound redis/redis-data-redis-master-0 managed-nfs-storage 12m Filesystem
pvc-a4075967-0575-434e-86d6-b6aea075080f 8Gi RWO Delete Bound redis/redis-data-redis-replicas-0 managed-nfs-storage 12m Filesystem
pvc-c21c3655-e6f4-4a1c-bc7c-61f49c2c5799 8Gi RWO Delete Bound redis/redis-data-redis-replicas-1 managed-nfs-storage 11m Filesystem# 获取 pvc 的信息
[rootk8s-master k8s]# kubectl get pvc -owide -n redis
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE VOLUMEMODE
redis-data-redis-master-0 Bound pvc-3ae8520e-3a40-4e21-9bb8-3659b496846e 1Gi RWO managed-nfs-storage 13m Filesystem
redis-data-redis-replicas-0 Bound pvc-a4075967-0575-434e-86d6-b6aea075080f 8Gi RWO managed-nfs-storage 13m Filesystem
redis-data-redis-replicas-1 Bound pvc-c21c3655-e6f4-4a1c-bc7c-61f49c2c5799 8Gi RWO managed-nfs-storage 11m Filesystem
redis-data-redis-replicas-2 Bound pvc-276280e7-0606-4c2f-86bf-0f0ee5c780be 8Gi RWO managed-nfs-storage 10m Filesystem# 获取service的信息
[rootk8s-master k8s]# kubectl get service -owide -n redis
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR
redis-headless ClusterIP None none 6379/TCP 13m app.kubernetes.io/instanceredis,app.kubernetes.io/nameredis
redis-master ClusterIP 10.1.165.79 none 6379/TCP 13m app.kubernetes.io/componentmaster,app.kubernetes.io/instanceredis,app.kubernetes.io/nameredis
redis-replicas ClusterIP 10.1.241.14 none 6379/TCP 13m app.kubernetes.io/componentreplica,app.kubernetes.io/instanceredis,app.kubernetes.io/nameredis# 获取制备器 storageclass的信息
[rootk8s-master k8s]# kubectl get sc -owide
NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE
managed-nfs-storage fuseim.pri/ifs Delete Immediate false 42h# 获取数据卷nfs pod的信息
[rootk8s-master k8s]# kubectl get po -n kube-system | grep nfs
nfs-client-provisioner-64f976f4cd-7gdq7 1/1 Running 0 42h5.2.5 使用这个redis集群
# 获取redis的密码会把这个写入到环境变量中由于未设置密码所以redis自己设置为了一个随机密码
[rootk8s-master redis]# export REDIS_PASSWORD$(kubectl get secret --namespace redis redis -o jsonpath{.data.redis-password} | base64 -d)
[rootk8s-master k8s]# echo $REDIS_PASSWORD
oWx22K6221tUBe# 创建一个redis的客户端通过客户端访问redis
[rootk8s-master redis]# kubectl run --namespace redis redis-client --restartNever --env REDIS_PASSWORD$REDIS_PASSWORD --image docker.io/bitnami/redis:7.2.4-debian-12-r9 --command -- sleep infinity
pod/redis-client created# 进入这个redis的容器中执行命令
[rootk8s-master redis]# kubectl exec --tty -i redis-client \--namespace redis -- bash# 连接redis的master端可以设置数据查看数据
I have no name!redis-client:/$ REDISCLI_AUTH$REDIS_PASSWORD redis-cli -h redis-master
redis-master:6379 set name xiaobai
OK
redis-master:6379 get name
xiaobai
redis-master:6379 exit# 连接redis的replicas可以查看数据但是不能创建数据
I have no name!redis-client:/$ REDISCLI_AUTH$REDIS_PASSWORD redis-cli -h redis-replicas
redis-replicas:6379 get name
xiaobai
redis-replicas:6379 set age 12
(error) READONLY You cant write against a read only replica.
redis-replicas:6379 exit
I have no name!redis-client:/$5.2.6 通过helm升级redis
# 给redis设置一个密码然后进行升级
global:redis:password: redis123# 1、升级redis
[rootk8s-master k8s]# helm upgrade redis ./redis/ -n redis
Release redis has been upgraded. Happy Helming!
NAME: redis
LAST DEPLOYED: Thu Feb 29 15:44:47 2024
NAMESPACE: redis
STATUS: deployed
REVISION: 2
TEST SUITE: None
NOTES:
CHART NAME: redis
CHART VERSION: 18.17.0
APP VERSION: 7.2.4** Please be patient while the chart is being deployed **Redisreg; can be accessed on the following DNS names from within your cluster:redis-master.redis.svc.cluster.local for read/write operations (port 6379)redis-replicas.redis.svc.cluster.local for read-only operations (port 6379)To get your password run:export REDIS_PASSWORD$(kubectl get secret --namespace redis redis -o jsonpath{.data.redis-password} | base64 -d)To connect to your Redisreg; server:1. Run a Redisreg; pod that you can use as a client:kubectl run --namespace redis redis-client --restartNever --env REDIS_PASSWORD$REDIS_PASSWORD --image docker.io/bitnami/redis:7.2.4-debian-12-r9 --command -- sleep infinityUse the following command to attach to the pod:kubectl exec --tty -i redis-client \--namespace redis -- bash2. Connect using the Redisreg; CLI:REDISCLI_AUTH$REDIS_PASSWORD redis-cli -h redis-masterREDISCLI_AUTH$REDIS_PASSWORD redis-cli -h redis-replicasTo connect to your database from outside the cluster execute the following commands:kubectl port-forward --namespace redis svc/redis-master 6379:6379 REDISCLI_AUTH$REDIS_PASSWORD redis-cli -h 127.0.0.1 -p 6379WARNING: There are resources sections in the chart not set. Using resourcesPreset is not recommended for production. For production installations, please set the following values according to your workload needs:- master.resources- replica.resources
info https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/# 2、查看pod情况这个redis的副本是statefulset资源升级的时候从大到小
[rootk8s-master k8s]# kubectl get po -n redis
NAME READY STATUS RESTARTS AGE
redis-client 1/1 Running 0 8m56s
redis-master-0 0/1 ContainerCreating 0 2s
redis-replicas-0 1/1 Running 1 (42m ago) 44m
redis-replicas-1 1/1 Running 0 42m
redis-replicas-2 0/1 ContainerCreating 0 2s[rootk8s-master k8s]# kubectl get po -n redis
NAME READY STATUS RESTARTS AGE
redis-client 1/1 Running 0 12m
redis-master-0 1/1 Running 0 3m17s
redis-replicas-0 1/1 Running 0 108s
redis-replicas-1 1/1 Running 0 2m16s
redis-replicas-2 1/1 Running 0 3m17s# 3、查看redis更新过后数据是否还存在
[rootk8s-master k8s]# kubectl exec --tty -i redis-client --namespace redis -- bashI have no name!redis-client:/$ redis-cli -h redis-master
redis-master:6379 auth redis123
OK
redis-master:6379 get name
xiaobai
redis-master:6379 get age
(nil)
redis-master:6379 exit[rootk8s-master k8s]# kubectl exec --tty -i redis-client --namespace redis -- bash
I have no name!redis-client:/$ redis-cli -h redis-replicas
redis-replicas:6379 auth redis123
OKredis-replicas:6379 get name
xiaobai
redis-replicas:6379 set age 18
(error) READONLY You cant write against a read only replica.
redis-replicas:6379 exit
I have no name!redis-client:/$
5.2.7 通过helm回滚redis
# 查看服务的历史版本
[rootk8s-master k8s]# helm history redis -n redis
REVISION UPDATED STATUS CHART APP VERSION DESCRIPTION
1 Thu Feb 29 15:00:51 2024 superseded redis-18.17.0 7.2.4 Install complete
2 Thu Feb 29 15:44:47 2024 deployed redis-18.17.0 7.2.4 Upgrade complete# 通过rollback 回滚到指定的版本
[rootk8s-master k8s]# helm rollback redis 1 -n redis
Rollback was a success! Happy Helming![rootk8s-master k8s]# echo $REDIS_PASSWORD
oWx2K6tUBe[rootk8s-master k8s]# kubectl exec --tty -i redis-client --namespace redis -- bash
I have no name!redis-client:/$ redis-cli -h redis-master
redis-master:6379 auth oWx2K6tUBe
OK
redis-master:6379 get name
xiaobairedis-master:6379 exit
I have no name!redis-client:/$5.2.8 helm卸载redis
# 1、helm 卸载了redis
[rootk8s-master k8s]# helm delete redis -n redis
release redis uninstalled
[rootk8s-master k8s]# kubectl get po -n redis
NAME READY STATUS RESTARTS AGE
redis-client 1/1 Running 0 35m# 2、但是在查看pvc的时候发现pcv并没有删除这是因为为了数据的安全性所以没有删除
[rootk8s-master k8s]# kubectl get pvc -ne redis
Error from server (NotFound): namespaces e not found
[rootk8s-master k8s]# kubectl get pvc -n redis
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
redis-data-redis-master-0 Bound pvc-3ae8520e-3a40-4e21-9bb8-3659b496846e 1Gi RWO managed-nfs-storage 70m
redis-data-redis-replicas-0 Bound pvc-a4075967-0575-434e-86d6-b6aea075080f 8Gi RWO managed-nfs-storage 70m
redis-data-redis-replicas-1 Bound pvc-c21c3655-e6f4-4a1c-bc7c-61f49c2c5799 8Gi RWO managed-nfs-storage 68m
redis-data-redis-replicas-2 Bound pvc-276280e7-0606-4c2f-86bf-0f0ee5c780be 8Gi RWO managed-nfs-storage 67m[rootk8s-master k8s]# kubectl get pv -n redis
NAME CAPACITY ACCESS MODES RECLAIM POLICY STATUS CLAIM STORAGECLASS REASON AGE
pvc-276280e7-0606-4c2f-86bf-0f0ee5c780be 8Gi RWO Delete Bound redis/redis-data-redis-replicas-2 managed-nfs-storage 67m
pvc-3ae8520e-3a40-4e21-9bb8-3659b496846e 1Gi RWO Delete Bound redis/redis-data-redis-master-0 managed-nfs-storage 70m
pvc-a4075967-0575-434e-86d6-b6aea075080f 8Gi RWO Delete Bound redis/redis-data-redis-replicas-0 managed-nfs-storage 70m
pvc-c21c3655-e6f4-4a1c-bc7c-61f49c2c5799 8Gi RWO Delete Bound redis/redis-data-redis-replicas-1 managed-nfs-storage 68m
