[따배쿠] Helm

Helm?

 

 

Helm이란, Kubernetes 패키지 관리 도구이다.

 

Helm 주요 구성 요소

 

1. Chart(차트)

• Helm 패키지로, k8s cluster에서 애플리케이션이 기동되기 위해 필요한 모든 리소스들이 포함되어 있습니다.

2. Repository(저장소)

• Helm Chart가 저장되고 배포되는 장소

3. Release(릴리즈)

• Helm 차트를 사용하여 Kubernetes 클러스터에 배포된 인스턴스
• 각 릴리스는 고유한 이름을 가지며, 특정 차트와 버전, 설정 값으로 구성됩니다.
• 릴리스는 Helm을 통해 관리되고, 업그레이드 또는 삭제할 수 있습니다.

즉, Helm Chart를 원하는 Repository에서 검색 후 설치한다.

각 설치에 따른 새로운 Release를 생성한다.

 

*참고

Helm 공식 홈페이지 : https://helm.sh/

Helm

Helm 차트 저장소 : https://bitnami.com/

Bitnami

 

Helm 설치하기

 

Helm 설치

 

# Helm 설치

# Install Helm
root@master:~# curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
root@master:~# chmod 700 get_helm.sh
root@master:~# ./get_helm.sh
Downloading https://get.helm.sh/helm-v3.17.0-linux-amd64.tar.gz
Verifying checksum... Done.
Preparing to install helm into /usr/local/bin
helm installed into /usr/local/bin/helm

 

# Helm 설치 확인

root@master:~# helm version
version.BuildInfo{Version:"v3.17.0", GitCommit:"301108edc7ac2a8ba79e4ebf5701b0b6ce6a31e4", GitTreeState:"clean", GoVersion:"go1.23.4"}

 

Helm 구성 (repository 구성)

 

# Repositroy 추가 

# Repository 추가/삭제 : helm repo [add|remove|list] [NAME] [URL]
root@master:~# helm repo add bitnami https://charts.bitnami.com/bitnami
"bitnami" has been added to your repositories
root@master:~# helm repo list
NAME    URL
bitnami https://charts.bitnami.com/bitnami

 

예시로 bitnami라는 repository를 사용해보자

* bitnami에서 k8s용 chart를 제공하고있다.

 

Helm 명령어

실습

 

# helm search

root@master:~# helm search repo nginx
NAME                                    CHART VERSION   APP VERSION     DESCRIPTION
bitnami/nginx                           18.3.5          1.27.3          NGINX Open Source is a web server that can be a...
bitnami/nginx-ingress-controller        11.6.5          1.12.0          NGINX Ingress Controller is an Ingress controll...
bitnami/nginx-intel                     2.1.15          0.4.9           DEPRECATED NGINX Open Source for Intel is a lig...

 

bitnam/nginx에 대해 더 자세히 알아보자

 

# helm show

root@master:~# helm show chart bitnami/nginx
annotations:
  category: Infrastructure
  images: |
    - name: git
      image: docker.io/bitnami/git:2.48.0-debian-12-r0
    - name: nginx
      image: docker.io/bitnami/nginx:1.27.3-debian-12-r5
    - name: nginx-exporter
      image: docker.io/bitnami/nginx-exporter:1.4.1-debian-12-r0
  licenses: Apache-2.0
apiVersion: v2
appVersion: 1.27.3
dependencies:
- name: common
  repository: oci://registry-1.docker.io/bitnamicharts
  tags:
  - bitnami-common
  version: 2.x.x
description: NGINX Open Source is a web server that can be also used as a reverse
  proxy, load balancer, and HTTP cache. Recommended for high-demanding sites due to
  its ability to provide faster content.
home: https://bitnami.com
icon: https://bitnami.com/assets/stacks/nginx/img/nginx-stack-220x234.png
keywords:
- nginx
- http
- web
- www
- reverse proxy
maintainers:
- name: Broadcom, Inc. All Rights Reserved.
  url: https://github.com/bitnami/charts
name: nginx
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/nginx
version: 18.3.5

 

# helm inspect values

helm inspect values bitnami/nginx

 

# 번외) helm inspect values 파일을 가져오기

root@master:~# helm inspect values bitnami/nginx > nginx_values.yaml
root@master:~# vi nginx_values.yaml

 

Bitnami의 Nginx 차트에 대한 기본 값을 nginx_values.yaml 파일로 저장해서 확인해볼 수 있다.

 

# helm install 

root@master:~# helm install webserver bitnami/nginx
NAME: webserver
LAST DEPLOYED: Mon Jan 20 04:50:54 2025
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: nginx
CHART VERSION: 18.3.5
APP VERSION: 1.27.3

Did you know there are enterprise versions of the Bitnami catalog? For enhanced secure software supply chain features, unlimited pulls from Docker, LTS support, or application customization, see Bitnami Premium or Tanzu Application Catalog. See https://www.arrow.com/globalecs/na/vendors/bitnami for more information.

** Please be patient while the chart is being deployed **
NGINX can be accessed through the following DNS name from within your cluster:

    webserver-nginx.default.svc.cluster.local (port 80)

To access NGINX from outside the cluster, follow the steps below:

1. Get the NGINX URL by running these commands:

  NOTE: It may take a few minutes for the LoadBalancer IP to be available.
        Watch the status with: 'kubectl get svc --namespace default -w webserver-nginx'

    export SERVICE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].port}" services webserver-nginx)
    export SERVICE_IP=$(kubectl get svc --namespace default webserver-nginx -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
    echo "http://${SERVICE_IP}:${SERVICE_PORT}"

WARNING: There are "resources" sections in the chart not set. Using "resourcesPreset" is not recommended for production. For production installations, please set the following values according to your workload needs:
  - cloneStaticSiteFromGit.gitSync.resources
  - resources
+info https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

 

helm install: Helm을 사용하여 새로운 차트를 설치하는 명령입니다.
webserver: 설치할 릴리스의 이름입니다. 이 이름은 클러스터 내에서 해당 Nginx 인스턴스를 식별하는 데 사용됩니다.
bitnami/nginx: 설치할 차트의 경로입니다. 여기서는 Bitnami의 Nginx 차트를 지정하고 있습니다.

 

번외) Helm을 사용하여 Bitnami의 Nginx 차트를 Kubernetes 클러스터에 설치하는 명령

 

root@master:~# helm install webserver2 --set service.type=Nodeport bitnami/nginx

 

 

Helm을 사용하여 Bitnami의 Nginx 차트를 Kubernetes 클러스터에 설치하면서,

Nginx 서비스의 타입을 NodePort로 설정하는 명령

 

# 확인

root@master:~# kubectl get all
NAME                                   READY   STATUS    RESTARTS   AGE
pod/webserver-nginx-65f8955b99-s48cr   1/1     Running   0          6m24s

NAME                      TYPE           CLUSTER-IP       EXTERNAL-IP   PORT(S)                      AGE
service/kubernetes        ClusterIP      10.96.0.1        <none>        443/TCP                      12d
service/webserver-nginx   LoadBalancer   10.101.190.238   <pending>     80:31102/TCP,443:31999/TCP   10m

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/webserver-nginx   1/1     1            1           10m

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/webserver-nginx-65f8955b99   1         1         1       10m

 

# 삭제

root@master:~# helm uninstall webserver
release "webserver" uninstalled

 

실습2

 

# 기존 nginx_values.yaml 파일 수정

root@master:~# vi nginx_values.yaml
...
service:
  ## @param service.type Service type
  ##
  type: NodePort
  ## @param service.ports.http Service HTTP port
  ## @param service.ports.https Service HTTPS port
  ##
  ports:
    http: 80
    https: 443
  ##
  ## @param service.nodePorts [object] Specify the nodePort(s) value(s) for the LoadBalancer and NodePort service types.
  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
  ##
  nodePorts:
    http: ""
    https: ""
...

 

type을 LB에서 NodePort로 수정

 

# helm install

root@master:~# helm install webserver -f nginx_values.yaml  bitnami/nginx
NAME: webserver
LAST DEPLOYED: Mon Jan 20 05:07:44 2025
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: nginx
CHART VERSION: 18.3.5
APP VERSION: 1.27.3

Did you know there are enterprise versions of the Bitnami catalog? For enhanced secure software supply chain features, unlimited pulls from Docker, LTS support, or application customization, see Bitnami Premium or Tanzu Application Catalog. See https://www.arrow.com/globalecs/na/vendors/bitnami for more information.

** Please be patient while the chart is being deployed **
NGINX can be accessed through the following DNS name from within your cluster:

    webserver-nginx.default.svc.cluster.local (port 80)

To access NGINX from outside the cluster, follow the steps below:

1. Get the NGINX URL by running these commands:

    export NODE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].nodePort}" services webserver-nginx)
    export NODE_IP=$(kubectl get nodes --namespace default -o jsonpath="{.items[0].status.addresses[0].address}")
    echo "http://${NODE_IP}:${NODE_PORT}"

WARNING: There are "resources" sections in the chart not set. Using "resourcesPreset" is not recommended for production. For production installations, please set the following values according to your workload needs:
  - cloneStaticSiteFromGit.gitSync.resources
  - resources
+info https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

 

nginx_values.yaml 파일을 참고하여, helm install 

아까 helm install webserver2 --set service.type=Nodeport bitnami/nginx(Command line)을 yaml 파일로 실행한 것이랑 동일한 결과이다.

 

# 확인

root@master:~# kubectl get all
NAME                                   READY   STATUS    RESTARTS   AGE
pod/webserver-nginx-65f8955b99-dnjk9   1/1     Running   0          76s

NAME                      TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                      AGE
service/kubernetes        ClusterIP   10.96.0.1        <none>        443/TCP                      12d
service/webserver-nginx   NodePort    10.107.248.143   <none>        80:30650/TCP,443:31600/TCP   76s

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/webserver-nginx   1/1     1            1           76s

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/webserver-nginx-65f8955b99   1         1         1       76s

root@master:~# curl localhost:30650

 

# 삭제

root@master:~# helm uninstall webserver
release "webserver" uninstalled

 

Helm 차트 구조

 

helm 패키지 구조를 확인해보자.

 

# helm 저장소에서 차트 다운로드

root@master:~# helm pull bitnami/nginx

 

helm 차트 저장소 bitnami에서 nginx를 다운받는다.

 

# 확인

root@master:~# ls
Getting-Start-Kubernetes  nginx-18.3.5.tgz
get_helm.sh  nginx_values.yaml

 

nginx-18.3.5.tgz -> helm chart 압축 파일

 

# 압축 해제

root@master:~# tar zxvf nginx-18.3.5.tgz
nginx/
nginx/charts/
nginx/charts/common/
nginx/charts/common/templates/
nginx/charts/common/templates/validations/
nginx/templates/
nginx/Chart.lock
nginx/Chart.yaml
nginx/.helmignore
nginx/charts/common/Chart.yaml
nginx/charts/common/.helmignore
nginx/charts/common/README.md
nginx/charts/common/values.yaml
nginx/charts/common/templates/_warnings.tpl
nginx/charts/common/templates/_affinities.tpl
nginx/charts/common/templates/_storage.tpl
nginx/charts/common/templates/_utils.tpl
nginx/charts/common/templates/_compatibility.tpl
nginx/charts/common/templates/_tplvalues.tpl
nginx/charts/common/templates/_capabilities.tpl
nginx/charts/common/templates/_labels.tpl
nginx/charts/common/templates/_errors.tpl
nginx/charts/common/templates/_resources.tpl
nginx/charts/common/templates/_names.tpl
nginx/charts/common/templates/validations/_validations.tpl
nginx/charts/common/templates/validations/_postgresql.tpl
nginx/charts/common/templates/validations/_mariadb.tpl
nginx/charts/common/templates/validations/_cassandra.tpl
nginx/charts/common/templates/validations/_redis.tpl
nginx/charts/common/templates/validations/_mongodb.tpl
nginx/charts/common/templates/validations/_mysql.tpl
nginx/charts/common/templates/_secrets.tpl
nginx/charts/common/templates/_images.tpl
nginx/charts/common/templates/_ingress.tpl
nginx/README.md
nginx/values.yaml
nginx/templates/health-ingress.yaml
nginx/templates/networkpolicy.yaml
nginx/templates/deployment.yaml
nginx/templates/ingress.yaml
nginx/templates/_helpers.tpl
nginx/templates/servicemonitor.yaml
nginx/templates/hpa.yaml
nginx/templates/svc.yaml
nginx/templates/extra-list.yaml
nginx/templates/serviceaccount.yaml
nginx/templates/NOTES.txt
nginx/templates/pdb.yaml
nginx/templates/stream-server-block-configmap.yaml
nginx/templates/prometheusrules.yaml
nginx/templates/server-block-configmap.yaml
nginx/templates/tls-secret.yaml
nginx/templates/ingress-tls-secret.yaml
nginx/values.schema.json

 

# 확인

root@master:~/nginx# ls
Chart.lock  Chart.yaml  README.md  charts  templates  values.schema.json  values.yaml

 

# helm chart를 트리 구조로 확인

root@master:~# tree nginx
nginx
├── Chart.lock
├── Chart.yaml
├── README.md
├── charts
│   └── common
│       ├── Chart.yaml
│       ├── README.md
│       ├── templates
│       │   ├── _affinities.tpl
│       │   ├── _capabilities.tpl
│       │   ├── _compatibility.tpl
│       │   ├── _errors.tpl
│       │   ├── _images.tpl
│       │   ├── _ingress.tpl
│       │   ├── _labels.tpl
│       │   ├── _names.tpl
│       │   ├── _resources.tpl
│       │   ├── _secrets.tpl
│       │   ├── _storage.tpl
│       │   ├── _tplvalues.tpl
│       │   ├── _utils.tpl
│       │   ├── _warnings.tpl
│       │   └── validations
│       │       ├── _cassandra.tpl
│       │       ├── _mariadb.tpl
│       │       ├── _mongodb.tpl
│       │       ├── _mysql.tpl
│       │       ├── _postgresql.tpl
│       │       ├── _redis.tpl
│       │       └── _validations.tpl
│       └── values.yaml
├── templates
│   ├── NOTES.txt
│   ├── _helpers.tpl
│   ├── deployment.yaml
│   ├── extra-list.yaml
│   ├── health-ingress.yaml
│   ├── hpa.yaml
│   ├── ingress-tls-secret.yaml
│   ├── ingress.yaml
│   ├── networkpolicy.yaml
│   ├── pdb.yaml
│   ├── prometheusrules.yaml
│   ├── server-block-configmap.yaml
│   ├── serviceaccount.yaml
│   ├── servicemonitor.yaml
│   ├── stream-server-block-configmap.yaml
│   ├── svc.yaml
│   └── tls-secret.yaml
├── values.schema.json
└── values.yaml

 

애플리케이션을 컨테이너로 만든 후, 차트로 만들어서 배포하는 것이 가능 !!

 

---

[참고 영상]

https://www.youtube.com/watch?v=QlYgYcJ-GhA&list=PLApuRlvrZKohLYdvfX-UEFYTE7kfnnY36&index=13