kubernetes
[따배쿠] Helm
bbiyak2da
2025. 1. 20. 13:35
Helm?
Helm이란, Kubernetes 패키지 관리 도구이다.
Helm 주요 구성 요소
1. Chart(차트)
- Helm 패키지로, k8s cluster에서 애플리케이션이 기동되기 위해 필요한 모든 리소스들이 포함되어 있습니다.
2. Repository(저장소)
- Helm Chart가 저장되고 배포되는 장소
3. Release(릴리즈)
- Helm 차트를 사용하여 Kubernetes 클러스터에 배포된 인스턴스
- 각 릴리스는 고유한 이름을 가지며, 특정 차트와 버전, 설정 값으로 구성됩니다.
- 릴리스는 Helm을 통해 관리되고, 업그레이드 또는 삭제할 수 있습니다.
즉, Helm Chart를 원하는 Repository에서 검색 후 설치한다.
각 설치에 따른 새로운 Release를 생성한다.
*참고
Helm 공식 홈페이지 : https://helm.sh/
Helm
Helm - The Kubernetes Package Manager.
helm.sh
Helm 차트 저장소 : https://bitnami.com/
Bitnami
With over 1 million apps deployed per month, Bitnami makes it incredibly easy to deploy apps with native installers, as virtual machines, docker containers or in the cloud.
bitnami.com
Helm 설치하기
Helm 설치
# Helm 설치
# Install Helm
root@master:~# curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
root@master:~# chmod 700 get_helm.sh
root@master:~# ./get_helm.sh
Downloading https://get.helm.sh/helm-v3.17.0-linux-amd64.tar.gz
Verifying checksum... Done.
Preparing to install helm into /usr/local/bin
helm installed into /usr/local/bin/helm
# Helm 설치 확인
root@master:~# helm version
version.BuildInfo{Version:"v3.17.0", GitCommit:"301108edc7ac2a8ba79e4ebf5701b0b6ce6a31e4", GitTreeState:"clean", GoVersion:"go1.23.4"}
Helm 구성 (repository 구성)
# Repositroy 추가
# Repository 추가/삭제 : helm repo [add|remove|list] [NAME] [URL]
root@master:~# helm repo add bitnami https://charts.bitnami.com/bitnami
"bitnami" has been added to your repositories
root@master:~# helm repo list
NAME URL
bitnami https://charts.bitnami.com/bitnami
예시로 bitnami라는 repository를 사용해보자
* bitnami에서 k8s용 chart를 제공하고있다.
Helm 명령어
실습
# helm search
root@master:~# helm search repo nginx
NAME CHART VERSION APP VERSION DESCRIPTION
bitnami/nginx 18.3.5 1.27.3 NGINX Open Source is a web server that can be a...
bitnami/nginx-ingress-controller 11.6.5 1.12.0 NGINX Ingress Controller is an Ingress controll...
bitnami/nginx-intel 2.1.15 0.4.9 DEPRECATED NGINX Open Source for Intel is a lig...
bitnam/nginx에 대해 더 자세히 알아보자
# helm show
root@master:~# helm show chart bitnami/nginx
annotations:
category: Infrastructure
images: |
- name: git
image: docker.io/bitnami/git:2.48.0-debian-12-r0
- name: nginx
image: docker.io/bitnami/nginx:1.27.3-debian-12-r5
- name: nginx-exporter
image: docker.io/bitnami/nginx-exporter:1.4.1-debian-12-r0
licenses: Apache-2.0
apiVersion: v2
appVersion: 1.27.3
dependencies:
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
tags:
- bitnami-common
version: 2.x.x
description: NGINX Open Source is a web server that can be also used as a reverse
proxy, load balancer, and HTTP cache. Recommended for high-demanding sites due to
its ability to provide faster content.
home: https://bitnami.com
icon: https://bitnami.com/assets/stacks/nginx/img/nginx-stack-220x234.png
keywords:
- nginx
- http
- web
- www
- reverse proxy
maintainers:
- name: Broadcom, Inc. All Rights Reserved.
url: https://github.com/bitnami/charts
name: nginx
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/nginx
version: 18.3.5
# helm inspect values
helm inspect values bitnami/nginx
# 번외) helm inspect values 파일을 가져오기
root@master:~# helm inspect values bitnami/nginx > nginx_values.yaml
root@master:~# vi nginx_values.yaml
Bitnami의 Nginx 차트에 대한 기본 값을 nginx_values.yaml 파일로 저장해서 확인해볼 수 있다.
# helm install
root@master:~# helm install webserver bitnami/nginx
NAME: webserver
LAST DEPLOYED: Mon Jan 20 04:50:54 2025
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: nginx
CHART VERSION: 18.3.5
APP VERSION: 1.27.3
Did you know there are enterprise versions of the Bitnami catalog? For enhanced secure software supply chain features, unlimited pulls from Docker, LTS support, or application customization, see Bitnami Premium or Tanzu Application Catalog. See https://www.arrow.com/globalecs/na/vendors/bitnami for more information.
** Please be patient while the chart is being deployed **
NGINX can be accessed through the following DNS name from within your cluster:
webserver-nginx.default.svc.cluster.local (port 80)
To access NGINX from outside the cluster, follow the steps below:
1. Get the NGINX URL by running these commands:
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace default -w webserver-nginx'
export SERVICE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].port}" services webserver-nginx)
export SERVICE_IP=$(kubectl get svc --namespace default webserver-nginx -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo "http://${SERVICE_IP}:${SERVICE_PORT}"
WARNING: There are "resources" sections in the chart not set. Using "resourcesPreset" is not recommended for production. For production installations, please set the following values according to your workload needs:
- cloneStaticSiteFromGit.gitSync.resources
- resources
+info https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
helm install: Helm을 사용하여 새로운 차트를 설치하는 명령입니다.
webserver: 설치할 릴리스의 이름입니다. 이 이름은 클러스터 내에서 해당 Nginx 인스턴스를 식별하는 데 사용됩니다.
bitnami/nginx: 설치할 차트의 경로입니다. 여기서는 Bitnami의 Nginx 차트를 지정하고 있습니다.
번외) Helm을 사용하여 Bitnami의 Nginx 차트를 Kubernetes 클러스터에 설치하는 명령
root@master:~# helm install webserver2 --set service.type=Nodeport bitnami/nginx
Helm을 사용하여 Bitnami의 Nginx 차트를 Kubernetes 클러스터에 설치하면서,
Nginx 서비스의 타입을 NodePort로 설정하는 명령
# 확인
root@master:~# kubectl get all
NAME READY STATUS RESTARTS AGE
pod/webserver-nginx-65f8955b99-s48cr 1/1 Running 0 6m24s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 12d
service/webserver-nginx LoadBalancer 10.101.190.238 <pending> 80:31102/TCP,443:31999/TCP 10m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/webserver-nginx 1/1 1 1 10m
NAME DESIRED CURRENT READY AGE
replicaset.apps/webserver-nginx-65f8955b99 1 1 1 10m
# 삭제
root@master:~# helm uninstall webserver
release "webserver" uninstalled
실습2
# 기존 nginx_values.yaml 파일 수정
root@master:~# vi nginx_values.yaml
...
service:
## @param service.type Service type
##
type: NodePort
## @param service.ports.http Service HTTP port
## @param service.ports.https Service HTTPS port
##
ports:
http: 80
https: 443
##
## @param service.nodePorts [object] Specify the nodePort(s) value(s) for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
nodePorts:
http: ""
https: ""
...
type을 LB에서 NodePort로 수정
# helm install
root@master:~# helm install webserver -f nginx_values.yaml bitnami/nginx
NAME: webserver
LAST DEPLOYED: Mon Jan 20 05:07:44 2025
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: nginx
CHART VERSION: 18.3.5
APP VERSION: 1.27.3
Did you know there are enterprise versions of the Bitnami catalog? For enhanced secure software supply chain features, unlimited pulls from Docker, LTS support, or application customization, see Bitnami Premium or Tanzu Application Catalog. See https://www.arrow.com/globalecs/na/vendors/bitnami for more information.
** Please be patient while the chart is being deployed **
NGINX can be accessed through the following DNS name from within your cluster:
webserver-nginx.default.svc.cluster.local (port 80)
To access NGINX from outside the cluster, follow the steps below:
1. Get the NGINX URL by running these commands:
export NODE_PORT=$(kubectl get --namespace default -o jsonpath="{.spec.ports[0].nodePort}" services webserver-nginx)
export NODE_IP=$(kubectl get nodes --namespace default -o jsonpath="{.items[0].status.addresses[0].address}")
echo "http://${NODE_IP}:${NODE_PORT}"
WARNING: There are "resources" sections in the chart not set. Using "resourcesPreset" is not recommended for production. For production installations, please set the following values according to your workload needs:
- cloneStaticSiteFromGit.gitSync.resources
- resources
+info https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
nginx_values.yaml 파일을 참고하여, helm install
아까 helm install webserver2 --set service.type=Nodeport bitnami/nginx(Command line)을 yaml 파일로 실행한 것이랑 동일한 결과이다.
# 확인
root@master:~# kubectl get all
NAME READY STATUS RESTARTS AGE
pod/webserver-nginx-65f8955b99-dnjk9 1/1 Running 0 76s
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 12d
service/webserver-nginx NodePort 10.107.248.143 <none> 80:30650/TCP,443:31600/TCP 76s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/webserver-nginx 1/1 1 1 76s
NAME DESIRED CURRENT READY AGE
replicaset.apps/webserver-nginx-65f8955b99 1 1 1 76sroot@master:~# curl localhost:30650
# 삭제
root@master:~# helm uninstall webserver
release "webserver" uninstalled
Helm 차트 구조
helm 패키지 구조를 확인해보자.
# helm 저장소에서 차트 다운로드
root@master:~# helm pull bitnami/nginx
helm 차트 저장소 bitnami에서 nginx를 다운받는다.
# 확인
root@master:~# ls
Getting-Start-Kubernetes nginx-18.3.5.tgz
get_helm.sh nginx_values.yaml
nginx-18.3.5.tgz -> helm chart 압축 파일
# 압축 해제
root@master:~# tar zxvf nginx-18.3.5.tgz
nginx/
nginx/charts/
nginx/charts/common/
nginx/charts/common/templates/
nginx/charts/common/templates/validations/
nginx/templates/
nginx/Chart.lock
nginx/Chart.yaml
nginx/.helmignore
nginx/charts/common/Chart.yaml
nginx/charts/common/.helmignore
nginx/charts/common/README.md
nginx/charts/common/values.yaml
nginx/charts/common/templates/_warnings.tpl
nginx/charts/common/templates/_affinities.tpl
nginx/charts/common/templates/_storage.tpl
nginx/charts/common/templates/_utils.tpl
nginx/charts/common/templates/_compatibility.tpl
nginx/charts/common/templates/_tplvalues.tpl
nginx/charts/common/templates/_capabilities.tpl
nginx/charts/common/templates/_labels.tpl
nginx/charts/common/templates/_errors.tpl
nginx/charts/common/templates/_resources.tpl
nginx/charts/common/templates/_names.tpl
nginx/charts/common/templates/validations/_validations.tpl
nginx/charts/common/templates/validations/_postgresql.tpl
nginx/charts/common/templates/validations/_mariadb.tpl
nginx/charts/common/templates/validations/_cassandra.tpl
nginx/charts/common/templates/validations/_redis.tpl
nginx/charts/common/templates/validations/_mongodb.tpl
nginx/charts/common/templates/validations/_mysql.tpl
nginx/charts/common/templates/_secrets.tpl
nginx/charts/common/templates/_images.tpl
nginx/charts/common/templates/_ingress.tpl
nginx/README.md
nginx/values.yaml
nginx/templates/health-ingress.yaml
nginx/templates/networkpolicy.yaml
nginx/templates/deployment.yaml
nginx/templates/ingress.yaml
nginx/templates/_helpers.tpl
nginx/templates/servicemonitor.yaml
nginx/templates/hpa.yaml
nginx/templates/svc.yaml
nginx/templates/extra-list.yaml
nginx/templates/serviceaccount.yaml
nginx/templates/NOTES.txt
nginx/templates/pdb.yaml
nginx/templates/stream-server-block-configmap.yaml
nginx/templates/prometheusrules.yaml
nginx/templates/server-block-configmap.yaml
nginx/templates/tls-secret.yaml
nginx/templates/ingress-tls-secret.yaml
nginx/values.schema.json
# 확인
root@master:~/nginx# ls
Chart.lock Chart.yaml README.md charts templates values.schema.json values.yaml
# helm chart를 트리 구조로 확인
root@master:~# tree nginx
nginx
├── Chart.lock
├── Chart.yaml
├── README.md
├── charts
│ └── common
│ ├── Chart.yaml
│ ├── README.md
│ ├── templates
│ │ ├── _affinities.tpl
│ │ ├── _capabilities.tpl
│ │ ├── _compatibility.tpl
│ │ ├── _errors.tpl
│ │ ├── _images.tpl
│ │ ├── _ingress.tpl
│ │ ├── _labels.tpl
│ │ ├── _names.tpl
│ │ ├── _resources.tpl
│ │ ├── _secrets.tpl
│ │ ├── _storage.tpl
│ │ ├── _tplvalues.tpl
│ │ ├── _utils.tpl
│ │ ├── _warnings.tpl
│ │ └── validations
│ │ ├── _cassandra.tpl
│ │ ├── _mariadb.tpl
│ │ ├── _mongodb.tpl
│ │ ├── _mysql.tpl
│ │ ├── _postgresql.tpl
│ │ ├── _redis.tpl
│ │ └── _validations.tpl
│ └── values.yaml
├── templates
│ ├── NOTES.txt
│ ├── _helpers.tpl
│ ├── deployment.yaml
│ ├── extra-list.yaml
│ ├── health-ingress.yaml
│ ├── hpa.yaml
│ ├── ingress-tls-secret.yaml
│ ├── ingress.yaml
│ ├── networkpolicy.yaml
│ ├── pdb.yaml
│ ├── prometheusrules.yaml
│ ├── server-block-configmap.yaml
│ ├── serviceaccount.yaml
│ ├── servicemonitor.yaml
│ ├── stream-server-block-configmap.yaml
│ ├── svc.yaml
│ └── tls-secret.yaml
├── values.schema.json
└── values.yaml
애플리케이션을 컨테이너로 만든 후, 차트로 만들어서 배포하는 것이 가능 !!
[참고 영상]
https://www.youtube.com/watch?v=QlYgYcJ-GhA&list=PLApuRlvrZKohLYdvfX-UEFYTE7kfnnY36&index=13