1、Helm的概念

• Kubernetes包管器

• Helm是查找、分享和使用軟件構件Kubernetes的最優方式。

• Helm管理名為chart的Kubernetes包的工具。Helm可以做以下的事情：

  • 從頭開始創建新的chat
  • 將chart打包成歸檔tgz)文件
  • 與存儲chat的倉庫進行交互
  • 在現有的Kubernetes集群中安裝和卸載chart
  • 管理與Helm一起安裝的chart的發布周期

2、Helm的架構

2.1 Helm的三個重要概念

• 1.chart創建Kubernetes應用程序所必需的一組信息。
• 2.config包含了可以合并到打包的charte中的配置信息，用于創建一個可發布的對象。
• 3.release是一個與特定配置相結臺的chart的運行實例，

2.2 Helm的組件

2.2.1 Helm客戶端

• Helm客端是終端 用戶的命令行客戶端，負責以下內容：
  • 本地chat開發
  • 管理倉庫
  • 管理發布
  • 與Helm庫建立接口
    • 發送安裝的chart
    • 發送升級或卸載現有發布的請求

2.2.2 Helm庫

• Helm庫提供執行所有Helm操作的邏輯。與Kubernetes API服務交互并提供以下功能：
  • 結合chat和配置來構建版本
  • 將chat安裝到Kubernetes中，并提供后續發布對象
  • 與Kubernetes交互升級和卸載chart
• 獨立的Helm庫封裝了Helm邏輯以便不同的客戶端可以使用它。

3、安裝Helm

• Helm官網：https://helm.sh/zh/docs/intro/quickstart/
• 注：安裝Helm的時候需要注意k8s的版本

3.1 下載二進制文件

wget https://get.helm.sh/helm-v3.10.0-linux-amd64.tar.gz  -O helm-v3.10.0-linux-amd64.tar.gz

3.2 解壓（helm-v3.10.0-linux-amd64.tar.gz）

tar-xvf  helm-v3.10.0-linux-amd64.tar.gz

3.3 將helm的可執行文件復制到/usr/local/bin/目錄下

 mv linux-amd64/helm /usr/local/bin/

3.4 添加Helm的倉庫（阿里云源）

helm repo add ingress-nginx  https://kubernetes.github.io/ingress-nginx

4、Helm的常用命令

命令	作用
helm repo	列出、增加、更新、刪除chart倉庫
helm search	使用關鍵詞搜索chart
helm pull	拉取遠倉庫中的chart到本地
helm create	在本地創建新的chart
helm dependency	管理chart 依賴
helm install	安裝chart
helm list	列出所有release
helm lint	檢查chart配置是否有誤
helm package	打包本地chart
helm rollback	回滾release到歷史版本
helm uninstall	卸載release
helm upgrade	升級release

5、chart

5.1 chart的目錄結構

mychart
├── Chart.yaml
├── charts   # 該目錄保存其他依賴的chart（子chart）
├── templates  # chart配置模板，用于渲染最終的kubernetes yaml
│   ├── NOTES.txt  # 用戶運行helm install的提示信息
│   ├── _helpers.tpl  # 用于創建模板時的幫助類
│   ├── deployment.yaml  # kubernetes deployment 的配置
│   ├── ingress.yaml  # kubernetes ingress 配置
│   ├── service.yaml  # kubernetes service 配置
│   ├── serviceaccount.yaml # kubernetes serviceaccount 配置
│   └── tests
│       └── test-connection.yaml
└── values.yaml  # 定義chart模板中的自定義配置的默認值

5.2 redis chart 實戰

5.2.1 修改helm源

[root@k8s-master ~]# helm repo  list
NAME         	URL
ingress-nginx	https://kubernetes.github.io/ingress-nginx[root@k8s-master ~]# helm repo add bitnami https://charts.bitnami.com/bitnami
"bitnami" has been added to your repositories[root@k8s-master ~]# helm repo add azure http://mirror.azure.cn/kubernetes/charts
"azure" has been added to your repositories[root@k8s-master ~]# helm repo add ali-stable    https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts
"ali-stable" has been added to your repositories[root@k8s-master ~]# helm  repo list
NAME         	URL
ingress-nginx	https://kubernetes.github.io/ingress-nginx
bitnami      	https://charts.bitnami.com/bitnami
azure        	http://mirror.azure.cn/kubernetes/charts
ali-stable   	https://kubernetes.oss-cn-hangzhou.aliyuncs.com/charts

5.2.2 搜索redis chart

• 搜索redis chart： helm search repo redis
• 查看redis chart的描述信息：helm show readme bitnami/redis

5.2.3 修改配置安裝

# 1、拉取redis的chart包
[root@k8s-master k8s]# helm pull bitnami/redis# 2、解壓這個redis的chart包
[root@k8s-master k8s]# tar -xvf   redis-18.17.0.tgz
redis/Chart.yaml
redis/Chart.lock
redis/values.yaml
redis/values.schema.json
redis/templates/NOTES.txt
redis/templates/_helpers.tpl
redis/templates/configmap.yaml
redis/templates/extra-list.yaml
redis/templates/headless-svc.yaml
redis/templates/health-configmap.yaml
redis/templates/master/application.yaml
redis/templates/master/psp.yaml
redis/templates/master/pvc.yaml
redis/templates/master/service.yaml
redis/templates/master/serviceaccount.yaml
redis/templates/metrics-svc.yaml
redis/templates/networkpolicy.yaml
redis/templates/pdb.yaml
redis/templates/podmonitor.yaml
redis/templates/prometheusrule.yaml
redis/templates/replicas/application.yaml
redis/templates/replicas/hpa.yaml
redis/templates/replicas/service.yaml
redis/templates/replicas/serviceaccount.yaml
redis/templates/role.yaml
redis/templates/rolebinding.yaml
redis/templates/scripts-configmap.yaml
redis/templates/secret-svcbind.yaml
redis/templates/secret.yaml
redis/templates/sentinel/hpa.yaml
redis/templates/sentinel/node-services.yaml
redis/templates/sentinel/ports-configmap.yaml
redis/templates/sentinel/service.yaml
redis/templates/sentinel/statefulset.yaml
redis/templates/serviceaccount.yaml
redis/templates/servicemonitor.yaml
redis/templates/tls-secret.yaml
redis/.helmignore
redis/README.md
redis/charts/common/Chart.yaml
redis/charts/common/values.yaml
redis/charts/common/templates/_affinities.tpl
redis/charts/common/templates/_capabilities.tpl
redis/charts/common/templates/_errors.tpl
redis/charts/common/templates/_images.tpl
redis/charts/common/templates/_ingress.tpl
redis/charts/common/templates/_labels.tpl
redis/charts/common/templates/_names.tpl
redis/charts/common/templates/_resources.tpl
redis/charts/common/templates/_secrets.tpl
redis/charts/common/templates/_storage.tpl
redis/charts/common/templates/_tplvalues.tpl
redis/charts/common/templates/_utils.tpl
redis/charts/common/templates/_warnings.tpl
redis/charts/common/templates/validations/_cassandra.tpl
redis/charts/common/templates/validations/_mariadb.tpl
redis/charts/common/templates/validations/_mongodb.tpl
redis/charts/common/templates/validations/_mysql.tpl
redis/charts/common/templates/validations/_postgresql.tpl
redis/charts/common/templates/validations/_redis.tpl
redis/charts/common/templates/validations/_validations.tpl
redis/charts/common/.helmignore
redis/charts/common/README.md# 3、修改配置## 修改全局的storageClass制備器，這個制備器是之前創建nfs的創建的
global:storageClass: "managed-nfs-storage"## 修改master節點的service類型：內部訪問 
master:service:type: ClusterIP     

##  詳細配置文件如下
[root@k8s-master k8s]# cat redis/redis.yaml
global:imageRegistry: ""imagePullSecrets: []storageClass: "managed-nfs-storage"redis:password: ""
kubeVersion: ""
nameOverride: ""
fullnameOverride: ""
namespaceOverride: ""
commonLabels: {}
commonAnnotations: {}
secretAnnotations: {}
clusterDomain: cluster.local
extraDeploy: []
useHostnames: true
nameResolutionThreshold: 5
nameResolutionTimeout: 5
diagnosticMode:enabled: falsecommand:- sleepargs:- infinity
image:registry: docker.iorepository: bitnami/redistag: 7.2.4-debian-12-r9digest: ""pullPolicy: IfNotPresentpullSecrets: []debug: false
architecture: replication
auth:enabled: truesentinel: truepassword: ""existingSecret: ""existingSecretPasswordKey: ""usePasswordFiles: falseusePasswordFileFromSecret: true
commonConfiguration: |-appendonly yessave ""
existingConfigmap: ""
master:count: 1configuration: ""disableCommands:- FLUSHDB- FLUSHALLcommand: []args: []enableServiceLinks: truepreExecCmds: []extraFlags: []extraEnvVars: []extraEnvVarsCM: ""extraEnvVarsSecret: ""containerPorts:redis: 6379startupProbe:enabled: falseinitialDelaySeconds: 20periodSeconds: 5timeoutSeconds: 5successThreshold: 1failureThreshold: 5livenessProbe:enabled: trueinitialDelaySeconds: 20periodSeconds: 5timeoutSeconds: 5successThreshold: 1failureThreshold: 5readinessProbe:enabled: trueinitialDelaySeconds: 20periodSeconds: 5timeoutSeconds: 1successThreshold: 1failureThreshold: 5customStartupProbe: {}customLivenessProbe: {}customReadinessProbe: {}resourcesPreset: "none"resources: {}podSecurityContext:enabled: truefsGroupChangePolicy: Alwayssysctls: []supplementalGroups: []fsGroup: 1001containerSecurityContext:enabled: trueseLinuxOptions: nullrunAsUser: 1001runAsGroup: 0runAsNonRoot: trueallowPrivilegeEscalation: falsereadOnlyRootFilesystem: falseseccompProfile:type: RuntimeDefaultcapabilities:drop: ["ALL"]kind: StatefulSetschedulerName: ""updateStrategy:type: RollingUpdateminReadySeconds: 0priorityClassName: ""automountServiceAccountToken: falsehostAliases: []podLabels: {}podAnnotations: {}shareProcessNamespace: falsepodAffinityPreset: ""podAntiAffinityPreset: softnodeAffinityPreset:type: ""key: ""values: []affinity: {}nodeSelector: {}tolerations: []topologySpreadConstraints: []dnsPolicy: ""dnsConfig: {}lifecycleHooks: {}extraVolumes: []extraVolumeMounts: []sidecars: []initContainers: []persistence:enabled: truemedium: ""sizeLimit: ""path: /datasubPath: ""subPathExpr: ""storageClass: ""accessModes:- ReadWriteOncesize: 1Giannotations: {}labels: {}selector: {}dataSource: {}existingClaim: ""persistentVolumeClaimRetentionPolicy:enabled: falsewhenScaled: RetainwhenDeleted: Retainservice:type: ClusterIPports:redis: 6379nodePorts:redis: ""externalTrafficPolicy: ClusterextraPorts: []internalTrafficPolicy: ClusterclusterIP: ""loadBalancerIP: ""loadBalancerClass: ""loadBalancerSourceRanges: []externalIPs: []annotations: {}sessionAffinity: NonesessionAffinityConfig: {}terminationGracePeriodSeconds: 30serviceAccount:create: truename: ""automountServiceAccountToken: falseannotations: {}
replica:kind: StatefulSetreplicaCount: 3configuration: ""disableCommands:- FLUSHDB- FLUSHALLcommand: []args: []enableServiceLinks: truepreExecCmds: []extraFlags: []extraEnvVars: []extraEnvVarsCM: ""extraEnvVarsSecret: ""externalMaster:enabled: falsehost: ""port: 6379containerPorts:redis: 6379startupProbe:enabled: trueinitialDelaySeconds: 10periodSeconds: 10timeoutSeconds: 5successThreshold: 1failureThreshold: 22livenessProbe:enabled: trueinitialDelaySeconds: 20periodSeconds: 5timeoutSeconds: 5successThreshold: 1failureThreshold: 5readinessProbe:enabled: trueinitialDelaySeconds: 20periodSeconds: 5timeoutSeconds: 1successThreshold: 1failureThreshold: 5customStartupProbe: {}customLivenessProbe: {}customReadinessProbe: {}resourcesPreset: "none"resources: {}podSecurityContext:enabled: truefsGroupChangePolicy: Alwayssysctls: []supplementalGroups: []fsGroup: 1001containerSecurityContext:enabled: trueseLinuxOptions: nullrunAsUser: 1001runAsGroup: 0runAsNonRoot: trueallowPrivilegeEscalation: falsereadOnlyRootFilesystem: falseseccompProfile:type: RuntimeDefaultcapabilities:drop: ["ALL"]schedulerName: ""updateStrategy:type: RollingUpdateminReadySeconds: 0priorityClassName: ""podManagementPolicy: ""automountServiceAccountToken: falsehostAliases: []podLabels: {}podAnnotations: {}shareProcessNamespace: falsepodAffinityPreset: ""podAntiAffinityPreset: softnodeAffinityPreset:type: ""key: ""values: []affinity: {}nodeSelector: {}tolerations: []topologySpreadConstraints: []dnsPolicy: ""dnsConfig: {}lifecycleHooks: {}extraVolumes: []extraVolumeMounts: []sidecars: []initContainers: []persistence:enabled: truemedium: ""sizeLimit: ""path: /datasubPath: ""subPathExpr: ""storageClass: ""accessModes:- ReadWriteOncesize: 8Giannotations: {}labels: {}selector: {}dataSource: {}existingClaim: ""persistentVolumeClaimRetentionPolicy:enabled: falsewhenScaled: RetainwhenDeleted: Retainservice:type: ClusterIPports:redis: 6379nodePorts:redis: ""externalTrafficPolicy: ClusterinternalTrafficPolicy: ClusterextraPorts: []clusterIP: ""loadBalancerIP: ""loadBalancerClass: ""loadBalancerSourceRanges: []annotations: {}sessionAffinity: NonesessionAffinityConfig: {}terminationGracePeriodSeconds: 30autoscaling:enabled: falseminReplicas: 1maxReplicas: 11targetCPU: ""targetMemory: ""serviceAccount:create: truename: ""automountServiceAccountToken: falseannotations: {}
sentinel:enabled: falseimage:registry: docker.iorepository: bitnami/redis-sentineltag: 7.2.4-debian-12-r7digest: ""pullPolicy: IfNotPresentpullSecrets: []debug: falseannotations: {}masterSet: mymasterquorum: 2getMasterTimeout: 90automateClusterRecovery: falseredisShutdownWaitFailover: truedownAfterMilliseconds: 60000failoverTimeout: 180000parallelSyncs: 1configuration: ""command: []args: []enableServiceLinks: truepreExecCmds: []extraEnvVars: []extraEnvVarsCM: ""extraEnvVarsSecret: ""externalMaster:enabled: falsehost: ""port: 6379containerPorts:sentinel: 26379startupProbe:enabled: trueinitialDelaySeconds: 10periodSeconds: 10timeoutSeconds: 5successThreshold: 1failureThreshold: 22livenessProbe:enabled: trueinitialDelaySeconds: 20periodSeconds: 10timeoutSeconds: 5successThreshold: 1failureThreshold: 6readinessProbe:enabled: trueinitialDelaySeconds: 20periodSeconds: 5timeoutSeconds: 1successThreshold: 1failureThreshold: 6customStartupProbe: {}customLivenessProbe: {}customReadinessProbe: {}persistence:enabled: falsestorageClass: ""accessModes:- ReadWriteOncesize: 100Miannotations: {}labels: {}selector: {}dataSource: {}medium: ""sizeLimit: ""persistentVolumeClaimRetentionPolicy:enabled: falsewhenScaled: RetainwhenDeleted: RetainresourcesPreset: "none"resources: {}containerSecurityContext:enabled: trueseLinuxOptions: nullrunAsUser: 1001runAsGroup: 0runAsNonRoot: trueallowPrivilegeEscalation: falsereadOnlyRootFilesystem: falseseccompProfile:type: RuntimeDefaultcapabilities:drop: ["ALL"]lifecycleHooks: {}extraVolumes: []extraVolumeMounts: []service:type: ClusterIPports:redis: 6379sentinel: 26379nodePorts:redis: ""sentinel: ""externalTrafficPolicy: ClusterextraPorts: []clusterIP: ""loadBalancerIP: ""loadBalancerClass: ""loadBalancerSourceRanges: []annotations: {}sessionAffinity: NonesessionAffinityConfig: {}headless:## @param sentinel.service.headless.annotations Annotations for the headless service.##annotations: {}terminationGracePeriodSeconds: 30
serviceBindings:enabled: false
networkPolicy:enabled: trueallowExternal: trueallowExternalEgress: trueextraIngress: []extraEgress: []ingressNSMatchLabels: {}ingressNSPodMatchLabels: {}metrics:allowExternal: trueingressNSMatchLabels: {}ingressNSPodMatchLabels: {}
podSecurityPolicy:create: falseenabled: false
rbac:create: falserules: []
serviceAccount:create: truename: ""automountServiceAccountToken: falseannotations: {}
pdb:create: falseminAvailable: 1maxUnavailable: ""
tls:enabled: falseauthClients: trueautoGenerated: falseexistingSecret: ""certificatesSecret: ""certFilename: ""certKeyFilename: ""certCAFilename: ""dhParamsFilename: ""
metrics:enabled: falseimage:registry: docker.iorepository: bitnami/redis-exportertag: 1.58.0-debian-12-r3digest: ""pullPolicy: IfNotPresentpullSecrets: []containerPorts:http: 9121startupProbe:enabled: falseinitialDelaySeconds: 10periodSeconds: 10timeoutSeconds: 5successThreshold: 1failureThreshold: 5livenessProbe:enabled: trueinitialDelaySeconds: 10periodSeconds: 10timeoutSeconds: 5successThreshold: 1failureThreshold: 5readinessProbe:enabled: trueinitialDelaySeconds: 5periodSeconds: 10timeoutSeconds: 1successThreshold: 1failureThreshold: 3customStartupProbe: {}customLivenessProbe: {}customReadinessProbe: {}command: []redisTargetHost: "localhost"extraArgs: {}extraEnvVars: []containerSecurityContext:enabled: trueseLinuxOptions: nullrunAsUser: 1001runAsGroup: 0runAsNonRoot: trueallowPrivilegeEscalation: falsereadOnlyRootFilesystem: falseseccompProfile:type: RuntimeDefaultcapabilities:drop: ["ALL"]extraVolumes: []extraVolumeMounts: []resourcesPreset: "none"resources: {}podLabels: {}podAnnotations:prometheus.io/scrape: "true"prometheus.io/port: "9121"service:enabled: truetype: ClusterIPports:http: 9121externalTrafficPolicy: ClusterextraPorts: []loadBalancerIP: ""loadBalancerClass: ""loadBalancerSourceRanges: []annotations: {}clusterIP: ""serviceMonitor:port: http-metricsenabled: falsenamespace: ""interval: 30sscrapeTimeout: ""relabellings: []metricRelabelings: []honorLabels: falseadditionalLabels: {}podTargetLabels: []sampleLimit: falsetargetLimit: falseadditionalEndpoints: []podMonitor:port: metricsenabled: falsenamespace: ""interval: 30sscrapeTimeout: ""relabellings: []metricRelabelings: []honorLabels: falseadditionalLabels: {}podTargetLabels: []sampleLimit: falsetargetLimit: falseadditionalEndpoints: []prometheusRule:enabled: falsenamespace: ""additionalLabels: {}rules: []
volumePermissions:enabled: falseimage:registry: docker.iorepository: bitnami/os-shelltag: 12-debian-12-r16digest: ""pullPolicy: IfNotPresentpullSecrets: []resourcesPreset: "none"resources: {}containerSecurityContext:seLinuxOptions: nullrunAsUser: 0
sysctl:enabled: falseimage:registry: docker.iorepository: bitnami/os-shelltag: 12-debian-12-r16digest: ""pullPolicy: IfNotPresentpullSecrets: []command: []mountHostSys: falseresourcesPreset: "none"resources: {}
useExternalDNS:enabled: falsesuffix: ""annotationKey: external-dns.alpha.kubernetes.io/additionalAnnotations: {}

5.2.4 查看安裝情況

[root@k8s-master k8s]# kubectl create namespace  redis 
[root@k8s-master k8s]# helm install redis ./redis/  -n redis
NAME: redis
LAST DEPLOYED: Thu Feb 29 15:00:51 2024
NAMESPACE: redis
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
CHART NAME: redis
CHART VERSION: 18.17.0
APP VERSION: 7.2.4** Please be patient while the chart is being deployed **Redis® can be accessed on the following DNS names from within your cluster:redis-master.redis.svc.cluster.local for read/write operations (port 6379)redis-replicas.redis.svc.cluster.local for read-only operations (port 6379)To get your password run:export REDIS_PASSWORD=$(kubectl get secret --namespace redis redis -o jsonpath="{.data.redis-password}" | base64 -d)To connect to your Redis® server:1. Run a Redis® pod that you can use as a client:kubectl run --namespace redis redis-client --restart='Never'  --env REDIS_PASSWORD=$REDIS_PASSWORD  --image docker.io/bitnami/redis:7.2.4-debian-12-r9 --command -- sleep infinityUse the following command to attach to the pod:kubectl exec --tty -i redis-client \--namespace redis -- bash2. Connect using the Redis® CLI:REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h redis-masterREDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h redis-replicasTo connect to your database from outside the cluster execute the following commands:kubectl port-forward --namespace redis svc/redis-master 6379:6379 &REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h 127.0.0.1 -p 6379WARNING: There are "resources" sections in the chart not set. Using "resourcesPreset" is not recommended for production. For production installations, please set the following values according to your workload needs:- master.resources- replica.resources
+info https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/# 獲取在namespace 是redis的所有資源[root@k8s-master k8s]# kubectl get all -n redis
NAME                   READY   STATUS    RESTARTS      AGE
pod/redis-master-0     1/1     Running   0             12m
pod/redis-replicas-0   1/1     Running   1 (11m ago)   12m
pod/redis-replicas-1   1/1     Running   0             10m
pod/redis-replicas-2   1/1     Running   0             9m35sNAME                     TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)    AGE
service/redis-headless   ClusterIP   None          <none>        6379/TCP   12m
service/redis-master     ClusterIP   10.1.165.79   <none>        6379/TCP   12m
service/redis-replicas   ClusterIP   10.1.241.14   <none>        6379/TCP   12mNAME                              READY   AGE
statefulset.apps/redis-master     1/1     12m
statefulset.apps/redis-replicas   3/3     12m# 獲取 pv 的信息
[root@k8s-master k8s]# kubectl get pv -owide  -n redis
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                               STORAGECLASS          REASON   AGE     VOLUMEMODE
pvc-276280e7-0606-4c2f-86bf-0f0ee5c780be   8Gi        RWO            Delete           Bound    redis/redis-data-redis-replicas-2   managed-nfs-storage            9m54s   Filesystem
pvc-3ae8520e-3a40-4e21-9bb8-3659b496846e   1Gi        RWO            Delete           Bound    redis/redis-data-redis-master-0     managed-nfs-storage            12m     Filesystem
pvc-a4075967-0575-434e-86d6-b6aea075080f   8Gi        RWO            Delete           Bound    redis/redis-data-redis-replicas-0   managed-nfs-storage            12m     Filesystem
pvc-c21c3655-e6f4-4a1c-bc7c-61f49c2c5799   8Gi        RWO            Delete           Bound    redis/redis-data-redis-replicas-1   managed-nfs-storage            11m     Filesystem# 獲取 pvc 的信息
[root@k8s-master k8s]# kubectl get pvc  -owide    -n redis
NAME                          STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS          AGE   VOLUMEMODE
redis-data-redis-master-0     Bound    pvc-3ae8520e-3a40-4e21-9bb8-3659b496846e   1Gi        RWO            managed-nfs-storage   13m   Filesystem
redis-data-redis-replicas-0   Bound    pvc-a4075967-0575-434e-86d6-b6aea075080f   8Gi        RWO            managed-nfs-storage   13m   Filesystem
redis-data-redis-replicas-1   Bound    pvc-c21c3655-e6f4-4a1c-bc7c-61f49c2c5799   8Gi        RWO            managed-nfs-storage   11m   Filesystem
redis-data-redis-replicas-2   Bound    pvc-276280e7-0606-4c2f-86bf-0f0ee5c780be   8Gi        RWO            managed-nfs-storage   10m   Filesystem# 獲取service的信息 
[root@k8s-master k8s]# kubectl get service   -owide    -n redis
NAME             TYPE        CLUSTER-IP    EXTERNAL-IP   PORT(S)    AGE   SELECTOR
redis-headless   ClusterIP   None          <none>        6379/TCP   13m   app.kubernetes.io/instance=redis,app.kubernetes.io/name=redis
redis-master     ClusterIP   10.1.165.79   <none>        6379/TCP   13m   app.kubernetes.io/component=master,app.kubernetes.io/instance=redis,app.kubernetes.io/name=redis
redis-replicas   ClusterIP   10.1.241.14   <none>        6379/TCP   13m   app.kubernetes.io/component=replica,app.kubernetes.io/instance=redis,app.kubernetes.io/name=redis# 獲取制備器 storageclass的信息
[root@k8s-master k8s]# kubectl get  sc     -owide   
NAME                  PROVISIONER      RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE
managed-nfs-storage   fuseim.pri/ifs   Delete          Immediate           false                  42h# 獲取數據卷nfs pod的信息
[root@k8s-master k8s]# kubectl get  po  -n kube-system  | grep nfs
nfs-client-provisioner-64f976f4cd-7gdq7   1/1     Running   0               42h

5.2.5 使用這個redis集群

# 獲取redis的密碼，會把這個寫入到環境變量中，由于未設置密碼，所以redis自己設置為了一個隨機密碼
[root@k8s-master redis]# export REDIS_PASSWORD=$(kubectl get secret --namespace redis redis -o jsonpath="{.data.redis-password}" | base64 -d)
[root@k8s-master k8s]# echo $REDIS_PASSWORD
oWx22K6221tUBe# 創建一個redis的客戶端通過客戶端訪問redis
[root@k8s-master redis]#  kubectl run --namespace redis redis-client --restart='Never'  --env REDIS_PASSWORD=$REDIS_PASSWORD  --image docker.io/bitnami/redis:7.2.4-debian-12-r9 --command -- sleep infinity
pod/redis-client created# 進入這個redis的容器中執行命令
[root@k8s-master redis]# kubectl exec --tty -i redis-client \
>    --namespace redis -- bash# 連接redis的master端，可以設置數據，查看數據
I have no name!@redis-client:/$ REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h redis-master
redis-master:6379> set name xiaobai
OK
redis-master:6379> get name
"xiaobai"
redis-master:6379> exit# 連接redis的replicas，可以查看數據，但是不能創建數據
I have no name!@redis-client:/$ REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h redis-replicas
redis-replicas:6379> get name
"xiaobai"
redis-replicas:6379> set age 12
(error) READONLY You can't write against a read only replica.
redis-replicas:6379> exit
I have no name!@redis-client:/$

5.2.6 通過helm升級redis

# 給redis設置一個密碼，然后進行升級
global:redis:password: "redis123"

# 1、升級redis 
[root@k8s-master k8s]# helm upgrade redis  ./redis/   -n redis
Release "redis" has been upgraded. Happy Helming!
NAME: redis
LAST DEPLOYED: Thu Feb 29 15:44:47 2024
NAMESPACE: redis
STATUS: deployed
REVISION: 2
TEST SUITE: None
NOTES:
CHART NAME: redis
CHART VERSION: 18.17.0
APP VERSION: 7.2.4** Please be patient while the chart is being deployed **Redis® can be accessed on the following DNS names from within your cluster:redis-master.redis.svc.cluster.local for read/write operations (port 6379)redis-replicas.redis.svc.cluster.local for read-only operations (port 6379)To get your password run:export REDIS_PASSWORD=$(kubectl get secret --namespace redis redis -o jsonpath="{.data.redis-password}" | base64 -d)To connect to your Redis® server:1. Run a Redis® pod that you can use as a client:kubectl run --namespace redis redis-client --restart='Never'  --env REDIS_PASSWORD=$REDIS_PASSWORD  --image docker.io/bitnami/redis:7.2.4-debian-12-r9 --command -- sleep infinityUse the following command to attach to the pod:kubectl exec --tty -i redis-client \--namespace redis -- bash2. Connect using the Redis® CLI:REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h redis-masterREDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h redis-replicasTo connect to your database from outside the cluster execute the following commands:kubectl port-forward --namespace redis svc/redis-master 6379:6379 &REDISCLI_AUTH="$REDIS_PASSWORD" redis-cli -h 127.0.0.1 -p 6379WARNING: There are "resources" sections in the chart not set. Using "resourcesPreset" is not recommended for production. For production installations, please set the following values according to your workload needs:- master.resources- replica.resources
+info https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/# 2、查看pod情況，這個redis的副本是statefulset資源，升級的時候從大到小
[root@k8s-master k8s]# kubectl get po -n redis
NAME               READY   STATUS              RESTARTS      AGE
redis-client       1/1     Running             0             8m56s
redis-master-0     0/1     ContainerCreating   0             2s
redis-replicas-0   1/1     Running             1 (42m ago)   44m
redis-replicas-1   1/1     Running             0             42m
redis-replicas-2   0/1     ContainerCreating   0             2s[root@k8s-master k8s]# kubectl get po -n redis
NAME               READY   STATUS    RESTARTS   AGE
redis-client       1/1     Running   0          12m
redis-master-0     1/1     Running   0          3m17s
redis-replicas-0   1/1     Running   0          108s
redis-replicas-1   1/1     Running   0          2m16s
redis-replicas-2   1/1     Running   0          3m17s# 3、查看redis更新過后，數據是否還存在
[root@k8s-master k8s]# kubectl exec --tty -i redis-client    --namespace redis -- bashI have no name!@redis-client:/$ redis-cli -h redis-master
redis-master:6379> auth redis123
OK
redis-master:6379> get name
"xiaobai"
redis-master:6379> get age
(nil)
redis-master:6379> exit[root@k8s-master k8s]# kubectl exec --tty -i redis-client    --namespace redis -- bash
I have no name!@redis-client:/$ redis-cli  -h redis-replicas
redis-replicas:6379> auth redis123
OKredis-replicas:6379> get name
"xiaobai"
redis-replicas:6379> set age  18
(error) READONLY You can't write against a read only replica.
redis-replicas:6379> exit
I have no name!@redis-client:/$

5.2.7 通過helm回滾redis

# 查看服務的歷史版本
[root@k8s-master k8s]# helm history redis    -n redis
REVISION	UPDATED                 	STATUS    	CHART        	APP VERSION	DESCRIPTION
1       	Thu Feb 29 15:00:51 2024	superseded	redis-18.17.0	7.2.4      	Install complete
2       	Thu Feb 29 15:44:47 2024	deployed  	redis-18.17.0	7.2.4      	Upgrade complete# 通過rollback 回滾到指定的版本 
[root@k8s-master k8s]# helm rollback  redis  1 -n redis
Rollback was a success! Happy Helming![root@k8s-master k8s]# echo $REDIS_PASSWORD
oWx2K6tUBe[root@k8s-master k8s]# kubectl exec --tty -i redis-client    --namespace redis -- bash
I have no name!@redis-client:/$ redis-cli  -h redis-master
redis-master:6379> auth oWx2K6tUBe
OK
redis-master:6379> get name
"xiaobai"redis-master:6379> exit
I have no name!@redis-client:/$

5.2.8 helm卸載redis

# 1、helm 卸載了redis
[root@k8s-master k8s]# helm delete redis  -n redis
release "redis" uninstalled
[root@k8s-master k8s]# kubectl get po   -n redis
NAME           READY   STATUS    RESTARTS   AGE
redis-client   1/1     Running   0          35m# 2、但是在查看pvc的時候發現pcv并沒有刪除，這是因為為了數據的安全性，所以沒有刪除
[root@k8s-master k8s]# kubectl get pvc -ne redis
Error from server (NotFound): namespaces "e" not found
[root@k8s-master k8s]# kubectl get pvc -n redis
NAME                          STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS          AGE
redis-data-redis-master-0     Bound    pvc-3ae8520e-3a40-4e21-9bb8-3659b496846e   1Gi        RWO            managed-nfs-storage   70m
redis-data-redis-replicas-0   Bound    pvc-a4075967-0575-434e-86d6-b6aea075080f   8Gi        RWO            managed-nfs-storage   70m
redis-data-redis-replicas-1   Bound    pvc-c21c3655-e6f4-4a1c-bc7c-61f49c2c5799   8Gi        RWO            managed-nfs-storage   68m
redis-data-redis-replicas-2   Bound    pvc-276280e7-0606-4c2f-86bf-0f0ee5c780be   8Gi        RWO            managed-nfs-storage   67m[root@k8s-master k8s]# kubectl get pv -n redis
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                               STORAGECLASS          REASON   AGE
pvc-276280e7-0606-4c2f-86bf-0f0ee5c780be   8Gi        RWO            Delete           Bound    redis/redis-data-redis-replicas-2   managed-nfs-storage            67m
pvc-3ae8520e-3a40-4e21-9bb8-3659b496846e   1Gi        RWO            Delete           Bound    redis/redis-data-redis-master-0     managed-nfs-storage            70m
pvc-a4075967-0575-434e-86d6-b6aea075080f   8Gi        RWO            Delete           Bound    redis/redis-data-redis-replicas-0   managed-nfs-storage            70m
pvc-c21c3655-e6f4-4a1c-bc7c-61f49c2c5799   8Gi        RWO            Delete           Bound    redis/redis-data-redis-replicas-1   managed-nfs-storage            68m