티스토리 뷰

기록남기기

[k8s] helm 설치

양들의침묵1 2020. 12. 11. 12:01

# kubectl get nodes
NAME      STATUS   ROLES    AGE     VERSION
master1   Ready    master   2d19h   v1.18.9
worker1   Ready    <none>   2d19h   v1.18.9
worker2   Ready    <none>   2d19h   v1.18.9

# curl https://raw.githubusercontent.com/helm/helm/master/scripts/get > get_helm.sh
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  7160  100  7160    0     0  12175      0 --:--:-- --:--:-- --:--:-- 12176

# chmod 700 get_helm.sh
#  ./get_helm.sh
Downloading https://get.helm.sh/helm-v2.17.0-linux-amd64.tar.gz
Preparing to install helm and tiller into /usr/local/bin
helm installed into /usr/local/bin/helm
tiller installed into /usr/local/bin/tiller
Run 'helm init' to configure helm.

# helm init
Creating /root/.helm
Creating /root/.helm/repository
Creating /root/.helm/repository/cache
Creating /root/.helm/repository/local
Creating /root/.helm/plugins
Creating /root/.helm/starters
Creating /root/.helm/cache/archive
Creating /root/.helm/repository/repositories.yaml
Adding stable repo with URL: https://charts.helm.sh/stable
Adding local repo with URL: http://127.0.0.1:8879/charts
$HELM_HOME has been configured at /root/.helm.

Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.

Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.
To prevent this, run `helm init` with the --tiller-tls-verify flag.
For more information on securing your installation see: https://v2.helm.sh/docs/securing_installation/

# kubectl get service,deployment,pod -n kube-system
NAME                                TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                  AGE
service/coredns                     ClusterIP   10.233.0.3      <none>        53/UDP,53/TCP,9153/TCP   2d19h
service/dashboard-metrics-scraper   ClusterIP   10.233.44.118   <none>        8000/TCP                 2d19h
service/kubernetes-dashboard        ClusterIP   10.233.9.222    <none>        443/TCP                  2d19h
service/tiller-deploy               ClusterIP   10.233.40.164   <none>        44134/TCP                20s

 

 

# helm ls 
Error: configmaps is forbidden: User "system:serviceaccount:kube-system:default" cannot list resource "configmaps" in API group "" in the namespace "kube-system

 

# vim rbac-config.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: tiller
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: tiller
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
  - kind: ServiceAccount
    name: tiller
    namespace: kube-system

 

# kubectl apply -f rbac-config.yaml
# helm init --service-account tiller --history-max 200 --upgrade
$HELM_HOME has been configured at /root/.helm.

Tiller (the Helm server-side component) has been updated to ghcr.io/helm/tiller:v2.17.0 .
# helm ls
# helm version
Client: &version.Version{SemVer:"v2.17.0", GitCommit:"a690bad98af45b015bd3da1a41f6218b1a451dbe", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.17.0", GitCommit:"a690bad98af45b015bd3da1a41f6218b1a451dbe", GitTreeState:"clean"}

 

 

'기록남기기' 카테고리의 다른 글

mariadb Galera Cluster on kubernetes  (0) 2021.08.18
k8s log monitoring Loki  (0) 2021.08.10
jetty 설치  (0) 2020.11.26
k8s  (0) 2020.02.18
tomcat session cluster with redis  (2) 2019.09.19