环境
[root@kubernetes-master-001 centos]# helm version
Client: &version.Version{SemVer:"v2.9.0", GitCommit:"f6025bb9ee7daf9fee0026541c90a6f557a3e0bc", GitTreeState:"clean"}
Server: &version.Version{SemVer:"v2.9.0", GitCommit:"f6025bb9ee7daf9fee0026541c90a6f557a3e0bc", GitTreeState:"clean"}
[root@kubernetes-master-001 centos]# cat /etc/*-release | tail -n 1
CentOS Linux release 7.4.1708 (Core)
问题
我正在尝试在离线环境中设置 helm,但是遇到了困难。
我似乎成功通过了该init步骤,但任何调用都install失败:
[root@kubernetes-master-001 centos]# export HELM_HOME=/root/.helm
[root@kubernetes-master-001 centos]# helm init --service-account tiller --wait -i $local_registry/kubernetes-helm/tiller:v2.9.0 --skip-refresh
Creating /root/.helm
Creating /root/.helm/repository
Creating /root/.helm/repository/cache
Creating /root/.helm/repository/local
Creating /root/.helm/plugins
Creating /root/.helm/starters
Creating /root/.helm/cache/archive
Creating /root/.helm/repository/repositories.yaml
Adding stable repo with URL: https://kubernetes-charts.storage.googleapis.com
Adding local repo with URL: http://127.0.0.1:8879/charts
$HELM_HOME has been configured at /root/.helm.
Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.
Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.
For more information on securing your installation see: https://docs.helm.sh/using_helm/#securing-your-helm-installation
Happy Helming!
[root@kubernetes-master-001 centos]# helm install $local_HTTP_server/nginx-ingress-869c634517dbeb94c4a759fcfb69c44da38007ed.tgz --debug --name my-nginx --set rbac.create=true
[debug] Created tunnel using local port: '34825'
[debug] SERVER: "127.0.0.1:34825"
[debug] Original chart version: ""
Error: no cached repo found. (try 'helm repo update'). open /root/.helm/repository/cache/stable-index.yaml: no such file or directory
您可以在此处找到以下内容$HELM_HOME:
[root@kubernetes-master-001 centos]# find "$HELM_HOME" -type f
/root/.helm/repository/local/index.yaml
/root/.helm/repository/repositories.yaml
有人看到这个问题的解决方案吗?
答案1
因此基于这个 github 评论,我执行了一个(肮脏的)解决方法:
$HELM_HOME/repository/local/index.yaml该进程创建了一个文件helm init。
[root@kubernetes-master-001 centos]# cat "$HELM_HOME/repository/local/index.yaml"
apiVersion: v1
entries: {}
generated: 2018-06-25T11:48:14.734541008Z
我复制了它@ $HELM_HOME/repository/cache/stable-index.yaml:
cp "$HELM_HOME/repository/local/index.yaml" "$HELM_HOME/repository/cache/stable-index.yaml"
之后它运行良好:
[root@kubernetes-master-001 centos]# helm install $local_HTTP_server/nginx-ingress-869c634517dbeb94c4a759fcfb69c44da38007ed.tgz --debug --name my-nginx --set rbac.create=true
[debug] Created tunnel using local port: '42893'
[debug] SERVER: "127.0.0.1:42893"
[debug] Original chart version: ""
[debug] Fetched $local_HTTP_server/nginx-ingress-869c634517dbeb94c4a759fcfb69c44da38007ed.tgz to /root/.helm/cache/archive/nginx-ingress-869c634517dbeb94c4a759fcfb69c44da38007ed.tgz
[debug] CHART PATH: /root/.helm/cache/archive/nginx-ingress-869c634517dbeb94c4a759fcfb69c44da38007ed.tgz
NAME: my-nginx
REVISION: 1
RELEASED: Mon Jun 25 11:49:27 2018
CHART: nginx-ingress-0.20.3
. . .
. . .
. . .
LAST DEPLOYED: Mon Jun 25 11:49:27 2018
NAMESPACE: default
STATUS: DEPLOYED
. . .
. . .
. . .
答案2
helm init --client-only --skip-refresh
此步骤将在本地安装helm,而不是安装tiller。
下一步是将 tiller 镜像上传到你的 docker 仓库
tiller image: gcr.io/kubernetes-helm/tiller:v2.11.0
如果您尚未设置私有 Docker 注册表,您也可以将 tiller Docker 镜像复制到所有节点。
Tiller 镜像的标签取决于你安装的 helm 版本。在我的例子中,我安装的是 helm 2.11.0
接下来你需要做:
helm init
这将在其中一个节点上安装 Tiller。
接下来,您需要为您的 Tiller Pod 创建一个服务帐户并为其分配 cluster-admin 角色。
创建文件 rbac_service_account.yaml,内容如下
apiVersion: v1
kind: ServiceAccount
metadata:
name: tiller
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: tiller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: tiller
namespace: kube-system
接下来您只需申请服务帐户并升级 Tiller Pod。
kubectl apply -f rbac_service_account.yaml
helm init --service-account tiller --upgrade
答案3
使用--tiller-image选项init指向您的私人注册表。
详见https://helm.sh/docs/install/#easy-in-cluster-installation