WordPress Helm Chartのデプロイを参考にhelmをインストールしてみました。
Helm v3のすゝめ がより実践的?
helmのインストール方法が異なるが、その後の手順はほぼ同じ(以下、enabel helm3でインストールした場合)?
$ helm search hub prometheus のコマンドは;
$ microk8s.helm3 search hub prometheus のように読み替えリポジトリを追加する
$ micro8ks.helm3 repo add stable https://charts.helm.sh/stable
$ microk8s.helm3 repo add bitnami https://charts.bitnami.com/bitnami追加したレポジトリのリスト
$ microk8s helm3 repo list
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /var/snap/microk8s/2265/credentials/client.config
NAME URL
stable https://charts.helm.sh/stable
bitnami https://charts.bitnami.com/bitnamiリポジトリ内のChartを検索する
$ microk8s helm3 search repo wordpress
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /var/snap/microk8s/2265/credentials/client.config
NAME CHART VERSION APP VERSION DESCRIPTION
bitnami/wordpress 11.0.16 5.7.2 Web publishing platform for building blogs and ...
stable/wordpress 9.0.3 5.3.2 DEPRECATED Web publishing platform for building...helm search hubでHelm HubのChartを検索できます。helm installコマンドの--version引数にChartのバージョンを指定できますので、任意のバージョンのChartをデプロイすることも可能です。helm pullコマンドでChartをローカルにダウンロードできます。
ダウンロードしたChartはお好きに書き換えてデプロイできるので、Chartに用意されているパラメタで変更できないような設定も変更できます。
アプリケーションをデプロイする
# namespaceを作成
$ kubectl create namespace helm-test
# dry-run
$ helm install test stable/prometheus --namespace helm-test --dry-run
# デプロイ
$ helm install stable/prometheus --name test --namespace helm-test
# 確認
$ helm list -n helm-test
$ kubectl get po -n helm-testdry-runで表示された情報
$ microk8s helm3 install test bitnami/wordpress --namespace helm-test --dry-run
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /var/snap/microk8s/2265/credentials/client.config
NAME: test
LAST DEPLOYED: Tue Jun 22 10:03:29 2021
NAMESPACE: helm-test
STATUS: pending-install
REVISION: 1
HOOKS:
---
# Source: wordpress/templates/tests/test-mariadb-connection.yaml
apiVersion: v1
kind: Pod
metadata:
name: "test-credentials-test"
annotations:
"helm.sh/hook": test-success
spec:
securityContext:
fsGroup: 1001
containers:
- name: test-credentials-test
image: docker.io/bitnami/wordpress:5.7.2-debian-10-r25
imagePullPolicy: "IfNotPresent"
securityContext:
runAsNonRoot: true
runAsUser: 1001
env:
- name: MARIADB_HOST
value: "test-mariadb"
- name: MARIADB_PORT
value: "3306"
- name: WORDPRESS_DATABASE_NAME
value: "bitnami_wordpress"
- name: WORDPRESS_DATABASE_USER
value: "bn_wordpress"
- name: WORDPRESS_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: test-mariadb
key: mariadb-password
command:
- /bin/bash
- -ec
- |
mysql --host=$MARIADB_HOST --port=$MARIADB_PORT --user=$WORDPRESS_DATABASE_USER --password=$WORDPRESS_DATABASE_PASSWORD
restartPolicy: Never
MANIFEST:
---
# Source: wordpress/charts/mariadb/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: test-mariadb
namespace: helm-test
labels:
app.kubernetes.io/name: mariadb
helm.sh/chart: mariadb-9.3.14
app.kubernetes.io/instance: test
app.kubernetes.io/managed-by: Helm
annotations:
---
# Source: wordpress/charts/mariadb/templates/secrets.yaml
apiVersion: v1
kind: Secret
metadata:
name: test-mariadb
namespace: helm-test
labels:
app.kubernetes.io/name: mariadb
helm.sh/chart: mariadb-9.3.14
app.kubernetes.io/instance: test
app.kubernetes.io/managed-by: Helm
type: Opaque
data:
mariadb-root-password: "eGMyb0NNWXZVUg=="
mariadb-password: "SFc1WlkwNWpsMw=="
---
# Source: wordpress/templates/secrets.yaml
apiVersion: v1
kind: Secret
metadata:
name: test-wordpress
namespace: "helm-test"
labels:
app.kubernetes.io/name: wordpress
helm.sh/chart: wordpress-11.0.16
app.kubernetes.io/instance: test
app.kubernetes.io/managed-by: Helm
type: Opaque
data:
wordpress-password: "TVJteHlENlFtQQ=="
---
# Source: wordpress/charts/mariadb/templates/primary/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: test-mariadb
namespace: helm-test
labels:
app.kubernetes.io/name: mariadb
helm.sh/chart: mariadb-9.3.14
app.kubernetes.io/instance: test
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: primary
data:
my.cnf: |-
[mysqld]
skip-name-resolve
explicit_defaults_for_timestamp
basedir=/opt/bitnami/mariadb
plugin_dir=/opt/bitnami/mariadb/plugin
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
tmpdir=/opt/bitnami/mariadb/tmp
max_allowed_packet=16M
bind-address=0.0.0.0
pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
log-error=/opt/bitnami/mariadb/logs/mysqld.log
character-set-server=UTF8
collation-server=utf8_general_ci
[client]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
default-character-set=UTF8
plugin_dir=/opt/bitnami/mariadb/plugin
[manager]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
pid-file=/opt/bitnami/mariadb/tmp/mysqld.pid
---
# Source: wordpress/templates/pvc.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: test-wordpress
namespace: "helm-test"
labels:
app.kubernetes.io/name: wordpress
helm.sh/chart: wordpress-11.0.16
app.kubernetes.io/instance: test
app.kubernetes.io/managed-by: Helm
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "10Gi"
---
# Source: wordpress/charts/mariadb/templates/primary/svc.yaml
apiVersion: v1
kind: Service
metadata:
name: test-mariadb
namespace: helm-test
labels:
app.kubernetes.io/name: mariadb
helm.sh/chart: mariadb-9.3.14
app.kubernetes.io/instance: test
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: primary
annotations:
spec:
type: ClusterIP
ports:
- name: mysql
port: 3306
protocol: TCP
targetPort: mysql
nodePort: null
selector:
app.kubernetes.io/name: mariadb
app.kubernetes.io/instance: test
app.kubernetes.io/component: primary
---
# Source: wordpress/templates/svc.yaml
apiVersion: v1
kind: Service
metadata:
name: test-wordpress
namespace: "helm-test"
labels:
app.kubernetes.io/name: wordpress
helm.sh/chart: wordpress-11.0.16
app.kubernetes.io/instance: test
app.kubernetes.io/managed-by: Helm
spec:
type: LoadBalancer
externalTrafficPolicy: "Cluster"
ports:
- name: http
port: 80
protocol: TCP
targetPort: http
- name: https
port: 443
protocol: TCP
targetPort: https
selector:
app.kubernetes.io/name: wordpress
app.kubernetes.io/instance: test
---
# Source: wordpress/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: test-wordpress
namespace: "helm-test"
labels:
app.kubernetes.io/name: wordpress
helm.sh/chart: wordpress-11.0.16
app.kubernetes.io/instance: test
app.kubernetes.io/managed-by: Helm
spec:
selector:
matchLabels:
app.kubernetes.io/name: wordpress
app.kubernetes.io/instance: test
strategy:
rollingUpdate: {}
type: RollingUpdate
replicas: 1
template:
metadata:
labels:
app.kubernetes.io/name: wordpress
helm.sh/chart: wordpress-11.0.16
app.kubernetes.io/instance: test
app.kubernetes.io/managed-by: Helm
spec:
serviceAccountName: default
# yamllint disable rule:indentation
hostAliases:
- hostnames:
- status.localhost
ip: 127.0.0.1
# yamllint enable rule:indentation
affinity:
podAffinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/name: wordpress
app.kubernetes.io/instance: test
namespaces:
- "helm-test"
topologyKey: kubernetes.io/hostname
weight: 1
nodeAffinity:
securityContext:
fsGroup: 1001
containers:
- name: wordpress
image: docker.io/bitnami/wordpress:5.7.2-debian-10-r25
imagePullPolicy: "IfNotPresent"
securityContext:
runAsNonRoot: true
runAsUser: 1001
env:
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
- name: MARIADB_HOST
value: "test-mariadb"
- name: MARIADB_PORT_NUMBER
value: "3306"
- name: WORDPRESS_DATABASE_NAME
value: "bitnami_wordpress"
- name: WORDPRESS_DATABASE_USER
value: "bn_wordpress"
- name: WORDPRESS_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: test-mariadb
key: mariadb-password
- name: WORDPRESS_USERNAME
value: "user"
- name: WORDPRESS_PASSWORD
valueFrom:
secretKeyRef:
name: test-wordpress
key: wordpress-password
- name: WORDPRESS_EMAIL
value: "user@example.com"
- name: WORDPRESS_FIRST_NAME
value: "FirstName"
- name: WORDPRESS_LAST_NAME
value: "LastName"
- name: WORDPRESS_HTACCESS_OVERRIDE_NONE
value: "no"
- name: WORDPRESS_ENABLE_HTACCESS_PERSISTENCE
value: "no"
- name: WORDPRESS_BLOG_NAME
value: "User's Blog!"
- name: WORDPRESS_SKIP_BOOTSTRAP
value: "no"
- name: WORDPRESS_TABLE_PREFIX
value: "wp_"
- name: WORDPRESS_SCHEME
value: "http"
- name: WORDPRESS_EXTRA_WP_CONFIG_CONTENT
value:
- name: WORDPRESS_AUTO_UPDATE_LEVEL
value: "none"
- name: WORDPRESS_PLUGINS
value: "none"
envFrom:
ports:
- name: http
containerPort: 8080
- name: https
containerPort: 8443
livenessProbe:
failureThreshold: 6
httpGet:
httpHeaders: []
path: /wp-admin/install.php
port: http
scheme: HTTP
initialDelaySeconds: 120
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
readinessProbe:
failureThreshold: 6
httpGet:
httpHeaders: []
path: /wp-login.php
port: http
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
resources:
limits: {}
requests:
cpu: 300m
memory: 512Mi
volumeMounts:
- mountPath: /bitnami/wordpress
name: wordpress-data
subPath: wordpress
volumes:
- name: wordpress-data
persistentVolumeClaim:
claimName: test-wordpress
---
# Source: wordpress/charts/mariadb/templates/primary/statefulset.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: test-mariadb
namespace: helm-test
labels:
app.kubernetes.io/name: mariadb
helm.sh/chart: mariadb-9.3.14
app.kubernetes.io/instance: test
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: primary
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/name: mariadb
app.kubernetes.io/instance: test
app.kubernetes.io/component: primary
serviceName: test-mariadb
updateStrategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/configuration: ba8296f4257f44a12c500b7f1720b6f3c44eb6b885a21e83bc3175cf4859939f
labels:
app.kubernetes.io/name: mariadb
helm.sh/chart: mariadb-9.3.14
app.kubernetes.io/instance: test
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/component: primary
spec:
serviceAccountName: test-mariadb
affinity:
podAffinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/name: mariadb
app.kubernetes.io/instance: test
app.kubernetes.io/component: primary
namespaces:
- "helm-test"
topologyKey: kubernetes.io/hostname
weight: 1
nodeAffinity:
securityContext:
fsGroup: 1001
containers:
- name: mariadb
image: docker.io/bitnami/mariadb:10.5.10-debian-10-r18
imagePullPolicy: "IfNotPresent"
securityContext:
runAsUser: 1001
env:
- name: BITNAMI_DEBUG
value: "false"
- name: MARIADB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: test-mariadb
key: mariadb-root-password
- name: MARIADB_USER
value: "bn_wordpress"
- name: MARIADB_PASSWORD
valueFrom:
secretKeyRef:
name: test-mariadb
key: mariadb-password
- name: MARIADB_DATABASE
value: "bitnami_wordpress"
ports:
- name: mysql
containerPort: 3306
livenessProbe:
failureThreshold: 3
initialDelaySeconds: 120
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MARIADB_ROOT_PASSWORD:-}"
if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
readinessProbe:
failureThreshold: 3
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
exec:
command:
- /bin/bash
- -ec
- |
password_aux="${MARIADB_ROOT_PASSWORD:-}"
if [[ -f "${MARIADB_ROOT_PASSWORD_FILE:-}" ]]; then
password_aux=$(cat "$MARIADB_ROOT_PASSWORD_FILE")
fi
mysqladmin status -uroot -p"${password_aux}"
resources:
limits: {}
requests: {}
volumeMounts:
- name: data
mountPath: /bitnami/mariadb
- name: config
mountPath: /opt/bitnami/mariadb/conf/my.cnf
subPath: my.cnf
volumes:
- name: config
configMap:
name: test-mariadb
volumeClaimTemplates:
- metadata:
name: data
labels:
app.kubernetes.io/name: mariadb
app.kubernetes.io/instance: test
app.kubernetes.io/component: primary
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "8Gi"
NOTES:
** Please be patient while the chart is being deployed **
Your WordPress site can be accessed through the following DNS name from within your cluster:
test-wordpress.helm-test.svc.cluster.local (port 80)
To access your WordPress site from outside the cluster follow the steps below:
1. Get the WordPress URL by running these commands:
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace helm-test -w test-wordpress'
export SERVICE_IP=$(kubectl get svc --namespace helm-test test-wordpress --template "{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}")
echo "WordPress URL: http://$SERVICE_IP/"
echo "WordPress Admin URL: http://$SERVICE_IP/admin"
2. Open a browser and access WordPress using the obtained URL.
3. Login with the following credentials below to see your blog:
echo Username: user
echo Password: $(kubectl get secret --namespace helm-test test-wordpress -o jsonpath="{.data.wordpress-password}" | base64 --decode)ストレージの有効化
microk8s enable storage
Enabling default storage class
[sudo] mars のパスワード:
deployment.apps/hostpath-provisioner created
storageclass.storage.k8s.io/microk8s-hostpath created
serviceaccount/microk8s-hostpath created
clusterrole.rbac.authorization.k8s.io/microk8s-hostpath created
clusterrolebinding.rbac.authorization.k8s.io/microk8s-hostpath created
Storage will be available soonKubernetes IDEであるLensをMicroK8sで使う を参考にlensをインストール
sudo snap install kontena-lens --classickontena-lensを起動
kontena-lens
info: 📟 Setting Lens as protocol client for lens://
info: 📟 failed ❗
info: 🚀 Starting Lens from "/home/mars/snap/kontena-lens/179/.config/Lens"
info: 🐚 Syncing shell environment
info: 💾 Loading stores
STORE MIGRATION (/home/mars/snap/kontena-lens/179/.config/Lens/lens-cluster-store.json): 2.0.0-beta.2
STORE MIGRATION (/home/mars/snap/kontena-lens/179/.config/Lens/lens-cluster-store.json): 2.4.1
STORE MIGRATION (/home/mars/snap/kontena-lens/179/.config/Lens/lens-cluster-store.json): 2.6.0-beta.2
STORE MIGRATION (/home/mars/snap/kontena-lens/179/.config/Lens/lens-cluster-store.json): 2.6.0-beta.3
STORE MIGRATION (/home/mars/snap/kontena-lens/179/.config/Lens/lens-cluster-store.json): 2.7.0-beta.0
STORE MIGRATION (/home/mars/snap/kontena-lens/179/.config/Lens/lens-cluster-store.json): 2.7.0-beta.1
STORE MIGRATION (/home/mars/snap/kontena-lens/179/.config/Lens/lens-cluster-store.json): 3.6.0-beta.1
STORE MIGRATION (/home/mars/snap/kontena-lens/179/.config/Lens/lens-cluster-store.json): 4.2.2
Migrating embedded kubeconfig paths
info: [STORE]: LOADED from /home/mars/snap/kontena-lens/179/.config/Lens/lens-cluster-store.json
info: [STORE]: LOADED from /home/mars/snap/kontena-lens/179/.config/Lens/lens-extensions.json
info: [STORE]: LOADED from /home/mars/snap/kontena-lens/179/.config/Lens/lens-filesystem-provisioner-store.json
STORE MIGRATION (/home/mars/snap/kontena-lens/179/.config/Lens/lens-workspace-store.json): 4.2.0-beta.1
info: [STORE]: LOADED from /home/mars/snap/kontena-lens/179/.config/Lens/lens-workspace-store.json
STORE MIGRATION (/home/mars/snap/kontena-lens/179/.config/Lens/lens-user-store.json): 2.1.0-beta.4
info: [STORE]: LOADED from /home/mars/snap/kontena-lens/179/.config/Lens/lens-user-store.json
info: 🔑 Getting free port for LensProxy server
info: 🔌 Starting LensProxy
info: [LENS-PROXY]: Proxy server has started at http://localhost:45293
info: 🔎 Testing LensProxy connection ...
error: ENOENT: no such file or directory, open '/home/mars/.kube/config' {"errno":-2,"code":"ENOENT","syscall":"open","path":"/home/mars/.kube/config"}
info: ⚡ LensProxy connection OK
info: 🖥️ Starting WindowManager
info: 🧩 Initializing extensions
info: [EXTENSION-DISCOVERY] loading extensions from /home/mars/snap/kontena-lens/179/.config/Lens
(kontena-lens:1373066): libappindicator-WARNING **: 08:48:20.134: Using '/tmp' paths in SNAP environment will lead to unreadable resources
info: [EXTENSION-INSTALLER] installing dependencies at /home/mars/snap/kontena-lens/179/.config/Lens
info: [WINDOW-MANAGER]: Loading Main window from url: http://localhost:45293 ...
info: [EXTENSION-INSTALLER] dependencies installed at /home/mars/snap/kontena-lens/179/.config/Lens
info: [EXTENSION-DISCOVERY] watching extension add/remove in /home/mars/.k8slens/extensions
info: [EXTENSION]: enabled lens-license@0.1.0
info: [STORE]: LOADED from /home/mars/snap/kontena-lens/179/.config/Lens/extension-store/lens-survey/preferences-store.json
info: [EXTENSION]: enabled lens-survey@0.1.0
telemetry main extension activated
info: [STORE]: LOADED from /home/mars/snap/kontena-lens/179/.config/Lens/extension-store/lens-telemetry/preferences-store.json
info: [EXTENSION]: enabled lens-telemetry@0.1.0
info: [WINDOW-MANAGER]: Main window loaded
info: 📡 Checking for app updates
info: Checking for update
error: Error: Error: ENOENT: no such file or directory, open '/snap/kontena-lens/179/resources/app-update.yml'
error: [UPDATE-CHECKER]: failed with an error {"error":"Error: ENOENT: no such file or directory, open '/snap/kontena-lens/179/resources/app-update.yml'"}