Back to Details

k8s-helm

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Kubernetes & Helm Patterns

Kubernetes & Helm 模式

Helm Chart Structure

Helm Chart 结构

helm/orca-facade/
├── Chart.yaml
├── values.yaml
├── values-dev.yaml
├── values-prod.yaml
├── templates/
│   ├── _helpers.tpl
│   ├── deployment.yaml
│   ├── service.yaml
│   ├── ingress.yaml
│   ├── configmap.yaml
│   ├── secret.yaml
│   ├── hpa.yaml
│   └── serviceaccount.yaml
└── charts/           # Dependencies
helm/orca-facade/
├── Chart.yaml
├── values.yaml
├── values-dev.yaml
├── values-prod.yaml
├── templates/
│   ├── _helpers.tpl
│   ├── deployment.yaml
│   ├── service.yaml
│   ├── ingress.yaml
│   ├── configmap.yaml
│   ├── secret.yaml
│   ├── hpa.yaml
│   └── serviceaccount.yaml
└── charts/           # 依赖项

Chart.yaml

Chart.yaml

yaml
apiVersion: v2
name: orca-facade
description: Orca Facade API Service
type: application
version: 1.0.0
appVersion: "1.0.0"

dependencies:
  - name: postgresql
    version: "12.x.x"
    repository: "https://charts.bitnami.com/bitnami"
    condition: postgresql.enabled
yaml
apiVersion: v2
name: orca-facade
description: Orca Facade API Service
type: application
version: 1.0.0
appVersion: "1.0.0"

dependencies:
  - name: postgresql
    version: "12.x.x"
    repository: "https://charts.bitnami.com/bitnami"
    condition: postgresql.enabled

values.yaml

values.yaml

yaml
undefined
yaml
undefined

Image configuration

镜像配置

image: repository: registry.example.com/orca-facade tag: latest pullPolicy: IfNotPresent
image: repository: registry.example.com/orca-facade tag: latest pullPolicy: IfNotPresent

Replica configuration

副本配置

replicaCount: 2
replicaCount: 2

Resource limits

资源限制

resources: requests: cpu: 100m memory: 256Mi limits: cpu: 500m memory: 512Mi
resources: requests: cpu: 100m memory: 256Mi limits: cpu: 500m memory: 512Mi

Service configuration

服务配置

service: type: ClusterIP port: 80 targetPort: 8080 grpcPort: 8081
service: type: ClusterIP port: 80 targetPort: 8080 grpcPort: 8081

Ingress

Ingress配置

ingress: enabled: true className: nginx annotations: cert-manager.io/cluster-issuer: letsencrypt-prod hosts: - host: orca.example.com paths: - path: / pathType: Prefix tls: - secretName: orca-tls hosts: - orca.example.com
ingress: enabled: true className: nginx annotations: cert-manager.io/cluster-issuer: letsencrypt-prod hosts: - host: orca.example.com paths: - path: / pathType: Prefix tls: - secretName: orca-tls hosts: - orca.example.com

Environment variables

环境变量

env: SPRING_PROFILES_ACTIVE: k8s SERVER_PORT: "8080"
env: SPRING_PROFILES_ACTIVE: k8s SERVER_PORT: "8080"

Secrets (reference external secrets)

密钥(引用外部密钥)

secrets: DATABASE_URL: secretName: orca-db-credentials key: url JWT_SECRET: secretName: orca-jwt key: secret
secrets: DATABASE_URL: secretName: orca-db-credentials key: url JWT_SECRET: secretName: orca-jwt key: secret

Health checks

健康检查

health: livenessProbe: httpGet: path: /actuator/health/liveness port: 8080 initialDelaySeconds: 30 periodSeconds: 10 readinessProbe: httpGet: path: /actuator/health/readiness port: 8080 initialDelaySeconds: 10 periodSeconds: 5
health: livenessProbe: httpGet: path: /actuator/health/liveness port: 8080 initialDelaySeconds: 30 periodSeconds: 10 readinessProbe: httpGet: path: /actuator/health/readiness port: 8080 initialDelaySeconds: 10 periodSeconds: 5

Autoscaling

自动扩缩容

autoscaling: enabled: true minReplicas: 2 maxReplicas: 10 targetCPUUtilizationPercentage: 70
autoscaling: enabled: true minReplicas: 2 maxReplicas: 10 targetCPUUtilizationPercentage: 70

PostgreSQL subchart

PostgreSQL 子Chart

postgresql: enabled: false # Use external database
undefined
postgresql: enabled: false # 使用外部数据库
undefined

Deployment Template

部署模板

yaml
undefined
yaml
undefined

templates/deployment.yaml

templates/deployment.yaml

apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "orca-facade.fullname" . }} labels: {{- include "orca-facade.labels" . | nindent 4 }} spec: {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} {{- end }} selector: matchLabels: {{- include "orca-facade.selectorLabels" . | nindent 6 }} template: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} labels: {{- include "orca-facade.selectorLabels" . | nindent 8 }} spec: serviceAccountName: {{ include "orca-facade.serviceAccountName" . }} containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: - name: http containerPort: {{ .Values.service.targetPort }} protocol: TCP - name: grpc containerPort: {{ .Values.service.grpcPort }} protocol: TCP env: {{- range $key, $value := .Values.env }} - name: {{ $key }} value: {{ $value | quote }} {{- end }} {{- range $key, $secret := .Values.secrets }} - name: {{ $key }} valueFrom: secretKeyRef: name: {{ $secret.secretName }} key: {{ $secret.key }} {{- end }} {{- with .Values.health.livenessProbe }} livenessProbe: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.health.readinessProbe }} readinessProbe: {{- toYaml . | nindent 12 }} {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }}
undefined
apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "orca-facade.fullname" . }} labels: {{- include "orca-facade.labels" . | nindent 4 }} spec: {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} {{- end }} selector: matchLabels: {{- include "orca-facade.selectorLabels" . | nindent 6 }} template: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} labels: {{- include "orca-facade.selectorLabels" . | nindent 8 }} spec: serviceAccountName: {{ include "orca-facade.serviceAccountName" . }} containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: - name: http containerPort: {{ .Values.service.targetPort }} protocol: TCP - name: grpc containerPort: {{ .Values.service.grpcPort }} protocol: TCP env: {{- range $key, $value := .Values.env }} - name: {{ $key }} value: {{ $value | quote }} {{- end }} {{- range $key, $secret := .Values.secrets }} - name: {{ $key }} valueFrom: secretKeyRef: name: {{ $secret.secretName }} key: {{ $secret.key }} {{- end }} {{- with .Values.health.livenessProbe }} livenessProbe: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.health.readinessProbe }} readinessProbe: {{- toYaml . | nindent 12 }} {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }}
undefined

Service Template

服务模板

yaml
undefined
yaml
undefined

templates/service.yaml

templates/service.yaml

apiVersion: v1 kind: Service metadata: name: {{ include "orca-facade.fullname" . }} labels: {{- include "orca-facade.labels" . | nindent 4 }} spec: type: {{ .Values.service.type }} ports: - port: {{ .Values.service.port }} targetPort: http protocol: TCP name: http - port: {{ .Values.service.grpcPort }} targetPort: grpc protocol: TCP name: grpc selector: {{- include "orca-facade.selectorLabels" . | nindent 4 }}
undefined
apiVersion: v1 kind: Service metadata: name: {{ include "orca-facade.fullname" . }} labels: {{- include "orca-facade.labels" . | nindent 4 }} spec: type: {{ .Values.service.type }} ports: - port: {{ .Values.service.port }} targetPort: http protocol: TCP name: http - port: {{ .Values.service.grpcPort }} targetPort: grpc protocol: TCP name: grpc selector: {{- include "orca-facade.selectorLabels" . | nindent 4 }}
undefined

ConfigMap Template

ConfigMap 模板

yaml
undefined
yaml
undefined

templates/configmap.yaml

templates/configmap.yaml

apiVersion: v1 kind: ConfigMap metadata: name: {{ include "orca-facade.fullname" . }}-config labels: {{- include "orca-facade.labels" . | nindent 4 }} data: application.yaml: | spring: profiles: active: k8s server: port: {{ .Values.service.targetPort }} management: endpoints: web: exposure: include: health,info,prometheus
undefined
apiVersion: v1 kind: ConfigMap metadata: name: {{ include "orca-facade.fullname" . }}-config labels: {{- include "orca-facade.labels" . | nindent 4 }} data: application.yaml: | spring: profiles: active: k8s server: port: {{ .Values.service.targetPort }} management: endpoints: web: exposure: include: health,info,prometheus
undefined

Helper Templates

辅助模板

yaml
undefined
yaml
undefined

templates/_helpers.tpl

templates/_helpers.tpl

{{- define "orca-facade.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} {{- end }}
{{- define "orca-facade.fullname" -}} {{- if .Values.fullnameOverride }} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} {{- else }} {{- $name := default .Chart.Name .Values.nameOverride }} {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} {{- end }} {{- end }}
{{- define "orca-facade.labels" -}} helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }} app.kubernetes.io/name: {{ include "orca-facade.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} app.kubernetes.io/managed-by: {{ .Release.Service }} {{- end }}
{{- define "orca-facade.selectorLabels" -}} app.kubernetes.io/name: {{ include "orca-facade.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }}
undefined
{{- define "orca-facade.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} {{- end }}
{{- define "orca-facade.fullname" -}} {{- if .Values.fullnameOverride }} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} {{- else }} {{- $name := default .Chart.Name .Values.nameOverride }} {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} {{- end }} {{- end }}
{{- define "orca-facade.labels" -}} helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }} app.kubernetes.io/name: {{ include "orca-facade.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} app.kubernetes.io/managed-by: {{ .Release.Service }} {{- end }}
{{- define "orca-facade.selectorLabels" -}} app.kubernetes.io/name: {{ include "orca-facade.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }}
undefined

HorizontalPodAutoscaler

HorizontalPodAutoscaler 模板

yaml
undefined
yaml
undefined

templates/hpa.yaml

templates/hpa.yaml

{{- if .Values.autoscaling.enabled }} apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: {{ include "orca-facade.fullname" . }} labels: {{- include "orca-facade.labels" . | nindent 4 }} spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: {{ include "orca-facade.fullname" . }} minReplicas: {{ .Values.autoscaling.minReplicas }} maxReplicas: {{ .Values.autoscaling.maxReplicas }} metrics: - type: Resource resource: name: cpu target: type: Utilization averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} {{- end }}
undefined
{{- if .Values.autoscaling.enabled }} apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: {{ include "orca-facade.fullname" . }} labels: {{- include "orca-facade.labels" . | nindent 4 }} spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: {{ include "orca-facade.fullname" . }} minReplicas: {{ .Values.autoscaling.minReplicas }} maxReplicas: {{ .Values.autoscaling.maxReplicas }} metrics: - type: Resource resource: name: cpu target: type: Utilization averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} {{- end }}
undefined

Helm Commands

Helm 命令

bash
undefined
bash
undefined

Install/Upgrade

安装/升级

helm upgrade --install orca-facade ./helm/orca-facade
-f ./helm/orca-facade/values-prod.yaml
--namespace orca
--create-namespace
helm upgrade --install orca-facade ./helm/orca-facade
-f ./helm/orca-facade/values-prod.yaml
--namespace orca
--create-namespace

Dry run

试运行

helm upgrade --install orca-facade ./helm/orca-facade
--dry-run --debug
helm upgrade --install orca-facade ./helm/orca-facade
--dry-run --debug

Template only (see generated YAML)

仅生成模板(查看生成的YAML)

helm template orca-facade ./helm/orca-facade -f values-prod.yaml
helm template orca-facade ./helm/orca-facade -f values-prod.yaml

Lint chart

检查Chart语法

helm lint ./helm/orca-facade
helm lint ./helm/orca-facade

Rollback

回滚

helm rollback orca-facade 1 --namespace orca
helm rollback orca-facade 1 --namespace orca

History

历史记录

helm history orca-facade --namespace orca
helm history orca-facade --namespace orca

Uninstall

卸载

helm uninstall orca-facade --namespace orca
undefined
helm uninstall orca-facade --namespace orca
undefined

kubectl Commands

kubectl 命令

bash
undefined
bash
undefined

Get pods

获取Pod

kubectl get pods -n orca -l app.kubernetes.io/name=orca-facade
kubectl get pods -n orca -l app.kubernetes.io/name=orca-facade

Logs

查看日志

kubectl logs -n orca -l app.kubernetes.io/name=orca-facade --tail=100 -f
kubectl logs -n orca -l app.kubernetes.io/name=orca-facade --tail=100 -f

Describe deployment

查看部署详情

kubectl describe deployment orca-facade -n orca
kubectl describe deployment orca-facade -n orca

Port forward for local testing

端口转发用于本地测试

kubectl port-forward -n orca svc/orca-facade 8080:80
kubectl port-forward -n orca svc/orca-facade 8080:80

Exec into pod

进入Pod内部

kubectl exec -it -n orca deployment/orca-facade -- /bin/sh
kubectl exec -it -n orca deployment/orca-facade -- /bin/sh

Apply manually

手动应用配置

kubectl apply -f k8s/configmap.yaml -n orca
undefined
kubectl apply -f k8s/configmap.yaml -n orca
undefined