這些元素搭配起來,能實現「一份模板,多種環境」的彈性部署。
🔹minikube start --driver=docker
🔹sudo apt-get install helm
🔹helm create app
🔹cd app
🔹rm -f templates/tests/test-connection.yaml templates/hpa.yaml
replicaCount: 1
image:
repository: nginx
tag: "1.27"
pullPolicy: IfNotPresent
service:
type: ClusterIP
port: 80
targetPort: 80
ingress:
enabled: true
className: nginx
host: app.local.test
path: /
tls: false
annotations: {}
env:
APP_ENV: "dev"
LOG_LEVEL: "debug"
secretEnv:
DUMMY: "ok"
probes:
readinessPath: "/"
livenessPath: "/"
resources: {}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "app.fullname" . }}
labels:
{{- include "app.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "app.fullname" . }}
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "app.fullname" . }}
annotations:
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
spec:
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.service.targetPort }}
envFrom:
- configMapRef:
name: {{ include "app.fullname" . }}-cm
- secretRef:
name: {{ include "app.fullname" . }}-secret
readinessProbe:
httpGet:
path: {{ .Values.probes.readinessPath }}
port: http
initialDelaySeconds: 5
periodSeconds: 5
livenessProbe:
httpGet:
path: {{ .Values.probes.livenessPath }}
port: http
initialDelaySeconds: 10
periodSeconds: 10
resources:
{{- toYaml .Values.resources | nindent 12 }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "app.fullname" . }}
labels:
{{- include "app.labels" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
selector:
app.kubernetes.io/name: {{ include "app.fullname" . }}
ports:
- name: http
port: {{ .Values.service.port }}
targetPort: {{ .Values.service.targetPort }}
protocol: TCP
{{- if .Values.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "app.fullname" . }}
labels:
{{- include "app.labels" . | nindent 4 }}
annotations:
{{- toYaml .Values.ingress.annotations | nindent 4 }}
spec:
{{- if .Values.ingress.className }}
ingressClassName: {{ .Values.ingress.className }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
- hosts:
- {{ .Values.ingress.host }}
secretName: {{ include "app.fullname" . }}-tls
{{- end }}
rules:
- host: {{ .Values.ingress.host }}
http:
paths:
- path: {{ .Values.ingress.path }}
pathType: Prefix
backend:
service:
name: {{ include "app.fullname" . }}
port:
number: {{ .Values.service.port }}
{{- end }}
👉configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "app.fullname" . }}-cm
labels:
{{- include "app.labels" . | nindent 4 }}
data:
{{- range $k, $v := .Values.env }}
{{ $k }}: {{ $v | quote }}
{{- end }}
👉secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: {{ include "app.fullname" . }}-secret
labels:
{{- include "app.labels" . | nindent 4 }}
type: Opaque
stringData:
{{- range $k, $v := .Values.secretEnv }}
{{ $k }}: |-
{{- $v | nindent 4 }}
{{- end }}
🔹helm upgrade --install app . -n app-ns --create-namespace -f values.yaml --dry-run --debug
🔹helm upgrade --install app . -n app-ns -f values.yaml -f values.dev.yaml
🔹helm upgrade --install app . -n app-ns -f values.yaml -f values.prod.yaml
kubectl -n app-ns rollout status deploy/app-app
helm history app -n app-ns
helm rollback app <REVISION> -n app-ns