在上一章节中,我们已经介绍了Helm的部署和基本使用方法。本章将通过实际案例,详细演示如何使用Helm在Kubernetes集群中部署应用。
一、Helm 核心价值解析
优势 | 解决的问题 | 类比传统方式 |
---|---|---|
应用模板化 | 重复编写 YAML 文件 | 手动编写 20+ 资源清单文件 |
版本控制 | 缺乏部署历史追踪 | kubectl apply 无版本记录 |
依赖管理 | 多服务依赖关系复杂 | 手动管理数据库/缓存等依赖 |
配置继承 | 环境差异配置混乱 | 复制修改多套 YAML 文件 |
一键部署 | 部署流程碎片化 | 手动执行 kubectl 命令序列 |
二、案例-使用helm部署elasticsearch-exporter
1.搜索chart包
helm search repo elasticsearch-exporter
2.下载chart
helm pull aliyun/elasticsearch-exporter
3.解压
tar xf elasticsearch-exporter-0.1.2.tgz
4.修改模板内容
[root@master-1 ~]# cd elasticsearch-exporter/
[root@master-1 elasticsearch-exporter]# vim templates/deployment.yaml
apiVersion: apps/v1
...
5.部署chart
[root@master-1 ~]# helm install liux-es-exporter elasticsearch-exporter
NAME: liux
LAST DEPLOYED: Tue Jul 29 15:48:08 2025
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
1. Get the application URL by running these commands:
export POD_NAME=$(kubectl get pods --namespace default -l "app=elasticsearch-exporter" -o jsonpath="{.items[0].metadata.name}")
echo "Visit http://127.0.0.1:9108/metrics to use your application"
kubectl port-forward $POD_NAME 9108:9108 --namespace default
[root@master-1 ~]# helm list
[root@master-1 ~]# kubectl get pods,svc
6.测试
如下图所示,已经开启了一个集群内部访问的ip+端口
通过集群内部的ip+端口访问,如下图所示,已经采集到es的信息了。
三、案例-使用helm部署traefik
1.概述
Traefik (发音为"traffic") 是一款现代化的反向代理和负载均衡器,专为云原生环境(特别是容器和微服务架构)设计。
核心功能:
- 反向代理:接收外部请求并转发到内部服务
- 负载均衡:在多实例间分配请求流量
- API网关:提供统一的API入口点
使用场景:
- 作为Kubernetes Ingress Controller
- 微服务架构的API网关
- 混合云环境中的统一入口
- 需要自动SSL证书管理的场景
traefik特别适合云原生环境,它的自动发现能力和动态配置特性可以大大简化现代基础设施的流量管理。
2.部署
2.1 添加helm仓库
helm repo add my-traefik https://traefik.github.io/charts
2.2 更新仓库
helm repo update
2.3 拉取chart
[root@master-1 traefik]# helm search repo traefik
NAME CHART VERSION APP VERSION DESCRIPTION
my-traefik/traefik 36.3.0 v3.4.3 A Traefik based Kubernetes ingress controller
my-traefik/traefik-crds 1.9.0 A Traefik based Kubernetes ingress controller
my-traefik/traefik-hub 4.2.0 v2.11.0 Traefik Hub Ingress Controller
my-traefik/traefik-mesh 4.1.1 v1.4.8 Traefik Mesh - Simpler Service Mesh
my-traefik/traefikee 4.2.4 v2.12.4 Traefik Enterprise is a unified cloud-native ne...
#在线拉取
[root@master-1 ~]# helm pull my-traefik/traefik
#离线下载,找外网下载
https://traefik.github.io/charts/traefik/traefik-36.3.0.tgz
#解压
[root@master-1 traefik]# tar xf traefik-36.3.0.tgz
2.4 按需修改values.yaml
我已将镜像地址修改为阿里云镜像仓库,镜像已成功推送至阿里仓库
[root@master-1 ~]# cd traefik
[root@master-1 traefik]# vim values.yaml
image: # @schema additionalProperties: false
# -- Traefik image host registry
registry: registry.cn-hangzhou.aliyuncs.com/liuxing666
# -- Traefik image repository
repository: traefik
# -- defaults to appVersion. It's used for version checking, even prefixed with experimental- or latest-.
# When a digest is required, `versionOverride` can be used to set the version.
tag: 3.4.3 # @schema type:[string, null]
# -- Traefik image pull policy
pullPolicy: IfNotPresent
...
service:
...
# type: LoadBalancer
type: NodePort
ports
traefik:
expose:
default: true #改为true
# -- The exposed port for this service
exposedPort: 8080
ingressRoute:
dashboard:
# -- Create an IngressRoute for the dashboard
enabled: true #改为true
2.5 安装traefik
[root@master-1 traefik]# cd ../
[root@master-1 ~]# helm install liux-traefik traefik
NAME: liux-traefik
LAST DEPLOYED: Tue Jul 29 16:48:56 2025
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
NOTES:
liux-traefik with registry.cn-hangzhou.aliyuncs.com/liuxing666/traefik:3.4.3 has been deployed successfully on default namespace !
[root@master-1 ~]# helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
liux-traefik default 1 2025-07-29 16:48:56.333821506 +0800 CST deployed traefik-36.3.0 v3.4.3
3 测试
[root@master-1 ~]# kubectl get svc,pods
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.0.0.1 <none> 443/TCP 12d
service/liux-es-exporter-elasticsearch-exporter ClusterIP 10.0.0.73 <none> 9108/TCP 112m
service/liux-traefik NodePort 10.0.0.2 <none> 8080:43183/TCP,80:31060/TCP,443:34135/TCP 3m34s
service/my-release-my-chart ClusterIP 10.0.0.152 <none> 80/TCP 4d
service/svc-yiyao NodePort 10.0.0.178 <none> 80:30080/TCP 5d1h
NAME READY STATUS RESTARTS AGE
pod/liux-es-exporter-elasticsearch-exporter-5d898c656f-cf5j6 1/1 Running 0 112m
pod/liux-traefik-6fb557b449-gr6gk 1/1 Running 0 3m34s
pod/my-release-my-chart-57d68dc98d-rts84 1/1 Running 1 (4h19m ago) 4d
pod/nfs-client-provisioner-56cc478696-x8r6c 1/1 Running 6 (4h19m ago) 7d2h
[root@master-1 ~]# helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
liux-es-exporter default 1 2025-07-29 15:49:22.030119271 +0800 CST deployed elasticsearch-exporter-0.1.2 1.0.2
liux-traefik default 1 2025-07-29 17:37:51.504054285 +0800 CST deployed traefik-36.3.0 v3.4.3
如图所示,Dashboard 服务已通过 NodePort 方式暴露,端口号为 43183。用户可通过任意节点 IP 地址加端口 43183 进行访问,访问格式为:`http://<节点IP>:43183。 如下图,一个完整的traefik已经部署好了。
4.优化
[root@master-1 ~]# vim traefik/values.yaml
...
# 资源限制
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "500m"
四、故障排查命令
# 查看 Traefik 日志
kubectl logs deploy/liux-traefik -f
# 检查配置状态
kubectl exec deploy/liux-traefik-- traefik debug
# 查看路由表
kubectl exec deploy/liux-traefik-- traefik dashboard --help
# 诊断证书问题
kubectl describe certificaterequest
本文通过两个实际案例演示了如何使用Helm在Kubernetes集群中部署应用。首先解析了Helm的核心价值,包括模板化、版本控制、依赖管理等优势。然后详细展示了部署elasticsearch-exporter和Traefik的完整流程:从搜索/拉取Chart包、修改配置参数,到安装部署和测试验证。特别针对Traefik部署进行了重点说明,包括修改镜像源、暴露Dashboard服务、资源限制优化等关键步骤,并提供了故障排查命令。案例证明Helm能有效简化Kubernetes应用部署,提升运维效率。