Helmfile — 多环境 Helm 管理

什么是 Helmfile

Helmfile 是 Helm 的声明式配置工具，用于管理多个 Helm Release 的部署，支持多环境、依赖管理。

安装

# 安装 helmfile
curl -L https://github.com/helmfile/helmfile/releases/download/v0.162.0/helmfile_linux_amd64.tar.gz | tar xz
mv helmfile /usr/local/bin/

# 安装 helm-diff 插件
helm plugin install https://github.com/databus23/helm-diff

helmfile.yaml

repositories:
- name: bitnami
  url: https://charts.bitnami.com/bitnami
- name: prometheus-community
  url: https://prometheus-community.github.io/helm-charts
- name: ingress-nginx
  url: https://kubernetes.github.io/ingress-nginx

environments:
  development:
    values:
    - environments/development/values.yaml
  staging:
    values:
    - environments/staging/values.yaml
  production:
    values:
    - environments/production/values.yaml
    secrets:
    - environments/production/secrets.yaml  # 使用 helm-secrets 加密

releases:
# Ingress Controller
- name: ingress-nginx
  namespace: ingress-nginx
  chart: ingress-nginx/ingress-nginx
  version: 4.9.0
  values:
  - controller:
      replicaCount: {{ .Values.ingressReplicas | default 2 }}

# Prometheus Stack
- name: kube-prometheus-stack
  namespace: monitoring
  chart: prometheus-community/kube-prometheus-stack
  version: 56.x.x
  values:
  - grafana:
      adminPassword: {{ .Values.grafanaPassword }}
  - prometheus:
      prometheusSpec:
        retention: {{ .Values.prometheusRetention | default "15d" }}

# 应用
- name: my-app
  namespace: production
  chart: ./charts/my-app
  version: 1.0.0
  values:
  - image:
      tag: {{ .Values.appVersion }}
  - replicaCount: {{ .Values.appReplicas }}
  needs:
  - ingress-nginx/ingress-nginx  # 依赖关系

常用命令

# 预览变更（diff）
helmfile -e production diff

# 部署所有 Release
helmfile -e production apply

# 只部署特定 Release
helmfile -e production apply --selector name=my-app

# 同步（apply = diff + sync）
helmfile -e production sync

# 删除所有 Release
helmfile -e production destroy

# 查看状态
helmfile -e production status

# 渲染模板
helmfile -e production template

环境变量文件

# environments/production/values.yaml
ingressReplicas: 3
prometheusRetention: 30d
appVersion: v2.0.0
appReplicas: 5
grafanaPassword: "{{ requiredEnv \"GRAFANA_PASSWORD\" }}"