HelmHelm helps with lifecycle managment while allowing you to define your infrastructure as code...

Besmart.Thinkopensource.

WhatisHelm?HelmisatoolformanagingKubernetescharts.

Chartsarepackagesofpre-configuredresources.

Thinkofitlikeapt/yum/homebrewforKubernetes.

WhyHelm?

De-factostandardfortemplatingk8sconfigsOfficialKubernetesprojectmaintainedbyCNCFRepeatableapplicationinstallationsPainlessupdatesShipswithreadytousechartsmadebythecommunitybestpracticesarebakedintoofficalchartsApplicationLifecycle/Upgrades

What'swrongwithkubectl?

ResourcesneedtobemutatedafteradeployYoucan kubectleditBut,needtoimplementyourownupdatingandrollbackordependonvendorspecifictoolingforlifecyclemanagement

Helmhelpswithlifecyclemanagmentwhileallowingyoutodefineyourinfrastructureascode

HelmBasics

Architecture

helmclientonyourlocalmachine(likekubectl)tillerserver-sidecomponent(deployedonKubernetes)

Quickstart#deploytillertokube-systemnamespacehelminit#Deployapostgresqlinstancehelminstallstable/postgresql

Inspectinghelmmanagedresources#Showdeployshelmlist#Getinformationonareleasehelmstatusmy-release

HelmreleasesDifferentiatemultipledeploysofachartwithreleases.

Possiblevaluescouldbe.

production , stage , integration-production

-postgresql

Thisdependsonyourorganizationsstructureandwhatyouusetheclusterfor.

Whatdidwejustdeploy?

Deploymentbasedon postgres imageNetworkPolicyallowingaccess.PersistentVolumeClaimforstoringdataSecretcontainingautogeneratedpostgres-password

Servicetoexposedatabaseincluster

Rollback#simulaterollbackhelmrollback--dry-runmy-releaseold-version#actualrollbackhelmrollbackmy-releaseold-version

Writinghelmcharts

helmcreatemy-app

my-app/├──charts├──Chart.yaml├──templates│├──deployment.yaml│├──_helpers.tpl│├──ingress.yaml│├──NOTES.txt│└──service.yaml└──values.yaml

TemplatingTheHelmtemplatelanguageisimplementedinthestronglytypedGolanguage.

EachHelmchartcontainsatemplatesdirectorythatcontainsrelevanttemplates.

NamingTemplates

Use .yaml or .tpl suffixforfilesDasherizefilenamesReflectresourcekindinnames

Good Badfoo-pod.yaml foo-pod.yml

my-example-podtemplates.yaml MyExamplePodTemplates.yaml

my-example-svc.yaml my-example.yaml

Built-inObjects

Everythingbelow ReleaseChart variablewithinfosfrom Chart.yamlValues withdatafrom values.yaml ,thecliandothersources

AcompletelistisintheHelmdocs

https://docs.helm.sh/chart_template_guide/#built-in-objects

#Currentrelease{{.Release.Revision}}#Chartinfos{{.Chart.version}}

ValuesThebuilt-inobjectValuesisemptybydefault.Chartsanduserscanaddtoitthrough values.yaml ,user-suppliedfilesandontheCLI.

Let'sseehowvaluesgetpopulatedwithasimpletemplate.

echo'{{.Values.hello.world}}'>templates/hello.tpl

Defaultvaluesareinthecharts values.yaml#values.yamlhello:world:Hello!

helmtemplate.-xtemplates/hello.yaml

---#Source:my-chart/templates/hello.yamlHello!

OverridingvaluesontheCLIhelmtemplate.--executetemplates/hello.yaml\--set'hello.world=Hallo!'

---#Source:my-chart/templates/hello.yamlHallo!

FlowControl

if / else forcreatingconditionalblockswith tospecifyascoperange ,whichprovidesa"foreach"-styleloop

if / else{{-if.Values.ingress.enabled-}}apiVersion:extensions/v1beta1kind:Ingress#...{{-end-}}

range

#...spec:rules:{{-range.Values.server.ingress.hosts}}-host:{{.}}{{-end-}}#...

DebuggingTemplates#verifythatchartfollowsbestpracticeshelmlint#letserverrendertemplatesandreturnresultingmanifesthelminstall--dry-run--debug.

HelmSubCharts

Composingsystemswithsubcharts

Chartscandependonothercharts.Dependenciesaredescribedin requirements.yaml .helmdepbuild creates requirements.lock .

#downloaddependencieshelmdepbuildstable/redmine

#installredminewithpostgresqlhelminstallstable/redmine\--setdatabaseType.mariadb=false,databaseType.postgresql=true

SubchartsandValues

subchartscannotdependontheirparentchartsvalues.parentchartscanoverridevaluesforsubcharts.globalvaluescanbeaccessedfromanychart.

#overridepostgresqlvaluespostgresql:postgresPassword:muchsecretverysecure

#definesomeglobalvariablesglobal:myVariable:myValue

Pleaseplanaheadwhenusingglobalsordon'tusethematall.Officialchartsrarelyusethem.

FeelFreetoContactUswww.adfinis-sygroup.ch

TechBlog

GitHub

[email protected]

Twitter

https://www.adfinis-sygroup.ch/https://www.adfinis-sygroup.ch/bloghttps://github.com/adfinis-sygroupmailto:[email protected]://twitter.com/adfinissygroup

HelmHelm helps with lifecycle managment while allowing you to define your infrastructure as code...

Documents

Transcript of HelmHelm helps with lifecycle managment while allowing you to define your infrastructure as code...