1 / 14

What is Helm?

Helm is a Kubernetes deployment tool for automating creation, packaging, configuration, and deployment of applications and services to Kubernetes clusters. Kubernetes is a powerful container-orchestration system for application deployment.<br>To Learn more Aboutu00a0https://thinkcloudly.com/

Vansh5
Télécharger la présentation

What is Helm?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Helm

  2. No Helm? •How do I pack all or some of my contents (read as K8s objects) as a single luggage to be delivered •Someone on the other ship wants to use the conents on my ship? I’m scared if I pick all the loose contents, I might drop some into the sea In the first place, why even did you try riding me without my HELM? •Wait! What was my last location? How am I even supposed to go back from this not-so-good-place (read as last state) •You want to search(read monitor) my ship?NO! Not till you are from the “audit” department

  3. The Power of Helm •Package Manger •The archivist. Of YAMLs •Templating Engine •Add some sense(read as logic) to your YAMLs!

  4. Helm Basics helm metadata as secrets K8s cluster •helm repo add •helm search hub •helm search repo •helm install •helm list •helm upgrade •helm uninstall •helm pull •helm --help •helm rollback •helm history Release1Release2 •Charts •Repository: artifacthub.io | bitnami | appscode etc •Release- e.g: prod, dev •Revisions Revision1 Revision1 Revision2 Revision2 Revision3

  5. Architecture v3 Cluster master Helm CLI kube- apisfeffrver Chart Repo Cluster master Helm CLI kube- apiserver Tiller Chart Repo v2

  6. Why Tiller; Why No Tiller? •Security: cluster-wide access —> privilege escalation attacks if not properly secured •Deployment of already complex tools like Istio was difficult as Tiller was buggy and unstable •Securing tiller was a humongous task •Deployment pipelines would fail at times due to false errors generated in Helm2 •Kubernetes did not have RBAC policies around <1.16 •It kept multiple resources consistent across our clusters •Rollbacks •It worked way more frequently than it didn’t

  7. v2 vs v3 •2-way vs 3-way strategic merge patch •Namespaces are now not created automatically •Helm serve removed; its available as a plugin •Release name is now not automatically generated •Values provided by the user can be forced to follow a particular JSON schema •Secrets are used instead of configMaps (with a secret type of helm.sh/release) as the default storage driver

  8. Charts: Structure; Configuration; Creation •Chart directory/ •Chart.yaml •templates/ •templates/k8sYAMLs •templates/*.tpl •templates/NOTES.txt •values.yaml •tests/- write some tests to validate your charts

  9. values.yaml and objects Almost every time, customisations will be done using the values.yamls Objects •Release •Values •Charts •Files •Capabilities •Referencing variables: {{ .Objects.variableName }}

  10. Flow Control, Functions and Pipelines Providing logic to Helm charts … or lets say kubernetes YAMLs •Conditionals: If/Else in Helm •Functions: quote, upper, lower •Operators are also functions (eq, ne, lt, gt, and, or) •Pipe- ‘|’ . - use output of one function for further processing

  11. Scopes; Ranges •Range: for-each loop for helm •Scopes- similar to scope of a variable in normal programming languages $.Chart.Name .Release.Name •the dot(.) operator points to the current scope •the dollar($) operator points to the root scope

  12. _NamedTemplates.tpl {{- define "labels" }} app.kubernetes.io/name: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} •Used for removal of code duplication and the need of rewriting code or some code portions •Present in the templates/ folder •_ indicates to helm to not consider it as a normal template file so that it is not processed as a YAML file metadata: name: {{ .Release.Name }}-nginx labels: {{- template "labels" . }}

  13. One-off tasks: Chart Hooks Use to run specific tasks before/after running the main kubernetes objects •pre-upgrade hook | post-upgrade hook •pre-install hook | post-install hook •pre-delete hook | post-delete hook •pre-rollback hook | post-rollback hook •test annotations: "helm.sh/hook": pre-upgrade Hook Deletion Policies •hook-succeeded •hook-failed •before-hook-creation

  14. Thank You •Feedback? YES PLEASE! •Appreciation? Would love to hear! •Criticism? Sure, sure “Hope you liked it”

More Related