Using Helm with Kubernetes
Kubernetes is a powerful orchestration system, however, it can be really hard to configure its deployment process. Specific apps can help you manage multiple independent resources like pods, services, deployments, and replica sets. Yet, each must be described in the YAML manifest file.
It’s not a problem for a single trivial app, but during production, it’s best to simplify this process: search, use, and share already implemented configurations, deploy these configurations, create configuration templates, and deploy them without effort. In other words, we need an extended version of a package manager like APT for Ubuntu or PIP for Python to work with the Kubernetes cluster. Luckily, we have Helm as a package manager.
What is Helm?
Helm is an open-source package manager for Kubernetes that allows developers and operators to package, configure, and deploy applications and services onto Kubernetes clusters easily. It was inspired by Homebrew for macOS and now is a part of the Cloud Native Computing Foundation.
In this article, we will explore Helm 3.x which is the newest version at the time of writing this article.
Searches on Helm Hub for PostgreSQL from dozens of different repositories
Helm can install software and dependencies, upgrade software, configure software deployments, fetch packages from repositories, alongside managing repositories.
Some key features of Helm include:
- Role-based access controls (RBAC)
- Golang templates which allows you to work with configuration as text
- Lua scripts to process configuration as an object
- Deployment versions control system
Templates allow you to configure your deployments by changing few variable values without changing the template directly. Helm packages are called charts, and they consist of a few YAML configuration files and templates that are rendered into Kubernetes manifest files.
The basic package (chart) structure:
- chart.yaml - a YAML file containing information about the chart
- LICENSE (optional) - a plain text file containing the license for the chart
- README.md (optional) - a human-readable README file
- values.yaml - the default configuration values for this chart
- values.schema.json (optional) - a JSON Schema for imposing a structure on the values.yaml file
- charts/ - defines chart dependencies (recommended to use the dependencies section in
- crds/ - Custom Resource Definitions
- templates/ - directory of templates that when combined with values, will generate valid Kubernetes manifest files
Templates give you a wide range of capabilities. You can use variables from context, apply different functions (such as ‘quote’, sha256sum), use cycles and conditional cases, and import other files (also other templates or partials).
What are Helm’s abilities?
- As you operate Helm though a Command Line Interface (CLI), the
helm searchcommand allows you to search for a package by keywords from the repositories.
- You can inspect
README.mdfor a certain package. along with creating your own chart with the
helm create <chart-name>command. This command will generate a folder with a specified name in which you can find the mentioned structure.
- Helm can install both folder or
.tgzarchives. To create a
.tgzfrom your package folder, use the
helm package <path to folder>command. This will create a
<package_name>package in your working directory, using the name and version from the metadata defined in the
- Helm has built-in support for installing packages from an HTTP server. Helm reads a repository index hosted on the server, which describes what chart packages are available and where they are located. This is how the default stable repository works.
- You can also create a repository from your machine with
helm serve. This eventually lets you create your own corporate repository or contribute to the official stable one.
- You can also call the
helm dependencies update <package name>command which verifies that the required charts, as expressed in
chart.yaml, are present in
charts/and are in an acceptable version. It will additionally pull down the latest charts that satisfy the dependencies, and clean up the old dependencies.
- Apart from Chart and Repository another significant concept you should know is Release which is an instance of a chart running in a Kubernetes cluster. One chart can often be installed many times into the same cluster. And each time it is installed, a new Release is created. So, you can have multiple PostgreSQL in the same cluster, in which each Release will have its own release name. You can think of this like 'multiple Docker containers from one image'.
How does it work?
Helm client is used for installing, updating and creating charts, as well as compiling and sending them to a Kubernetes API in an acceptable form. The previous version had a client-server architecture, using a program run on a cluster with Kubernetes, called Tiller. This software was responsible for deployment’s lifetime. But this approach led to some security issues which is one of the reasons why all functions are now handled by the client.
Installing Helm 3 is noticeably easier than the previous version since only the client needs to be installed. It is available for Windows, macOS, and Linux. You can install the program from binary releases, Homebrew, or through a configured installation script.
Let’s try an example
- Let's start with installing Helm.
bash master $ curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed100 6794 100 6794 0 0 25961 0 --:--:-- --:--:-- --:--:-- 25931Error: could not find tillerHelm v3.1.2 is available. Changing from version .Downloading https://get.helm.sh/helm-v3.1.2-linux-amd64.tar.gzPreparing to install helm into /usr/local/binhelm installed into /usr/local/bin/helm
2. Check if everything is installed properly.
master $ helm version --short V3.1.2+gd878d4d
3. By default, Helm doesn’t have a connection to any of the repositories. Let’s add connection to the most common stable one. (You can check all the available repositories with
helm repo list).
master $ helm repo add stable https://kubernetes-charts.storage.googleapis.com/ "stable" has been added to your repositories
4. After adding the repository, we should let Helm get updated. The current local state of Helm is kept in your environment in the home location.
master $ helm repo update Hang tight while we grab the latest from your chart repositories... ...Successfully got an update from the "stable" chart repository Update Complete. ⎈ Happy Helming!⎈
The Helm command defaults to discovering the host already set in
~/.kube/config. There is a way to change or override the host, but that's beyond the scope of this scenario.
master $ helm env HELM_BIN="helm" HELM_DEBUG="false" HELM_KUBECONTEXT="" HELM_NAMESPACE="default" HELM_PLUGINS="/root/.local/share/helm/plugins" HELM_REGISTRY_CONFIG="/root/.config/helm/registry.json" HELM_REPOSITORY_CACHE="/root/.cache/helm/repository" HELM_REPOSITORY_CONFIG="/root/.config/helm/repositories.yaml"
5. Let's search for a WordPress in the Helm Hub
master $ helm search hub wordpress URL CHART VERSION APP VERSION DESCRIPTION https://hub.helm.sh/charts/presslabs/wordpress-... v0.8.4 v0.8.4 Presslabs WordPress Operator Helm Chart https://hub.helm.sh/charts/presslabs/wordpress-... v0.8.3 v0.8.3 A Helm chart for deploying a WordPress site on ... https://hub.helm.sh/charts/bitnami/wordpress 9.0.3 5.3.2 Web publishing platform for building blogs and ...
And also search in our repositories (we have only stable for now).
master $ helm search repo wordpress NAME CHART VERSION APP VERSION DESCRIPTION stable/wordpress 9.0.2 5.3.2 DEPRECATED Web publishing platform for building...
6. As mentioned earlier, you can inspect a Chart. For example, let’s take info from
chart.yaml for the Wordpress chart.
You can also check
helm show readme stable/wordpress and
helm show values stable/wordpress.
master $ helm show chart stable/wordpress apiVersion: v1 appVersion: 5.3.2 dependencies: - condition: mariadb.enabled name: mariadb repository: https://kubernetes-charts.storage.googleapis.com/ tags: - wordpress-database version: 7.x.xdeprecated: truedescription: DEPRECATED Web publishing platform for building blogs and websites. home: http://www.wordpress.com/ icon: https://bitnami.com/assets/stacks/wordpress/img/wordpress-stack-220x234.png keywords:- wordpress- cms - blog - http- web- application - php name: wordpress sources: - https://github.com/bitnami/bitnami-docker-wordpress version: 9.0.2
7. Let’s create a namespace for WordPress and install a test chart.
master $ kubectl create namespace wordpress namespace/wordpress created
master $ helm install test-wordpress stable/wordpress --namespace wordpress
The output of this command appears messy just because it’s so big.
You can also set variables, such as:
helm install test-wordpress \ --set wordpressUsername=admin \ --set wordpressPassword=password \ --set mariadb.mariadbRootPassword=secretpassword \ stable/wordpress
8. For now, let’s ensure that everything is deployed correctly:
As you can see, everything has been deployed properly.
Helm is a popular open-source package manager that offers users a more flexible way to manage Kubernetes cluster. You can either create your own, or use public packages from your own or external repositories. Each package is quite flexible and, in most cases, all you need is define the right constants from which the template will be compiled to suit your needs. To create your own chart, you can use the power of Go templates and/or Lua scripts. Each update will create a history unit to which you can rollback anytime you want. With Helm, you have all the power of Kubernetes. And, in the end, Helm allows you to work with role-based access, so you can manage your cluster in a team.
This brings us to the end of this brief article explaining the basics and features of Helm. We hope you enjoyed it and were able to make use of it.