How Helm, The Package Manager For Kubernetes, Works

How Helm, The Package Manager For Kubernetes, Works
Copyright © SUSE 2021 How Helm, The Package Manager For Kubernetes, Works 0 9 N O V E M BE R 2 0 2 1
Copyright © SUSE 2021 Hi, I’m Matt Farina • Helm Maintainer • Work at SUSE on Rancher/Kubernetes • Emeritus K8s SIG Apps / Architecture Chair • @mattfarina
Copyright © SUSE 2021 3
Copyright © SUSE 2021 Q1 Q2 Q3 Q4 2015 Helm Started Helm is started by Deis October 2015 01 2016 Helm v2 Begins Helm + Deployment Manager Merged January 2016 02 2017 Helm Growth 7 minor releases and usage growth 2017 05 Helm v3 Discussion begins Q4 2017 06 2018 08 CNCF + Helm Helm became top level project June 2018 07 Helm v3 V3.0.0 Released November 2019 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Helm v2 2.0.0 Released November 2016 04 03 CNCF + K8s Kubernetes joins the CNCF March 2016 2019
Copyright © SUSE 2021 5 Operating System Binaries Configuration Package Manager Configuration Manager
Copyright © SUSE 2021 6 GNU Linux ELF Binaries Config in /etc zypper, apt, yum, etc Chef, Puppet, Ansible, etc
Copyright © SUSE 2021 7 Kubernetes Images K8s Manifests Helm Helmfile, Flux Helm Operator, etc
Copyright © SUSE 2021 9 Kubernetes Basics Kubernetes API Node Node Node Node Node Node
Copyright © SUSE 2021 10 Kubernetes Is Declarative Kubernetes API Node Node Node Node Node Node Give me 3 instances of my container (Deployment) Instance Instance Instance
Copyright © SUSE 2021 11 Kubernetes Remediation Kubernetes API Node Node Node Node Node Node Give me 3 instances of my container (Deployment) Instance Instance Instance
Copyright © SUSE 2021 12 Namespace and Multi-tenancy Kubernetes Namespace Namespace Namespace
Copyright © SUSE 2021 13 A Book On The API
Copyright © SUSE 2021 14 WordPress Deployment Statefulset Services Secrets Ingress HPA
Copyright © SUSE 2021 15 WordPress: More Than 500 Lines of YAML
Copyright © SUSE 2021 16 Kubernetes Chart (package) App Business Logic Kubernetes Knowledge
Copyright © SUSE 2021 17 Roles…. 1. Application Operator – The Helm user who is installing, upgrading, and running something (e.g., PostgreSQL) in Kubernetes 2. Application Distributor – Someone or an organization distributing an application (e.g., Percona distributing PostgreSQL) 3. Application Developer – Someone developing an application (e.g., a web app in node.js) 4. Supporting Tool Developer – Those developing Helm plugins or tools that use Helm (e.g., configuration managers) 5. Helm Developer – The developers of Helm itself Not in scope for Helm… • Cluster Administrators
Copyright © SUSE 2021 18 What’s In A Chart? Files and directories: .helmignore Chart.yaml Chart.lock charts/ crds/ templates/ values.schema.json values.yaml Like .gitignore but for packaged charts (optional) Metadata and configuration Where dependent charts are stored Templates to generate Kubernetes manifests JSON Schema for chart config (optional) Chart default configuration Custom Resource Definitions (optional) Dependencies lock file
Copyright © SUSE 2021 19 Chart.yaml # Default properties in generated Chart.yaml file apiVersion: v2 name: demo description: A Helm chart for Kubernetes type: application version: 0.1.0 appVersion: "1.16.0” # Some additional optional options dependencies: [] maintainers: [] icon: https://example.com/img.svg annotations: []
Copyright © SUSE 2021 20 Chart.yaml – Dependencies ... dependencies: - name: mariadb repository: https://charts.example.com version: 2.x.x - name: memcached repository: https://charts.example.com version: 1.x.x ...
Copyright © SUSE 2021 21 Chart.yaml – More Metadata ... keywords: - application - nodejs maintainers: - email: people@example.com name: The team or person annotations: artifacthub.io/images: | - name: img1 image: repo/img1:1.0.0 - name: img2 image: repo/img2:2.0.0 whitelisted: true ...
Copyright © SUSE 2021 22 Templates apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "demo.fullname" . }} labels: {{- include "demo.labels" . | nindent 4 }} spec: {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} {{- end }} selector: matchLabels: {{- include "demo.selectorLabels" . | nindent 6 }} template: metadata: {{- with .Values.podAnnotations }} ... Start of template of Deployment
Copyright © SUSE 2021 25 Templates - _helpers.tpl {{/* Expand the name of the chart. */}} {{- define "demo.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} {{- end }} {{/* Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} {{- define "demo.fullname" -}} ... Templates starting with _ are not rendered and are used for helper functions
Copyright © SUSE 2021 26 Templates - Notes 1. Get the application URL by running these commands: {{- if .Values.ingress.enabled }} {{- range $host := .Values.ingress.hosts }} {{- range .paths }} http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} {{- end }} {{- end }} {{- else if contains "NodePort" .Values.service.type }} export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "demo.fullname" . }}) export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") echo http://$NODE_IP:$NODE_PORT ... NOTES.txt generates post install/upgrade notes to output
Copyright © SUSE 2021 27 values.yaml replicaCount: 1 image: repository: nginx pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. tag: "" imagePullSecrets: [] nameOverride: "" fullnameOverride: "" serviceAccount: # Specifies whether a service account should be created create: true # Annotations to add to the service account annotations: {} ...
Copyright © SUSE 2021 28 Three Places Helm Works With Charts In 1. Filesystem 2.Helm Repository 3.OCI Registry (experiment)
Copyright © SUSE 2021 29 1. Filesystem . ├── Chart.yaml ├── charts ├── templates │ ├── NOTES.txt │ ├── _helpers.tpl │ ├── deployment.yaml │ ├── hpa.yaml │ ├── ingress.yaml │ ├── service.yaml │ ├── serviceaccount.yaml │ └── tests │ └── test-connection.yaml └── values.yaml
Copyright © SUSE 2021 30 2. Helm Registry . ├── demo-0.1.0.tgz ├── demo-0.2.0.tgz ├── demo-1.0.0.tgz ├── demo-a-0.1.0.tgz ├── demo-a-1.0.0.tgz ├── demo-b-0.1.0.tgz ├── demo-b-0.2.0.tgz ├── demo-b-1.0.0.tgz ├── demo-c-0.1.0.tgz ├── demo-c-1.0.0.tgz ├── demo-opt-0.1.0.tgz ├── example-service-a-0.1.0.tgz ├── example-service-b-1.0.0.tgz ├── fleet-0.3.500.tgz ├── fleet-crd-0.3.500.tgz ├── index.yaml ... Charts as tgz files. Helm can generate these for you. Index listing all of the charts and their versions
Copyright © SUSE 2021 31 index.yaml apiVersion: v1 entries: demo: - apiVersion: v2 appVersion: 1.16.0 created: "2021-08-02T15:15:46.745833-04:00" description: A Helm chart for Kubernetes digest: 6a1e902ade5de0f4fdfa2746876b1de59c325377053bfad98b1a2d6004698010 name: demo type: application urls: - demo-1.0.0.tgz version: 1.0.0 ...
Copyright © SUSE 2021 32 3. OCI Registries (experimental)
Copyright © SUSE 2021 33 3. OCI Registries (experimental)
Copyright © SUSE 2021 34 Helm CLI – Add A Repository $ helm repo add bitnami https://charts.bitnami.com/bitnami "bitnami" has been added to your repositories Short Name URL To The Repository Commands
Copyright © SUSE 2021 35 Helm CLI – Add A Repository $ helm install wordpress-rel bitnami/wordpress NAME: wordpress-rel LAST DEPLOYED: Thu Nov 4 14:09:14 2021 NAMESPACE: default STATUS: deployed REVISION: 1 TEST SUITE: None CHART NAME: wordpress CHART VERSION: 12.1.25 APP VERSION: 5.8.1 NOTES: ** Please be patient while the chart is being deployed ** Your WordPress site can be accessed through the following DNS ... Release Name Chart To Install Install It Details on this install Generated notes from NOTES.txt template
Copyright © SUSE 2021 36 Kubernetes Chart (package) Namespace App Manifests Release Secret
Copyright © SUSE 2021 37 Helm CLI – Listing In Namespace $ helm ls NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION word default 1 2021-11-04 14:09:14.405292 -0400 EDT deployed wordpress-12.1.25 5.8.1
Copyright © SUSE 2021 38 Custom Config Method 1 $ helm upgrade wordpress-rel bitnami/wordpress --set wordpressBlogName="Foo's Blog" Release "wordpress-rel" has been upgraded. Happy Helming! NAME: wordpress-rel LAST DEPLOYED: Thu Nov 4 16:26:16 2021 NAMESPACE: default STATUS: deployed REVISION: 2 TEST SUITE: None NOTES: CHART NAME: wordpress CHART VERSION: 12.1.25 ... Existing Release Chart To Use Upgrading Set A Value (--set can be repeated)
Copyright © SUSE 2021 39 Custom Config Method 2 myvalues.yaml: wordpressBlogName: "Bar's Blog" $ helm upgrade wordpress-rel bitnami/wordpress –-values myvalues.yaml Release "wordpress-rel" has been upgraded. Happy Helming! ... Use A Config File (-f/--values can be repeated)
Copyright © SUSE 2021 40 ❯ helm help ... Available Commands: completion generate autocompletion scripts for the specified shell create create a new chart with the given name dependency manage a chart's dependencies env helm client environment information get download extended information of a named release help Help about any command history fetch release history install install a chart lint examine a chart for possible issues list list releases package package a chart directory into a chart archive plugin install, list, or uninstall Helm plugins pull download a chart from a repository and (optionally) unpack it in local directory repo add, list, remove, update, and index chart repositories rollback roll back a release to a previous revision search search for a keyword in charts show show information of a chart status display the status of the named release template locally render templates test run tests for a release uninstall uninstall a release upgrade upgrade a release verify verify that a chart at the given path has been signed and is valid version print the client version information
Copyright © SUSE 2021 41 Helm CLI Helm Client Helm SDK Actions Repos … Kubernetes API K8s Pkgs
Copyright © SUSE 2021 44 Things Not Covered • Hooks • Custom Resource Definitions • Signing and Provenance • Helm Plugins • Library Charts • JSON Schema • Release Records Stored Elsewhere • Linting • Testing
Copyright © SUSE 2021 Copyright © SUSE 2021 You can learn more at helm.sh You can find me at mattfarina.com Thanks For Coming 45
Copyright © SUSE 2021 46 Hooks – You Can Hook Into The Processes
Copyright © SUSE 2021 47 Example Hook… apiVersion: batch/v1 kind: Job metadata: name: "{{ .Release.Name }}" labels: app.kubernetes.io/managed-by: {{ .Release.Service | quote }} app.kubernetes.io/instance: {{ .Release.Name | quote }} app.kubernetes.io/version: {{ .Chart.AppVersion }} helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" annotations: # This is what defines this resource as a hook. Without this line, the # job is considered part of the release. "helm.sh/hook": post-install "helm.sh/hook-weight": "-5" "helm.sh/hook-delete-policy": hook-succeeded ...
Copyright © SUSE 2021 48 • View Releases • Read Templates • See Security Details • Find maintainers • Much more… • Get Notifications of Updates • Get Notifications of Sec Issues • Add Your Own Repos • Much more…

Check these out next

How Helm, The Package Manager For Kubernetes, Works

Recomendados

Más contenido relacionado

Presentaciones para ti(20)

Similar a How Helm, The Package Manager For Kubernetes, Works(20)

Más de Matthew Farina(16)

Último(20)

How Helm, The Package Manager For Kubernetes, Works