Getting Started with Helm for K8s

Over the last few weeks I was setting up Kubernetes in the lab. One thing I quickly learned was managing and editing yaml files for deployments, services and persistent volume claims became confusing and hard. Even when I had things commited in github sometimes I would make edits then not push them then rebuild my K8s cluster.

The last straw was when 2 of our Pure developers said that editing yaml in vi wasn’t very cool and to start using helm.

Needless to say that was good advice. I still have to remember to push my repos to github. Now my demostration applications are more “cloud native”. I can create and edit them in one environment and use helm install in another and have it just work.

Installation

Using the intructions from:

https://docs.helm.sh/using_helm/

Now I am abreviating most of what is in the docs but I want to clarify on one thing I learn while installing helm. Since I am using K8s 1.9.3 RBAC is required. It would be easy to read to fast through the documentation quickstart and install helm before setting up your roles.

Just for ease I jump straight to this section https://docs.helm.sh/using_helm/#role-based-access-control

Create the rbac-config.yaml file with the following:

apiVersion: v1

kind: ServiceAccount
metadata:
 name: tiller
 namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
 name: tiller
roleRef:
 apiGroup: rbac.authorization.k8s.io
 kind: ClusterRole
 name: cluster-admin
subjects:
 - kind: ServiceAccount
   name: tiller
   namespace: kube-system

 

Now your namespace and Service account roles might be different. This works for my clusters. Read the documentation carefully to make sure you don’t create a security hole.

Download and install helm

  1. Download the correct version for your system. Also if you are managing form a Mac, there is a homebrew install
  2. If you downloaded helm for linux or another system unpack and set the permissions on the binary
    • tar -zxvf helm-v2.0.0-linux-amd64.tgz
    • mv linux-amd64/helm /usr/local/bin/helm
  3. Now if you have helm extracted and installed you should be able to type “helm version” or “helm help”

Setup your RBAC and Install Helm

 

$kubectl create -f rbac-config.yaml

serviceaccount "tiller" created

clusterrolebinding "tiller" created

$ helm init --service-account tiller

We initialized helm with the service account we created within our K8s cluster. Helm has 2 components. First is the helm client. Which is what you are running from your CLI. The second peice is a pod called tiller-deploy-<some unique id>. You can see this pod in my environment by running


$kubectl get pod -n kube-system

If you installed helm into another namespace you will have to substitute your namespace for kube-system.

 

How to use Helm

Basically helm uses a chart. The contents of a chart can be found here(with an example of the files in the directory):

https://docs.helm.sh/developing_charts/#charts


wordpress/

Chart.yaml          # A YAML file containing information about the chart

LICENSE             # OPTIONAL: A plain text file containing the license for the chart

README.md           # OPTIONAL: A human-readable README file

requirements.yaml   # OPTIONAL: A YAML file listing dependencies for the chart

values.yaml         # The default configuration values for this chart

charts/             # OPTIONAL: A directory containing any charts upon which this chart depends.

templates/          # OPTIONAL: A directory of templates that, when combined with values,

# will generate valid Kubernetes manifest files.

templates/NOTES.txt # OPTIONAL: A plain text file containing short usage notes

There are many preconfigured charts in the default repo. You can also add a github repository of your own application as a repo that way you can easily install your charts anywhere. I will post this as a seperate blog.

So how do I actually deploy an application?

$helm install [chart] [flags]

In the following youtube demo I actually have the chart locally on my machine because I wanted to edit the values.yaml file to change some default options. There are ways to override the defaults in the command line. I decided to explore the chart a little more.

To download a chart

$helm fetch [chart]

This will download the tgz file and you can expand this file and see all the contents. For me a good way to learn was to start tweaking the files and see what happened.

Leave a Reply

Your email address will not be published. Required fields are marked *