SlideShare a Scribd company logo

Simplify Your Code with Helmfile

Codefresh
Codefresh

WATCH THE WEBINAR HERE:https://codefresh.io/events/simplify-code-helmfile/ You’ve got Helm deploying Charts via Codefresh but now how do you deal with Helm chart dependencies? There has to be a better solution than a Chart of Charts? How do I DRY out my Helm charts and simplify my Codefresh Pipelines for multiple environments? How do I create secrets in Codefresh? Is there another way than using Encrypted Secrets / Environment Variables? Helmfile has solutions to all these common problems and more. In this talk, we will go over some of the common problems you can solve with Helmfile and how you can use it to simplify your code and Codefresh Pipelines.

Technology
1 of 30
Download to read offline
Simplify your Code with Helmfile BRADEN WRIGHT | ROOT LEVEL TECHNOLOGY
Braden Wright Staff Cloud Architect braden.wright@rootleveltech.com
Agenda https://github.com/rootleveltech/codefresh-helmfile-webinar What’s not covered? ● Kubernetes 101 ● Helm 101 ● Codefresh 101
Agenda ● Why Helmfile ● What is Helmfile ● Helm Repos ● More Hooks ● Helm Diff ● Another Approach to Secrets ● Helm Dependencies ● Multiple Environments ● Templating Values yaml https://github.com/rootleveltech/codefresh-helmfile-webinar Common Problems Helmfile can help with...
Why Helmfile? I love Helm but if only I could ... ● Setup Helm Repos ● Automate something to run before / after Helm ● See what’s going to change before Deploying ● Manage Secrets as part of Helm Deploy ● Have dependencies installed as separate Helm Deploy ● Control order of my Helm chart dependencies ● Template values.yaml ● Get data from another source / run a script ● Use Environment Variables
● Wrapper on top of Helm ● No Vendor Lock-in ● Golang Templating without Restrictions https://github.com/roboll/helmfile What is Helmfile?
What is Helmfile?
Demo Disclaimer ● Walkthrough deploys ● Starting from a completely clean GKE install ● Setup in GCP for things like DNS, credentials, etc. ● Mono Repo for our example
Helm missing Repos
Helm missing Repos
Helmfile Hooks Events: prepare, presync, postsync, cleanup
Example: create Namespace before deploying chart Helmfile Hooks
Example: create Namespace before deploying chart Helmfile Hooks
Helm Diff ● Want Terraform Plan for Helm? ● Bug for Helm 3, 3-way diff
Helm Secrets ● How do you create secrets? ● Where do you store sensitive data? ● How do you distribute / share sensitive data? https://github.com/zendesk/helm-secrets
Helm Secrets
Helm Secrets
Helm Secrets
Helm Secrets ● Helmfile uses Helm Secrets Plugin which uses SOPS ● SOPS supports different types of Encryption ○ AWS KMS, GCP KMS, Azure Key Vault, PGP, etc ● Secrets.yaml file gets encrypted and saved in Git ● Use a Secret Resource and unencrypted Secrets.yaml to create safe, secure, reliable, repeatable and distributed way to create Resources https://github.com/zendesk/helm-secrets https://github.com/mozilla/sops https://gist.github.com/twolfson/01d515258eef8bdbda4f
Order Dependencies ● Runs Helm apply times ● Run Helm deploy in specified order ● Deploy parts of Stack using labels and selectors ● Different ways to declare dependencies
Order Dependencies 4 3 2 1
Demo in Codefresh ● Deploy MyApp, Ingress, DNS, Namespace ● Using Secrets.yaml ● Started with cfstep-helmfile but needed to customize https://codefresh.io/steps/step/helmfile
Templating Values Yaml Files ● DRYing out values files ● Use Templating to support ad-hoc environments ● Hierarchy, environment level values files, with default but ability to override. ● Use Env Vars in values.yaml file ● Run scripts to return values ● Expose all of Sprig / Go Templating ● Render out other files ● Use different Secrets.yaml for Different Environments
Demo in Codefresh ● Deploy Stack in 2 Environments ○ Dev ■ DNS in GCP / CloudDNS ■ External DNS Chart ○ Default / Ad-Hoc ■ Leverage Templating / Script to setup an .xip.io address
Environments ● Picture of Yaml with Multiple Environments ● Setup another environment, on the same K8s cluster ● Setup another environment in a different K8s cluster ● Leverage Templating for Ad-Hoc environments
Other Helmfile Features ● Repo Per Chart ● Modules ○ GitHub, S3, etc. ● Env Variables ○ Supports standard, default, required ● Top Level Helmfile to Deploy everything ● Use Helmfile with Kustomize
Mono Repo vs Repo per Chart 1. Talk about mono repo approach we’ve been taking, common b/c of public helms charts repo. Helmfile flexible, so you can setup how you want to 2. Discuss Repo per Chart and things like getting Helmfile from git instead of a local file.
Other Tools ● Look at Helm Plugins ○ Secrets, Diff ● Helmsman, Kustomize ● Check Ecosystem, lots of tools ● Other Tools / Charts ○ https://github.com/stakater/Reloader ○ https://github.com/kubernetes-sigs/external-dns ○ https://github.com/jetstack/cert-manager ○ https://github.com/vmware-tanzu/velero
Summary ● Simple Case Study ● Consider SDLC for Charts ● Tons of power with Sprig / Go Templating ● Try out Helmfile, or evaluate what’s out there
Signup for a FREE account with UNLIMITED builds & schedule a 1:1 with our experts at https://codefresh.io Questions? Schedule a no cost, 1:1 call with our cloud migration specialists at https://rootleveltech.com/

Recommended

Agile vs dev ops
Agile vs dev opsAgile vs dev ops
Agile vs dev ops
OnGraph Technologies
 
DevSecOps | DevOps Sec
DevSecOps | DevOps SecDevSecOps | DevOps Sec
DevSecOps | DevOps Sec
Rubal Jain
 
DevOps Training | DevOps Training Video | DevOps Tools | DevOps Tutorial For ...
DevOps Training | DevOps Training Video | DevOps Tools | DevOps Tutorial For ...DevOps Training | DevOps Training Video | DevOps Tools | DevOps Tutorial For ...
DevOps Training | DevOps Training Video | DevOps Tools | DevOps Tutorial For ...
Simplilearn
 
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...
Christian Schneider
 
How to Get Started with DevSecOps
How to Get Started with DevSecOpsHow to Get Started with DevSecOps
How to Get Started with DevSecOps
CYBRIC
 
Security Process in DevSecOps
Security Process in DevSecOpsSecurity Process in DevSecOps
Security Process in DevSecOps
Opsta
 
Secure Coding for Java
Secure Coding for JavaSecure Coding for Java
Secure Coding for Java
Sébastien GIORIA
 
Service mesh
Service meshService mesh
Service mesh
Arnab Mitra
 

Recommended

Agile vs dev ops
Agile vs dev opsAgile vs dev ops
Agile vs dev ops
OnGraph Technologies
 
DevSecOps | DevOps Sec
DevSecOps | DevOps SecDevSecOps | DevOps Sec
DevSecOps | DevOps Sec
Rubal Jain
 
DevOps Training | DevOps Training Video | DevOps Tools | DevOps Tutorial For ...
DevOps Training | DevOps Training Video | DevOps Tools | DevOps Tutorial For ...DevOps Training | DevOps Training Video | DevOps Tools | DevOps Tutorial For ...
DevOps Training | DevOps Training Video | DevOps Tools | DevOps Tutorial For ...
Simplilearn
 
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...
Security DevOps - Staying secure in agile projects // OWASP AppSecEU 2015 - A...
Christian Schneider
 
How to Get Started with DevSecOps
How to Get Started with DevSecOpsHow to Get Started with DevSecOps
How to Get Started with DevSecOps
CYBRIC
 
Security Process in DevSecOps
Security Process in DevSecOpsSecurity Process in DevSecOps
Security Process in DevSecOps
Opsta
 
Secure Coding for Java
Secure Coding for JavaSecure Coding for Java
Secure Coding for Java
Sébastien GIORIA
 
Service mesh
Service meshService mesh
Service mesh
Arnab Mitra
 
Cryptocurrency : An Introduction
Cryptocurrency : An IntroductionCryptocurrency : An Introduction
Cryptocurrency : An Introduction
Sivarathan Sivarajah
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
Raffaele Di Fazio
 
Benefits of DevSecOps
Benefits of DevSecOpsBenefits of DevSecOps
Benefits of DevSecOps
Finto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
Devops Adoption Roadmap v.2.6
Devops Adoption Roadmap v.2.6Devops Adoption Roadmap v.2.6
Devops Adoption Roadmap v.2.6
Javier Dominguez
 
Introduction to Git and Github
Introduction to Git and GithubIntroduction to Git and Github
Introduction to Git and Github
Houari ZEGAI
 
GitOps and ArgoCD
GitOps and ArgoCDGitOps and ArgoCD
GitOps and ArgoCD
Omar Fathy
 
DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..
Siddharth Joshi
 
Going realtime with Socket.IO
Going realtime with Socket.IOGoing realtime with Socket.IO
Going realtime with Socket.IO
Christian Joudrey
 
CI/CD Best Practices for Your DevOps Journey
CI/CD Best Practices for Your DevOps JourneyCI/CD Best Practices for Your DevOps Journey
CI/CD Best Practices for Your DevOps Journey
DevOps.com
 
Ingress overview
Ingress overviewIngress overview
Ingress overview
Harshal Shah
 
Neoito — GitLab for project management
Neoito — GitLab for project managementNeoito — GitLab for project management
Neoito — GitLab for project management
Neoito
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby Steps
Priyanka Aash
 
DevOps Best Practices
DevOps Best PracticesDevOps Best Practices
DevOps Best Practices
Giragadurai Vallirajan
 
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaStrengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Mohammed A. Imran
 
Insecure Java Deserialization
Insecure Java DeserializationInsecure Java Deserialization
Insecure Java Deserialization
Shiv Sahni
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline
James Wickett
 
SCS DevSecOps Seminar - State of DevSecOps
SCS DevSecOps Seminar - State of DevSecOpsSCS DevSecOps Seminar - State of DevSecOps
SCS DevSecOps Seminar - State of DevSecOps
Stefan Streichsbier
 
Working with kubernetes
Working with kubernetesWorking with kubernetes
Working with kubernetes
Nagaraj Shenoy
 
DevOps 101 - an Introduction to DevOps
DevOps 101 - an Introduction to DevOpsDevOps 101 - an Introduction to DevOps
DevOps 101 - an Introduction to DevOps
Red Gate Software
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsFree GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOps
Weaveworks
 
Hands-on GitOps Patterns for Helm Users
Hands-on GitOps Patterns for Helm UsersHands-on GitOps Patterns for Helm Users
Hands-on GitOps Patterns for Helm Users
Weaveworks
 
My "Perfect" Toolchain Setup for Grails Projects
My "Perfect" Toolchain Setup for Grails ProjectsMy "Perfect" Toolchain Setup for Grails Projects
My "Perfect" Toolchain Setup for Grails Projects
GR8Conf
 

More Related Content

What's hot

CI/CD Best Practices for Your DevOps Journey
CI/CD Best Practices for Your DevOps JourneyCI/CD Best Practices for Your DevOps Journey
CI/CD Best Practices for Your DevOps Journey
DevOps.com
 
DevOps 101 - an Introduction to DevOps
DevOps 101 - an Introduction to DevOpsDevOps 101 - an Introduction to DevOps
DevOps 101 - an Introduction to DevOps
Red Gate Software
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsFree GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOps
Weaveworks
 

What's hot (20)

Cryptocurrency : An Introduction
Cryptocurrency : An IntroductionCryptocurrency : An Introduction
Cryptocurrency : An Introduction
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
Benefits of DevSecOps
Benefits of DevSecOpsBenefits of DevSecOps
Benefits of DevSecOps
 
Devops Adoption Roadmap v.2.6
Devops Adoption Roadmap v.2.6Devops Adoption Roadmap v.2.6
Devops Adoption Roadmap v.2.6
 
Introduction to Git and Github
Introduction to Git and GithubIntroduction to Git and Github
Introduction to Git and Github
 
GitOps and ArgoCD
GitOps and ArgoCDGitOps and ArgoCD
GitOps and ArgoCD
 
DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..DevOps to DevSecOps Journey..
DevOps to DevSecOps Journey..
 
Going realtime with Socket.IO
Going realtime with Socket.IOGoing realtime with Socket.IO
Going realtime with Socket.IO
 
CI/CD Best Practices for Your DevOps Journey
CI/CD Best Practices for Your DevOps JourneyCI/CD Best Practices for Your DevOps Journey
CI/CD Best Practices for Your DevOps Journey
 
Ingress overview
Ingress overviewIngress overview
Ingress overview
 
Neoito — GitLab for project management
Neoito — GitLab for project managementNeoito — GitLab for project management
Neoito — GitLab for project management
 
DevSecOps in Baby Steps
DevSecOps in Baby StepsDevSecOps in Baby Steps
DevSecOps in Baby Steps
 
DevOps Best Practices
DevOps Best PracticesDevOps Best Practices
DevOps Best Practices
 
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaStrengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
 
Insecure Java Deserialization
Insecure Java DeserializationInsecure Java Deserialization
Insecure Java Deserialization
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline
 
SCS DevSecOps Seminar - State of DevSecOps
SCS DevSecOps Seminar - State of DevSecOpsSCS DevSecOps Seminar - State of DevSecOps
SCS DevSecOps Seminar - State of DevSecOps
 
Working with kubernetes
Working with kubernetesWorking with kubernetes
Working with kubernetes
 
DevOps 101 - an Introduction to DevOps
DevOps 101 - an Introduction to DevOpsDevOps 101 - an Introduction to DevOps
DevOps 101 - an Introduction to DevOps
 
Free GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOpsFree GitOps Workshop + Intro to Kubernetes & GitOps
Free GitOps Workshop + Intro to Kubernetes & GitOps
 

Similar to Simplify Your Code with Helmfile

Hashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdf
Hashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdfHashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdf
Hashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdf
ssuser705051
 
Painless ruby deployment on shelly cloud
Painless ruby deployment on shelly cloudPainless ruby deployment on shelly cloud
Painless ruby deployment on shelly cloud
Giedrius Rimkus
 
Taking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and DecideTaking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and Decide
Bret Fisher
 
Taking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and DecideTaking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and Decide
Docker, Inc.
 
CERN OpenStack Cloud Control Plane - From VMs to K8s
CERN OpenStack Cloud Control Plane - From VMs to K8sCERN OpenStack Cloud Control Plane - From VMs to K8s
CERN OpenStack Cloud Control Plane - From VMs to K8s
Belmiro Moreira
 
Kubernetes is hard! Lessons learned taking our apps to Kubernetes - Eldad Ass...
Kubernetes is hard! Lessons learned taking our apps to Kubernetes - Eldad Ass...Kubernetes is hard! Lessons learned taking our apps to Kubernetes - Eldad Ass...
Kubernetes is hard! Lessons learned taking our apps to Kubernetes - Eldad Ass...
Cloud Native Day Tel Aviv
 
Becoming A Drupal Master Builder
Becoming A Drupal Master BuilderBecoming A Drupal Master Builder
Becoming A Drupal Master Builder
Philip Norton
 

Similar to Simplify Your Code with Helmfile (20)

Hands-on GitOps Patterns for Helm Users
Hands-on GitOps Patterns for Helm UsersHands-on GitOps Patterns for Helm Users
Hands-on GitOps Patterns for Helm Users
 
My "Perfect" Toolchain Setup for Grails Projects
My "Perfect" Toolchain Setup for Grails ProjectsMy "Perfect" Toolchain Setup for Grails Projects
My "Perfect" Toolchain Setup for Grails Projects
 
Drupal Best Practices
Drupal Best PracticesDrupal Best Practices
Drupal Best Practices
 
Hashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdf
Hashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdfHashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdf
Hashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdf
 
Terraform-2.pdf
Terraform-2.pdfTerraform-2.pdf
Terraform-2.pdf
 
Painless ruby deployment on shelly cloud
Painless ruby deployment on shelly cloudPainless ruby deployment on shelly cloud
Painless ruby deployment on shelly cloud
 
Taking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and DecideTaking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and Decide
 
Taking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and DecideTaking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and Decide
 
DCRUG: Achieving Development-Production Parity
DCRUG: Achieving Development-Production ParityDCRUG: Achieving Development-Production Parity
DCRUG: Achieving Development-Production Parity
 
Secrets Management and Delivery to Kubernetes Pods
Secrets Management and Delivery to Kubernetes PodsSecrets Management and Delivery to Kubernetes Pods
Secrets Management and Delivery to Kubernetes Pods
 
reBuy on Kubernetes
reBuy on KubernetesreBuy on Kubernetes
reBuy on Kubernetes
 
Deploying PostgreSQL on Kubernetes
Deploying PostgreSQL on KubernetesDeploying PostgreSQL on Kubernetes
Deploying PostgreSQL on Kubernetes
 
CERN OpenStack Cloud Control Plane - From VMs to K8s
CERN OpenStack Cloud Control Plane - From VMs to K8sCERN OpenStack Cloud Control Plane - From VMs to K8s
CERN OpenStack Cloud Control Plane - From VMs to K8s
 
Kubernetes Webinar - Using ConfigMaps & Secrets
Kubernetes Webinar - Using ConfigMaps & Secrets Kubernetes Webinar - Using ConfigMaps & Secrets
Kubernetes Webinar - Using ConfigMaps & Secrets
 
Kubernetes is hard! Lessons learned taking our apps to Kubernetes - Eldad Ass...
Kubernetes is hard! Lessons learned taking our apps to Kubernetes - Eldad Ass...Kubernetes is hard! Lessons learned taking our apps to Kubernetes - Eldad Ass...
Kubernetes is hard! Lessons learned taking our apps to Kubernetes - Eldad Ass...
 
Becoming A Drupal Master Builder
Becoming A Drupal Master BuilderBecoming A Drupal Master Builder
Becoming A Drupal Master Builder
 
From SaltStack to Puppet and beyond...
From SaltStack to Puppet and beyond...From SaltStack to Puppet and beyond...
From SaltStack to Puppet and beyond...
 
Heroku to Kubernetes & Gihub to Gitlab success story
Heroku to Kubernetes & Gihub to Gitlab success storyHeroku to Kubernetes & Gihub to Gitlab success story
Heroku to Kubernetes & Gihub to Gitlab success story
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
 
Building an Apache Hadoop data application
Building an Apache Hadoop data applicationBuilding an Apache Hadoop data application
Building an Apache Hadoop data application
 

More from Codefresh

Detect, debug, deploy with Codefresh and Lightstep
Detect, debug, deploy with Codefresh and LightstepDetect, debug, deploy with Codefresh and Lightstep
Detect, debug, deploy with Codefresh and Lightstep
Codefresh
 
Hybrid CI/CD with Kubernetes & Codefresh
Hybrid CI/CD with Kubernetes & Codefresh Hybrid CI/CD with Kubernetes & Codefresh
Hybrid CI/CD with Kubernetes & Codefresh
Codefresh
 
Deploy Secure Cloud-Native Apps Fast
Deploy Secure Cloud-Native Apps Fast Deploy Secure Cloud-Native Apps Fast
Deploy Secure Cloud-Native Apps Fast
Codefresh
 
Adding Container Image Scanning to Your Codefresh Pipelines with Anchore
Adding Container Image Scanning to Your Codefresh Pipelines with AnchoreAdding Container Image Scanning to Your Codefresh Pipelines with Anchore
Adding Container Image Scanning to Your Codefresh Pipelines with Anchore
Codefresh
 
Image scanning using Clair
Image scanning using Clair Image scanning using Clair
Image scanning using Clair
Codefresh
 
Multi-cloud CI/CD with failover powered by K8s, Istio, Helm, and Codefresh
Multi-cloud CI/CD with failover powered by K8s, Istio, Helm, and Codefresh Multi-cloud CI/CD with failover powered by K8s, Istio, Helm, and Codefresh
Multi-cloud CI/CD with failover powered by K8s, Istio, Helm, and Codefresh
Codefresh
 

More from Codefresh (20)

Detect, debug, deploy with Codefresh and Lightstep
Detect, debug, deploy with Codefresh and LightstepDetect, debug, deploy with Codefresh and Lightstep
Detect, debug, deploy with Codefresh and Lightstep
 
CICD Pipelines for Microservices: Lessons from the Trenches
CICD Pipelines for Microservices: Lessons from the TrenchesCICD Pipelines for Microservices: Lessons from the Trenches
CICD Pipelines for Microservices: Lessons from the Trenches
 
Making the Most of Helm 3 with Codefresh
Making the Most of Helm 3 with CodefreshMaking the Most of Helm 3 with Codefresh
Making the Most of Helm 3 with Codefresh
 
5 Simple Tips for Troubleshooting Your Kubernetes Pods
5 Simple Tips for Troubleshooting Your Kubernetes Pods5 Simple Tips for Troubleshooting Your Kubernetes Pods
5 Simple Tips for Troubleshooting Your Kubernetes Pods
 
Best Practices for Microservice CI/CD: Lessons from Expedia and Codefresh
Best Practices for Microservice CI/CD: Lessons from Expedia and CodefreshBest Practices for Microservice CI/CD: Lessons from Expedia and Codefresh
Best Practices for Microservice CI/CD: Lessons from Expedia and Codefresh
 
Hybrid CI/CD with Kubernetes & Codefresh
Hybrid CI/CD with Kubernetes & Codefresh Hybrid CI/CD with Kubernetes & Codefresh
Hybrid CI/CD with Kubernetes & Codefresh
 
VM vs Docker-Based Pipelines
VM vs Docker-Based PipelinesVM vs Docker-Based Pipelines
VM vs Docker-Based Pipelines
 
Why You Should be Using Multi-stage Docker Builds in 2019
Why You Should be Using Multi-stage Docker Builds in 2019Why You Should be Using Multi-stage Docker Builds in 2019
Why You Should be Using Multi-stage Docker Builds in 2019
 
Deploy Secure Cloud-Native Apps Fast
Deploy Secure Cloud-Native Apps Fast Deploy Secure Cloud-Native Apps Fast
Deploy Secure Cloud-Native Apps Fast
 
CICD Pipelines for Microservices Best Practices
CICD Pipelines for Microservices Best Practices CICD Pipelines for Microservices Best Practices
CICD Pipelines for Microservices Best Practices
 
Codefresh CICD New Features Launch! May 2019
Codefresh CICD New Features Launch! May 2019Codefresh CICD New Features Launch! May 2019
Codefresh CICD New Features Launch! May 2019
 
Terraform GitOps on Codefresh
Terraform GitOps on CodefreshTerraform GitOps on Codefresh
Terraform GitOps on Codefresh
 
Adding Container Image Scanning to Your Codefresh Pipelines with Anchore
Adding Container Image Scanning to Your Codefresh Pipelines with AnchoreAdding Container Image Scanning to Your Codefresh Pipelines with Anchore
Adding Container Image Scanning to Your Codefresh Pipelines with Anchore
 
Image scanning using Clair
Image scanning using Clair Image scanning using Clair
Image scanning using Clair
 
Updating Kubernetes With Helm Charts: Build, Test, Deploy with Codefresh and...
Updating Kubernetes With Helm Charts: Build, Test, Deploy with Codefresh and... Updating Kubernetes With Helm Charts: Build, Test, Deploy with Codefresh and...
Updating Kubernetes With Helm Charts: Build, Test, Deploy with Codefresh and...
 
Docker based-Pipelines with Codefresh
Docker based-Pipelines with CodefreshDocker based-Pipelines with Codefresh
Docker based-Pipelines with Codefresh
 
Automated Serverless Pipelines with #GitOps on Codefresh
Automated Serverless Pipelines with #GitOps on CodefreshAutomated Serverless Pipelines with #GitOps on Codefresh
Automated Serverless Pipelines with #GitOps on Codefresh
 
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
Discovering and Fixing Dependency Vulnerabilities for Kubernetes apps with Sn...
 
Net Pipeline on Windows Kubernetes
Net Pipeline on Windows KubernetesNet Pipeline on Windows Kubernetes
Net Pipeline on Windows Kubernetes
 
Multi-cloud CI/CD with failover powered by K8s, Istio, Helm, and Codefresh
Multi-cloud CI/CD with failover powered by K8s, Istio, Helm, and Codefresh Multi-cloud CI/CD with failover powered by K8s, Istio, Helm, and Codefresh
Multi-cloud CI/CD with failover powered by K8s, Istio, Helm, and Codefresh
 

Recently uploaded

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Recently uploaded (20)

Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 

Simplify Your Code with Helmfile

  • 1. Simplify your Code with Helmfile BRADEN WRIGHT | ROOT LEVEL TECHNOLOGY
  • 4. Agenda ● Why Helmfile ● What is Helmfile ● Helm Repos ● More Hooks ● Helm Diff ● Another Approach to Secrets ● Helm Dependencies ● Multiple Environments ● Templating Values yaml https://github.com/rootleveltech/codefresh-helmfile-webinar Common Problems Helmfile can help with...
  • 5. Why Helmfile? I love Helm but if only I could ... ● Setup Helm Repos ● Automate something to run before / after Helm ● See what’s going to change before Deploying ● Manage Secrets as part of Helm Deploy ● Have dependencies installed as separate Helm Deploy ● Control order of my Helm chart dependencies ● Template values.yaml ● Get data from another source / run a script ● Use Environment Variables
  • 6. ● Wrapper on top of Helm ● No Vendor Lock-in ● Golang Templating without Restrictions https://github.com/roboll/helmfile What is Helmfile?
  • 8. Demo Disclaimer ● Walkthrough deploys ● Starting from a completely clean GKE install ● Setup in GCP for things like DNS, credentials, etc. ● Mono Repo for our example
  • 11. Helmfile Hooks Events: prepare, presync, postsync, cleanup
  • 12. Example: create Namespace before deploying chart Helmfile Hooks
  • 13. Example: create Namespace before deploying chart Helmfile Hooks
  • 14. Helm Diff ● Want Terraform Plan for Helm? ● Bug for Helm 3, 3-way diff
  • 15. Helm Secrets ● How do you create secrets? ● Where do you store sensitive data? ● How do you distribute / share sensitive data? https://github.com/zendesk/helm-secrets
  • 19. Helm Secrets ● Helmfile uses Helm Secrets Plugin which uses SOPS ● SOPS supports different types of Encryption ○ AWS KMS, GCP KMS, Azure Key Vault, PGP, etc ● Secrets.yaml file gets encrypted and saved in Git ● Use a Secret Resource and unencrypted Secrets.yaml to create safe, secure, reliable, repeatable and distributed way to create Resources https://github.com/zendesk/helm-secrets https://github.com/mozilla/sops https://gist.github.com/twolfson/01d515258eef8bdbda4f
  • 20. Order Dependencies ● Runs Helm apply times ● Run Helm deploy in specified order ● Deploy parts of Stack using labels and selectors ● Different ways to declare dependencies
  • 22. Demo in Codefresh ● Deploy MyApp, Ingress, DNS, Namespace ● Using Secrets.yaml ● Started with cfstep-helmfile but needed to customize https://codefresh.io/steps/step/helmfile
  • 23. Templating Values Yaml Files ● DRYing out values files ● Use Templating to support ad-hoc environments ● Hierarchy, environment level values files, with default but ability to override. ● Use Env Vars in values.yaml file ● Run scripts to return values ● Expose all of Sprig / Go Templating ● Render out other files ● Use different Secrets.yaml for Different Environments
  • 24. Demo in Codefresh ● Deploy Stack in 2 Environments ○ Dev ■ DNS in GCP / CloudDNS ■ External DNS Chart ○ Default / Ad-Hoc ■ Leverage Templating / Script to setup an .xip.io address
  • 25. Environments ● Picture of Yaml with Multiple Environments ● Setup another environment, on the same K8s cluster ● Setup another environment in a different K8s cluster ● Leverage Templating for Ad-Hoc environments
  • 26. Other Helmfile Features ● Repo Per Chart ● Modules ○ GitHub, S3, etc. ● Env Variables ○ Supports standard, default, required ● Top Level Helmfile to Deploy everything ● Use Helmfile with Kustomize
  • 27. Mono Repo vs Repo per Chart 1. Talk about mono repo approach we’ve been taking, common b/c of public helms charts repo. Helmfile flexible, so you can setup how you want to 2. Discuss Repo per Chart and things like getting Helmfile from git instead of a local file.
  • 28. Other Tools ● Look at Helm Plugins ○ Secrets, Diff ● Helmsman, Kustomize ● Check Ecosystem, lots of tools ● Other Tools / Charts ○ https://github.com/stakater/Reloader ○ https://github.com/kubernetes-sigs/external-dns ○ https://github.com/jetstack/cert-manager ○ https://github.com/vmware-tanzu/velero
  • 29. Summary ● Simple Case Study ● Consider SDLC for Charts ● Tons of power with Sprig / Go Templating ● Try out Helmfile, or evaluate what’s out there
  • 30. Signup for a FREE account with UNLIMITED builds & schedule a 1:1 with our experts at https://codefresh.io Questions? Schedule a no cost, 1:1 call with our cloud migration specialists at https://rootleveltech.com/