The document discusses how Helm can help manage Kubernetes deployments by bundling manifests into reusable charts. It describes how Helm works by initializing a Tiller server and installing charts which generate Kubernetes resources. The document outlines best practices for writing charts, including using templates, values, and dependencies. It also provides tips for tools like kubeval and kubetest that can help validate charts.

1. Steering the course with
Dirk Jablonski
ePages GmbH

2. Motivation
March 8, 2018 2

3. How we use Kubernetes
BUILD ACCEPTANCE PRE-PROD PROD
CREATE
DEPLOY
DEPLOY
DEPLOY
March 8, 2018 Motivation 3

4. How we want out deployments to be…
DEV PROD
March 8, 2018 Motivation 4

5. …and how it often ended up
DEV PDPROD
March 8, 2018 Motivation 5

6. What Kinds of Icebergs we hit
handwritten manifests are error-prone
March 8, 2018 Motivation 6

7. What Kinds of Icebergs we hit
overriding values per environment is quirky
March 8, 2018 Motivation 7

8. What Kinds of Icebergs we hit
manifests are mostly duplicated code
March 8, 2018 Motivation 8

9. to the rescue!
March 8, 2018 9

10. What is Helm?
“Kubernetes Package Manager”
March 8, 2018 Helm to the rescue 10

11. What does Helm do?
• bundles related manifests
into charts, e.g.
• deployment.yaml
• service.yaml
• ingress.yaml
• etc.
• when installing a chart, Helm
creates a release
March 8, 2018 Helm to the rescue 11

12. What does Helm do?
• provides solid templating
• utilizes Go templates &
Sprig template library
March 8, 2018 Helm to the rescue 12

13. What does Helm do?
• allows to override values
easily
• overrides can originate from
• child charts
• additional values files
• command-line values
• override order is clearly
defined
March 8, 2018 Helm to the rescue 13

14. What does Helm do?
• enables reuse & composition
via dependencies
March 8, 2018 Helm to the rescue 14

15. Use Cases?
Managing your own charts
• create charts for your own
applications
Utilizing community charts
• easily install standard
applications, e.g. Prometheus
March 8, 2018 Helm to the rescue 15

16. How it works
March 8, 2018 16

17. Initializing the Cluster
API
server
$ helm init «Pod»
tiller
March 8, 2018 How it works 17

18. Installing a Chart
API
server
$ helm install <chart> «Pod»
tiller
«service»
xyz
«deploym»
xyz
«secret»
xyz
Release
March 8, 2018 How it works 18

19. Upgrading a Chart
API
server
$ helm upgrade <release>
<chart>
«Pod»
tiller
«service»
xyz
«deploym»
xyz
«secret»
xyz
March 8, 2018 How it works 19

20. Charts
March 8, 2018 20

21. Charts
• bundle meta data, templates,
default values & docs
• use “helm create“ to generate
skeleton
• need semantic version numbers
March 8, 2018 Charts 21

22. Chart.yaml
• defines name & version
• may include additional meta data,
e.g. app version, maintainer etc.
March 8, 2018 Charts 22

23. Templates
• YAML files for whatever manifests you
need to create
• will be rendered as part of the release
March 8, 2018 Charts 23

24. Template Example
March 8, 2018 Charts 24

25. Helpers
• files beginning with “_” will NOT be rendered as
part of the release
• contain helper templates used in multiple places
within the chart
• By convention end with “.tpl”
March 8, 2018 Charts 25

26. values.yaml
• contains default values for the chart
March 8, 2018 Charts 26

27. requirements.yaml
• lists dependencies for this chart
March 8, 2018 Charts 27

28. How to organize Charts
Chart per service One Chart to Rule Them All
March 8, 2018 Charts 28

29. Chart per Service
Pro
• flexible
• low complexity of charts
• simple versioning
Contra
• huge amount of duplication
• difficult to keep consistent
• hard to introduce global
changes
March 8, 2018 Charts 29

30. One Chart to Rule Them All
Pro
• avoids unnecessary
duplication
• consistency
• easy to introduce global
changes
Contra
• high complexity of templates
• tight coupling
• less flexible
March 8, 2018 Charts 30

31. Hybrid Approach
• one “master” chart per service group
• one dependent chart per service, containing
• values
• specific additions
March 8, 2018 Charts 31

32. Writing Templates
March 8, 2018 32

33. Built-in Objects
• provide access to specific
sets of values
• the main ones are:
• Chart
• Release
• Values
March 8, 2018 Writing Templates 33

34. Control Structures
• Go templates provide typical
control structures:
• if / else
• range (loop)
• with (scoping)
March 8, 2018 Writing Templates 34

35. Functions
• Go templates provide some
basic functions
• Sprig template library provide
a lot of additions
• Examples:
• default
• quote
• b64enc
• sha256sum
• trim
• …
March 8, 2018 Writing Templates 35

36. Pipelines
• most functions (and expressions) can be pipelined
• provides the well-known benefits of composability
March 8, 2018 Writing Templates 36

37. Checking the Results
helm lint
• examines a chart for possible
issues
• emits ERROR messages
when the chart will fail
• emits WARNING when
conventions & best practices
are violated
helm template
• locally render templates
• does not require Tiller
March 8, 2018 Writing Templates 37

38. Helpful Tools & Tricks
March 8, 2018 38

39. kubeval
• kubeval validates manifests against specific API versions
• mostly provides detailed validation errors
• pass a manifest file name or pipe to stdin:
March 8, 2018 Helpful Tools & Tricks 39

40. kubetest
• kubetest let‘s you write automatic tests to check the
generated manifests
• tests are written in Skylark, a lightweight Python dialect
• can be used to verify some invariants, e.g.
• existence of specific labels or annotations
• minimum number of replicas
• etc.
March 8, 2018 Helpful Tools & Tricks 40

41. Tips & Tricks (1)
If you want to override value lists…
March 8, 2018 Helpful Tools & Tricks 41

42. Tips & Tricks (2)
This way, you can override them indiviually, instead of only whole lists
March 8, 2018 Helpful Tools & Tricks 42
…use hashes instead

43. Questions?
March 8, 2018 43

44. Resources
• Helm docs
https://docs.helm.sh/
• Michael Goodness: One
Chart to Rule Them All
(YouTube)
http://bit.ly/2DoERqM
• kubeval
https://github.com/garethr/kub
eval
• kubetest
https://github.com/garethr/kub
etest
• Artifactory Helm integration
https://jfrog.com/integration/k
ubernetes-helm/
• ChartMuseum
https://github.com/kubernetes
-helm/chartmuseum
March 8, 2018 44

45. Thank you!
d.jablonski@epages.com
@djablonski