Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • A command line toolhelm, which provides the user interface to all Helm functionality.

  • Helm permissions are now simply evaluated using kubeconfig file. Cluster administrators can, therefore, restrict user permissions at whatever level they want while releases are still recorded in-cluster, and the rest of Helm functionality remains the same. No more Tiller: Finally, the server-side component of Helm is gone. Tiller was the most significant disadvantage when considering using Helm. Instead, Helm 3 will rely on existing security patterns applied to the given cluster.

  • The Helm packaging format, called charts.

  • An official curated charts repository with prepackaged charts for popular open-source software projects.

  • Chart Registries: Chart Registries will be implemented based on the Docker Distribution Project (aka Docker Registry v2). Helm will benefit from this move dramatically. Users can leverage existing Docker Registry v2 implementations such as Azure Container Registry (ACR) or the Docker Hub to distribute and consume their charts. Hosting Helm Charts in a Docker Registry is possible due to the Open Container Initiative (aka OCI) efforts. Docker Registries can store, maintain, and distribute any data - not just Docker Images. See the ORCAS project for example.

  • Library Charts: Helm 3 will introduce a new type of Charts. Library Charts are small application parts that are used to composite an overall application. Library Charts will be the reusable components of Charts in Helm 3. They don’t contain templates, so they can’t be deployed directly. They will become essential building blocks for developers to craft Application Charts and keep following the Don’t Repeat Yourself principle (DRY).

  • Release Management: In Helm 3, releases will be managed inside of Kubernetes using Release Objects and Kubernetes Secrets. All modifications such as installing, upgrading, downgrading releases will end in having a new version of that Kubernetes Secret. The Release Object acts as a pointer, pointing to the correct Secret for the current Release. Having both (the Release Object and the Secret) in the same Kubernetes Namespace as the actual Deployment allows us to deploy the same Release (with the same name) multiple times to a Kubernetes cluster.

  • Requirements: In Helm 3, dependencies will no longer be maintained using the dedicated requirements.yaml file. Instead, the dependencies are directly listed inside of the Chart.yaml file, which means we as users have to care about fewer files.

  • Helm also has several other features such as integrated testing hooks, built-in rollbacks, release history, nested packages (chart of charts, chart dependencies) that make it really powerful for the full lifecycle of a cluster application.

...

Let’s look at DIGIT Sample app deployment using Helm

Pre-Requisites:

  1. Install Helm: ​Helm Hands on

  2. Install sops: https://github.com/mozilla/sops

Let’s have a look at an eGov app example. (Assuming that already have Helm installed and configured at this point). To start working on a chart, Helm uses a simple command create:

...

After that Helm creates a directory with the following layout:

my-app/ ├── charts ├── Chart.yaml ├── templates │ ├── deployment.yaml │ ├── _helpers.tpl │ ├── ingress.yaml │ ├── NOTES.txt │ └── service.yaml └── values.yaml2 directories, 7 files
Code Block
breakoutModefull-width
languageyaml
.
├── charts
│   ├── bootstrap
│   │   └── zuul
│   │       ├── Chart.yaml
│   │       ├── templates
│   │       │   ├── deployment.yaml
│   │       │   └── service.yaml
│   │       └── values.yaml
│   ├── business-services
│   │   ├── billing-service
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── collection-services
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egf-account-details-consumer
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egf-instrument
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egf-master
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egf-masters
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egf-voucher-indexer
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-hrms
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── finance-collections-voucher-consumer
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   └── whatsapp-webhook
│   │       ├── Chart.yaml
│   │       ├── templates
│   │       │   ├── deployment.yaml
│   │       │   └── service.yaml
│   │       └── values.yaml
│   ├── cluster-configs
│   │   ├── Chart.lock
│   │   ├── Chart.yaml
│   │   ├── templates
│   │   │   ├── common-configmap.yaml
│   │   │   ├── db-secret.yaml
│   │   │   ├── egov-enc-service-secret.yaml
│   │   │   ├── egov-filestore-secret.yaml
│   │   │   ├── egov-location-secret.yaml
│   │   │   ├── egov-notification-mail-secret.yaml
│   │   │   ├── egov-notification-sms-secret.yaml
│   │   │   ├── egov-pg-service-secret.yaml
│   │   │   ├── egov-service-host-comfigmap.yaml
│   │   │   ├── git-sync-secret.yaml
│   │   │   ├── kibana-infra-secret.yaml
│   │   │   ├── kibana-secret.yaml
│   │   │   └── pgadmin-secret.yaml
│   │   └── values.yaml
│   ├── common
│   │   ├── Chart.yaml
│   │   ├── README.md
│   │   ├── templates
│   │   │   ├── _deployment.yaml
│   │   │   ├── _helpers.tpl
│   │   │   └── _service.yaml
│   │   └── values.yaml
│   ├── core-services
│   │   ├── egov-accesscontrol
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-common-masters
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-data-uploader
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-enc-service
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-filestore
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-idgen
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-indexer
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-localization
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-location
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-mdms-service
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-notification-mail
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-notification-sms
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-otp
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-persister
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-searcher
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-user
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-user-event
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-workflow
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── egov-workflow-v2
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   └── user-otp
│   │       ├── Chart.yaml
│   │       ├── templates
│   │       │   ├── deployment.yaml
│   │       │   └── service.yaml
│   │       └── values.yaml
│   ├── frontend
│   │   ├── citizen
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── employee
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── hrms-web
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── rainmaker-custom-service
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── rainmaker-pgr
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── react-pgr-web
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── report
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── ui-app
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── ui-dashboard
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   └── ui-uploader
│   │       ├── Chart.yaml
│   │       ├── templates
│   │       │   ├── deployment.yaml
│   │       │   └── service.yaml
│   │       └── values.yaml
│   ├── infra-services
│   │   ├── egov-telemetry-kafka-streams
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   ├── redoc
│   │   │   ├── Chart.yaml
│   │   │   ├── templates
│   │   │   │   ├── deployment.yaml
│   │   │   │   └── service.yaml
│   │   │   └── values.yaml
│   │   └── telemetry
│   │       ├── Chart.yaml
│   │       ├── templates
│   │       │   ├── deployment.yaml
│   │       │   └── service.yaml
│   │       └── values.yaml
│   └── municipal-services
│       ├── dashboard-analytics
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── dashboard-ingest
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── dss-dashboard
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── egov-apportion-service
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── egov-custom-consumer
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── egov-index-custom-consumer
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── egov-pg-service
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── egov-url-shortening
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── employee-tradelicence
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── firenoc-calculator
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── firenoc-services
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── pdf-service
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── property-services
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── pt-calculator-v2
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── pt-services-v2
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── tl-calculator
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── tl-services
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       ├── ws-calculator
│       │   ├── Chart.yaml
│       │   ├── templates
│       │   │   ├── deployment.yaml
│       │   │   └── service.yaml
│       │   └── values.yaml
│       └── ws-services
│           ├── Chart.yaml
│           ├── templates
│           │   ├── deployment.yaml
│           │   └── service.yaml
│           └── values.yaml
└── environments
    └── dev.yaml

138 directories, 275 files

It has charts directory with chart dependencies, but we don’t need it at the moment.

Next comes Chart.yamlcontaining global variables for the chart such as version and description:

...

  • charts/: Manually managed chart dependencies can be placed in this directory, though it is typically better to use requirements.yaml to dynamically link dependencies.

  • templates/: This directory contains template files that are combined with configuration values (from values.yaml and the command line) and rendered into Kubernetes manifests. The templates use the Go programming language’s template format.

  • Chart.yaml: A YAML file with metadata about the chart, such as chart name and version, maintainer information, a relevant website, and search keywords.

  • LICENSE: A plaintext license for the chart.

  • README.md: A readme file with information for users of the chart.

  • requirements.yaml: A YAML file that lists the chart’s dependencies.

  • values.yaml: A YAML file of default configuration values for the chart.

Code Block
git clone git@github.com:egovernments/eGov-infraOps.git

cd eGov-infraOps/helm  directory after checkout

This will print the manifest to be deployed, basically dry-run:

helm dependency update charts/billing-service 
helm template -f environments/dev.yaml charts/billing-service

To deploy cluster-configs:
sops -d -i environments/dev.yaml && helm template -f environments/dev.yaml charts/cluster-configs