DIGIT Installation - Helm
What is Helm:
Helm is a package manager for Kubernetes that allows developers and operators to more easily package, configure, and deploy applications and services onto Kubernetes clusters in the form of helm chart. What is a helm chart? It is basically a set of templates and a file containing variables used to fill these templates based on the custom values and configurations.
Helm is an official Kubernetes project and is part of the Cloud Native Computing Foundation, a non-profit that supports open source projects in and around the Kubernetes ecosystem.
What Helm can do:
Install software.
Automatically install software dependencies.
Upgrade software.
Configure software deployments.
Fetch software packages from repositories.
Helm functional components:
A command line tool,
helm
, which provides the user interface to all Helm functionality.Helm permissions are now simply evaluated using kubeconfig file. Cluster administrators can, therefore, restrict user permissions at whatever level they want while releases are still recorded in-cluster, and the rest of Helm functionality remains the same. No more Tiller: Finally, the server-side component of Helm is gone. Tiller was the most significant disadvantage when considering using Helm. Instead, Helm 3 will rely on existing security patterns applied to the given cluster.
The Helm packaging format, called charts.
An official curated charts repository with prepackaged charts for popular open-source software projects.
Chart Registries: Chart Registries will be implemented based on the Docker Distribution Project (aka Docker Registry v2). Helm will benefit from this move dramatically. Users can leverage existing Docker Registry v2 implementations such as Azure Container Registry (ACR) or the Docker Hub to distribute and consume their charts. Hosting Helm Charts in a Docker Registry is possible due to the Open Container Initiative (aka OCI) efforts. Docker Registries can store, maintain, and distribute any data - not just Docker Images. See the ORCAS project for example.
Library Charts: Helm 3 will introduce a new type of Charts. Library Charts are small application parts that are used to composite an overall application. Library Charts will be the reusable components of Charts in Helm 3. They don’t contain templates, so they can’t be deployed directly. They will become essential building blocks for developers to craft Application Charts and keep following the Don’t Repeat Yourself principle (DRY).
Release Management: In Helm 3, releases will be managed inside of Kubernetes using Release Objects and Kubernetes Secrets. All modifications such as installing, upgrading, downgrading releases will end in having a new version of that Kubernetes Secret. The Release Object acts as a pointer, pointing to the correct Secret for the current Release. Having both (the Release Object and the Secret) in the same Kubernetes Namespace as the actual Deployment allows us to deploy the same Release (with the same name) multiple times to a Kubernetes cluster.
Requirements: In Helm 3, dependencies will no longer be maintained using the dedicated
requirements.yaml
file. Instead, the dependencies are directly listed inside of theChart.yaml
file, which means we as users have to care about fewer files.Helm also has several other features such as integrated testing hooks, built-in rollbacks, release history, nested packages (chart of charts, chart dependencies) that make it really powerful for the full lifecycle of a cluster application.
Let’s look at DIGIT Sample app deployment using Helm
Pre-Requisites:
Install Helm: Helm Hands on
Install sops: https://github.com/mozilla/sops
Let’s have a look at an eGov app example. To start working on a chart, Helm uses a simple command create
:
$ helm create my-app
After that Helm creates a directory with the following layout:
.
├── charts
│ ├── bootstrap
│ │ └── zuul
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── business-services
│ │ ├── billing-service
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── collection-services
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egf-account-details-consumer
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egf-instrument
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egf-master
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egf-masters
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egf-voucher-indexer
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-hrms
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── finance-collections-voucher-consumer
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ └── whatsapp-webhook
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── cluster-configs
│ │ ├── Chart.lock
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── common-configmap.yaml
│ │ │ ├── db-secret.yaml
│ │ │ ├── egov-enc-service-secret.yaml
│ │ │ ├── egov-filestore-secret.yaml
│ │ │ ├── egov-location-secret.yaml
│ │ │ ├── egov-notification-mail-secret.yaml
│ │ │ ├── egov-notification-sms-secret.yaml
│ │ │ ├── egov-pg-service-secret.yaml
│ │ │ ├── egov-service-host-comfigmap.yaml
│ │ │ ├── git-sync-secret.yaml
│ │ │ ├── kibana-infra-secret.yaml
│ │ │ ├── kibana-secret.yaml
│ │ │ └── pgadmin-secret.yaml
│ │ └── values.yaml
│ ├── common
│ │ ├── Chart.yaml
│ │ ├── README.md
│ │ ├── templates
│ │ │ ├── _deployment.yaml
│ │ │ ├── _helpers.tpl
│ │ │ └── _service.yaml
│ │ └── values.yaml
│ ├── core-services
│ │ ├── egov-accesscontrol
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-common-masters
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-data-uploader
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-enc-service
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-filestore
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-idgen
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-indexer
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-localization
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-location
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-mdms-service
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-notification-mail
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-notification-sms
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-otp
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-persister
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-searcher
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-user
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-user-event
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-workflow
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── egov-workflow-v2
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ └── user-otp
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── frontend
│ │ ├── citizen
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── employee
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── hrms-web
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── rainmaker-custom-service
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── rainmaker-pgr
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── react-pgr-web
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── report
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── ui-app
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── ui-dashboard
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ └── ui-uploader
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── infra-services
│ │ ├── egov-telemetry-kafka-streams
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ ├── redoc
│ │ │ ├── Chart.yaml
│ │ │ ├── templates
│ │ │ │ ├── deployment.yaml
│ │ │ │ └── service.yaml
│ │ │ └── values.yaml
│ │ └── telemetry
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ └── municipal-services
│ ├── dashboard-analytics
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── dashboard-ingest
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── dss-dashboard
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── egov-apportion-service
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── egov-custom-consumer
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── egov-index-custom-consumer
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── egov-pg-service
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── egov-url-shortening
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── employee-tradelicence
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── firenoc-calculator
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── firenoc-services
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── pdf-service
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── property-services
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── pt-calculator-v2
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── pt-services-v2
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── tl-calculator
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── tl-services
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ ├── ws-calculator
│ │ ├── Chart.yaml
│ │ ├── templates
│ │ │ ├── deployment.yaml
│ │ │ └── service.yaml
│ │ └── values.yaml
│ └── ws-services
│ ├── Chart.yaml
│ ├── templates
│ │ ├── deployment.yaml
│ │ └── service.yaml
│ └── values.yaml
└── environments
└── dev.yaml
138 directories, 275 files
It has charts
directory with chart dependencies, but we don’t need it at the moment.
Next comes Chart.yaml
containing global variables for the chart such as version and description:
These directories and files have the following functions:
charts/: Manually managed chart dependencies can be placed in this directory, though it is typically better to use
requirements.yaml
to dynamically link dependencies.templates/: This directory contains template files that are combined with configuration values (from
values.yaml
and the command line) and rendered into Kubernetes manifests. The templates use the Go programming language’s template format.Chart.yaml: A YAML file with metadata about the chart, such as chart name and version, maintainer information, a relevant website, and search keywords.
LICENSE: A plaintext license for the chart.
README.md: A readme file with information for users of the chart.
values.yaml: A YAML file of default configuration values for the chart.
git clone git@github.com:egovernments/eGov-infraOps.git
cd eGov-infraOps/helm directory after checkout
This will print the manifest to be deployed, basically dry-run:
helm dependency update charts/billing-service
helm template -f environments/dev.yaml charts/billing-service
To deploy cluster-configs:
sops -d -i environments/dev.yaml && helm template -f environments/dev.yaml charts/cluster-configs