Notes from episode 26 of TGIK: Helm Yeah!

Over the past few months I’ve been trying to learn everything there is to know about Kubernetes. Kubernetes is an amazing technology for deploying and scaling containers though it comes with a cost. It’s an incredibly complex piece of software and there are a ton of bells and whistles to become familiar with. One way that I’ve found for coming up to speed is Joe Beda’s weekly TGIK live broadcast. This occurs each Friday at 4PM EST and is CHOCK full of fantastic information. In episode twenty-six Joe handed the microphone to Kris Nova to discuss helm. You can watch it here:

Here are some of my takeways from this episode:

• The kooper project is a Go library for creating Kubernetes operators and controllers.
• You can watch Kubernetes build events on the prow website.
• Helm is a tool for managing pre-configured Kubernetes resources. These resources are packaged into charts.
• GitHub has a list of the available charts.
• There are two components to helm:
  • The server which is referred to as tiller.
  • The helm client.
• Helm installation instructions:
  • Download the helm client to your admin station(s).
  • Copy it to a known location.
  • Run helm init to initialize and client and server.
  • Run helm repo update to update your local repository.
• You can list the built-in helm repositories with the repo command:
  $ helm repo list
• You can update repository information with the repo command:
  $ helm repo update
• The helm search command can be used to find charts:
  $ helm search wordpress
• The install command can be used to install a chart:
  $ helm install stable/wordpress --name foo --set wordpressUsername=foo,wordpressPassword=1234
• The draft project can be used to deploy applications to Kubernetes. Draft uses helm behind the covers.
• Charts consist of one or more YAML files to define the resources (chartname/templates) and their configuration (chartname/values.yaml).
• Helm utilizes the built-in Go template language and and extends it further via the sprig project.
• Helm installs with complete global cluster access by default. Be careful!
• Tiller uses ConfigMaps to store release information.
• RBAC support via helm init is being discussed at the Helm summit. You currently need to add it manually.
• Bitnami provided a great write up on the security concerns surrounding helm.

Things I need to learn more about:

• Need to study how helm fits into CI/CD pipelines.
• Need to create a chart from scratch to see what is involved.
• I am petrified of public container images and it looks like helm makes heavy use of them. Need to study the security implications associated with using helm.

This article was posted by Matty on 2018-02-17 08:00:00 -0500 -0500