Introduction to Helm.

Introduction to Helm.

What is Helm?

It was one of the first Kubernetes package managers. It essentially helps users in packaging up all of the resources needed for a Kubernetes deployment.

For many software vendors and projects, Helm is a popular installation method for installing resources on your Kubernetes cluster.

Package management is not a new concept, if you are a Linux user, you are familiar with APT, YUM/RPM, etc, which are essential for installing and uninstalling software. Similarly, we have Homebrew for Mac and Chocolately for Windows.

helm.png

History of Helm

At the first Kubecon in 2015, Helm was first introduced. Helm was created by Deis, a company dedicated to helping the Kubernetes ecosystem that was later acquired by Microsoft.

In June 2018, Helm was promoted from a Kubernetes subproject to a full-fledged CNCF project. Helm established a top-level governing body, and several projects were incorporated into the Helm project.

In April 2020, Helm graduated as a CNCF project.

Why Helm?

As the Kubernetes platform and ecosystem grew, deploying only one Kubernetes configuration file (a single YAML) was no longer the case. There may be multiple clusters to deploy to and resources to orchestrate within a Kubernetes cluster. As the number of YAMLs grew, so did the question of where to store them. Helm is here to help with these issues.

If there are multiple Kubernetes clusters with different configurations, Helm should be used. Many software vendors and open source projects offer Helm repositories or charts to users as a way for them to install applications in the Kubernetes cluster.

Helm charts

Helm uses the Charts packaging format. Helm charts are a collection of YAML files. Helm charts, like other convention-based package manager formats, have a directory structure/tree. These charts are either kept in a public or private repository, known as Helm Chart Repository.

Charts are what are installed and uninstalled in Kubernetes clusters, and a chart that is running is referred to as a release. At last, a Helm Chart is a template that executes to convert Chart definitions to Kubernetes manifests.

When we create a Helm chart, we should include a version number that follows the semantic versioning. Other charts are referred to as dependencies on Helm charts.

weather-helm
|-- Chart.yaml
|-- charts
|-- templates
|   |-- NOTES.txt
|   |-- _helpers.tpl
|   |-- deployment.yaml
|   |-- hpa.yaml
|   |-- ingress.yaml
|   |-- service.yaml
|   |-- serviceaccount.yaml
|   `-- tests
|       `-- test-connection.yaml
`-- values.yaml

Let's look at each directory and file individually.

  1. charts/: Various charts might be included in the directory (which we call sub-charts).

  2. Chart.yaml : This section contains the chart's description, such as apiVersion, name, and version. Each chart should have its own version number and adhere to the Semantic Versioning guidelines, but there is no such rule for apiVersion.

  3. values.yaml : As the name implies, it has something to do with values, and you are correct. It is one of the template's most important files. This file contains the chart's default values. Users can also override these values.

  4. templates/: Helm relies heavily on templates. The template files are kept in the Template Directory. When Helm evaluates a chart, it runs the template rendering engine on all files in the templates/ directory. The information from the templates is then collected and sent to the Kubernetes cluster. Helm uses Go Templating when conditional logic needs to be included in the templates.

If you take a look at the templates/ directory, you'll notice a few files already there.

  • NOTES.txt: Your chart's "help text." When your users run the helm install command, this will be displayed to them.
  • deployment.yaml: A basic manifest for creating a Kubernetes deployment.
  • service.yaml: A basic manifest for creating a service endpoint for your deployment.
  • _helpers.tpl: A place to put template helpers that you can re-use throughout the chart.

We can actually create our own NOTES.txt and _helpers.tpl.

Helm Templating functions

Helm's resource files are templated using Go templates. While Go includes a number of built-in functions, Helm has added several of the new ones.

include and required are the two special templating functions.

  • include function: We can bring in another template and also pass the output of one template to another templating function by using the include function. Example:

    value: {{ include "template1" . | lower | quote }}
    

    This is an example of a template named template1 being included and the result being in lowercase and quoted.

  • required function: This function declares that a specific value is required for that template to be rendered, if it is not provided, an error message defined by the user will be printed. Example:

    value: {{ required "A valid .Values.foo entry required!" .Values.foo}}
    

Differences between Helm v2 & v3

Helm 1.0 was released in February 2016, followed by Helm 2.0 in November, and Helm 3.0 in November 2019. Since the project's 2016 launch, it has expanded quickly and improved steadily. Helm 3.0 is much easier to use and smarter.

Let's compare helm 2.0 and helm 3.0 to see the changes that were made.

Helm-2-vs-Helm-3-architecture-e1615365837386.png

Helm has a command line interface (CLI) through which we can perform actions. When Helm 2.0 was released, Kubernetes lacked features such as Role Based Access Control (RBAC) and Custom Resource Definitions (CRDs), so an additional component had to be installed in the Kuebrnetes cluster to allow Helm to work.

So, whenever you wanted to perform a helm-specific operation, your helm-client communicated with Tiller, which was running on a different server. Tiller then communicated with Kubernetes and proceeded to take the action you requested. Thus, Tiller acted as a middleman. Tiller has the power to do anything in the cluster, which raised many security concerns. As in the Kubernetes cluster, the user now has access to do whatever they want.

Tiller was removed from Helm 3.0 because it was no longer necessary due to the inclusion of RBAC and CRDs in Kubernetes, which reduced the security concerns it raised.

3-way Strategic Merge Patches:

  • On rollbacks/upgrades, only 2-way merge patch (old chart → new chart)
  • Helm 3 considers the old chart → live state → new chart.

3waymerge.png

… and more!

A step-by-step guide for making and deploying a Helm chart.

Prerequisites

  • Access to a CLI
  • kubernetes cluster installed and configured.
  • Helm installed and configured.

Note: To confirm Helm installed properly, run which helm in the terminal. The output should return a path to Helm.

Creating the Helm Chart

Step 1: Create a New Helm Chart

$ helm create weather-helm

That is it and the basic Helm Chart skeleton with the name weather-helm is ready.

Step 2: Using the tree command, list the chart structure:

$ tree weather-helm

Every configuration in the Helm Chart ecosystem is defined as YAML configuration. Creating a Helm chart involves creating the chart itself, configuring the image pull policy, and specifying additional information in the values.yaml file.

Step 3: Wouldn't it be nice if you could see the service.yaml, deployment.yaml with its actual values before running the helm install command? Yes you can do that with the helm template command.

$ helm template weather-helm

You cannot run the above command from within the specified directory, so exit and then execute the command.

When you run the above command, you should get service.yaml, deployment.yaml and test-connection.yaml with actual values. It renders the templates locally by replacing all placeholders with their actual values.

Step 4: There is one more sanitary command lint provided by helm which you could run to identify possible issues forehand.

$ helm lint weather-helm

Output:

==> Linting weather-helm
[INFO] Chart.yaml: icon is recommended

1 chart(s) linted, 0 chart(s) failed

Step 5: The next check which we are going to do is -dry-run. This allows developer to test its configuration before running the final install command

Use the following -dry-run command to verify your Helm Chart.

$ helm install weather-helm --debug --dry-run weather-helm

If there is something wrong with your Helm chart configuration then it will going to prompt you immediately.

Push vs. Install

  • Pushing a chart will only push a chart to a Helm repository (and automatically package it)
  • Installing a chart will create a brand new release from a Helm chart.

Helm install

Helm charts can be installed using helm install command by one of several methods:

  • A chart repository (helm install stable/foo)
  • A local chart archive (helm install foo foo-0.1.1.tgz)
  • An unpacked chart directory (helm install foo path/to/foo)
  • A full URL (helm install foo example.com/charts/foo-1.2.3.tgz)

Step 1: Let's then install the chart.

$ helm install weather weather-helm
NAME: weather
LAST DEPLOYED: Sat Nov 26 18:51:17 2022
NAMESPACE: default
STATUS: deployed
REVISION: 1

Let's break down the command because it might be a little confusing for you if you're doing it for the first time.

During the installation command, we used two different names -

weather: This is a release name for the Helm chart, otherwise, the helm will generate its own release name, so we assigned this name.

weather-helm: It is the actual chart name that we created in the previous step.

Step 2: Verifying the helm install

$ helm list -a
NAME    NAMESPACE       REVISION        UPDATED                                 STATUS          CHART                   APP VERSION
weather default         1               2022-11-26 18:51:17.346245631 +0530 IST deployed        weather-helm-0.1.0      1.16.0

Let's do some cross verification using kubectl commands also, so that we can make sure helm has done its work.

$ kubectl get all
NAME                                        READY   STATUS             RESTARTS   AGE
pod/weather-weather-helm-6b944bb4b4-gqh9q   0/1     InvalidImageName   0          2m3s

NAME                           TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
service/kubernetes             ClusterIP   10.96.0.1       <none>        443/TCP    63d
service/weather-weather-helm   ClusterIP   10.106.46.243   <none>        8080/TCP   2m3s

NAME                                   READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/weather-weather-helm   0/1     1            0           2m3s

NAME                                              DESIRED   CURRENT   READY   AGE
replicaset.apps/weather-weather-helm-6b944bb4b4   1         1         0       2m3s

Step 3: We have now installed the first helm chart for your application. You can now access the application and put it to the test. Using the curl command with the specified port number.

Step 4: Upgrade the helm release

There is one more feature of Helm Chart which is helm upgrade. It makes it easy for devops to release the new version of application.

Lets take the same weather release and update its replicaCount from 1 to 2

But before we need to update the replicaCount. First we need to udpate the version in Chart.yaml from 0.1.0 to 0.1.1

apiVersion: v2
name: weather
description: A Helm chart for Kubernetes
type: application
version: 0.1.1
appVersion: 1.16.0

And upgrading the value of replicaCount to 2

Now run the following command

$ helm upgrade weather .

Verify by running helm list -a and kubectl get deployment

Step 5: Rollback Helm release

In the above step we upgraded the Helm chart release from version 1 to version 2.

So let's see rollback feature of the Helm Chart.

$ helm rollback weather 1

You will see that we have successfully rolled back the release to the previous version. But one interesting thing about Helm is, it still updates the REVISION to 3

To confirm that we have actually rolled back our Helm Chart release, lets run some kubectl commands.

$ kubectl get deployments

Now it is confirmed that we now have only one replica running for "weather" deployments.

Step 6: Delete Helm release

Wouldn't it be nice if you need to run only one command to delete your Helm release and you do not have to do anything else.

$ helm delete weather

Visit Helm doc's to learn more about it!

Did you find this article valuable?

Support Harshita Sao by becoming a sponsor. Any amount is appreciated!