Kubernetes Configuration Management with Helm

Motivation

When I was a ops person my responsibilities were deploying and managing physical servers and virtual machines. When servers were spun up, the first task that I did was running my Ansible playbook. It was about setup hostname, config DNS, create users, copy ssh keys, and install useful packages such as sysstat , vim , etc . I followed GitOps mindset to store all changes of playbook which helped me to review easily.

Kubernetes has become the standard for deploying, managing and scaling containerized applications in private and public environments. What tasks will you do when cluster is available ? What tasks will be repeatable daily ? Here are tasks I do most:

  • Create namespace

  • Add registry credentials (regcreds) to namespace

  • Create Service Account and binding Role/ClusterRole

  • Add quota to namespace

  • etc

So what tool can help me do all above tasks ? I found Helm !

What is Helm ? Why using it ?

If Kubernetes cluster is a fleet, Helm is captain's steering wheel. Helm is a Package Manager for Kubernetes, but with me, it’s also Configuration Management for Management.

I write Helm Chart to manage my clusters from creating namespace to adding quota or managing Service Account. Chart code is stored in Git and CI/CD tools like Jenkins or gitlab-runner apply all changes automatically.

Implementation

Code repository

.
├── Chart.yaml
├── README.md
├── templates
│   ├── cluster-role-bindings.yaml    # define ClusterRoleBinding
│   ├── cluster-roles.yaml            # define ClusterRole
│   ├── isolate-network-policies.yaml # define NetworkPolicy
│   ├── namespaces.yaml               # define Namespace
│   ├── quotas.yaml                   # define Quota
│   ├── regcreds.yaml                 # define Registry Credential
│   ├── role-bindings.yaml            # define RoleBinding
│   └── service-accounts.yaml         # define ServiceAccount
└── values.yaml  # configuration value

You can see sample code in repo

values.yaml

I define all namespace, service accounts, … in this file. This file is usually changed when managing clusters.

namespaces.yaml

All templates can be found in this repo

Example running

$ helm install common . [--dry-run]   # Helm v3
# helm list
# helm status common

Summary

Helm is a powerful tool to work with Kubernetes. It’s not only package manager but also configuration manager for Kubernetes clusters. I hope you found this article useful and will use it with your daily tasks.

PreviousTroubleshooting Pipeline Jobs

Last updated