# Kubernetes Configuration Management with Helm

{% embed url="<https://www.youtube.com/watch?v=vQX5nokoqrQ>" %}

## Motivation <a href="#id-2ed9" id="id-2ed9"></a>

When I was a ops person my responsibilities were deploying and managing physical servers and virtual machines. When servers were spun up, the first task that I did was running my **Ansible** playbook. It was about setup hostname, config DNS, create users, copy ssh keys, and install useful packages such as `sysstat` , `vim` , etc . I followed **GitOps** mindset to store all changes of playbook which helped me to review easily.

**Kubernetes** has become the standard for deploying, managing and scaling containerized applications in private and public environments. What tasks will you do when cluster is available ? What tasks will be repeatable daily ? Here are tasks I do most:

* Create namespace
* Add registry credentials (regcreds) to namespace
* Create Service Account and binding Role/ClusterRole
* Add quota to namespace
* etc

So what tool can help me do all above tasks ? I found Helm !

## What is Helm ? Why using it ? <a href="#d5d4" id="d5d4"></a>

If Kubernetes cluster is a fleet, Helm is captain's steering wheel. Helm is a Package Manager for Kubernetes, but with me, it’s also Configuration Management for Management.

I write **Helm Chart** to manage my clusters from creating namespace to adding quota or managing Service Account. Chart code is stored in Git and CI/CD tools like **Jenkins** or **gitlab-runner** apply all changes automatically.

<figure><img src="https://miro.medium.com/max/1090/1*Lz14y_N5ZiEbP3VArRQ9_g.png" alt=""><figcaption></figcaption></figure>

## Implementation <a href="#id-7f3f" id="id-7f3f"></a>

### Code repository <a href="#id-9e13" id="id-9e13"></a>

```
.
├── Chart.yaml
├── README.md
├── templates
│   ├── cluster-role-bindings.yaml    # define ClusterRoleBinding
│   ├── cluster-roles.yaml            # define ClusterRole
│   ├── isolate-network-policies.yaml # define NetworkPolicy
│   ├── namespaces.yaml               # define Namespace
│   ├── quotas.yaml                   # define Quota
│   ├── regcreds.yaml                 # define Registry Credential
│   ├── role-bindings.yaml            # define RoleBinding
│   └── service-accounts.yaml         # define ServiceAccount
└── values.yaml  # configuration value
```

You can see sample code in [**repo**](https://github.com/nghnam/kube-common-setup)

### values.yaml <a href="#ab4b" id="ab4b"></a>

I define all namespace, service accounts, … in this file. This file is usually changed when managing clusters.

### namespaces.yaml <a href="#id-9108" id="id-9108"></a>

All templates can be found in this [**repo**](https://github.com/nghnam/kube-common-setup/tree/master/templates)

### Example running <a href="#bb0e" id="bb0e"></a>

```
$ helm install common . [--dry-run]   # Helm v3
```

<figure><img src="https://miro.medium.com/max/1194/1*nYKDiDLlT76-bb0Gxe7EOQ.png" alt=""><figcaption><p>Display rendered output</p></figcaption></figure>

```
# helm list
# helm status common
```

<figure><img src="https://miro.medium.com/max/1400/1*TEyPYVCmVWSOAgAaSzeOsA.png" alt=""><figcaption></figcaption></figure>

## Summary <a href="#id-22cc" id="id-22cc"></a>

Helm is a powerful tool to work with Kubernetes. It’s not only package manager but also configuration manager for Kubernetes clusters. I hope you found this article useful and will use it with your daily tasks.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://devops.kaleyra.io/know-how/kubernetes-configuration-management-with-helm.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.