Getting Started with Helm for K8s

Using the intructions from:

https://docs.helm.sh/using_helm/

Now I am abreviating most of what is in the docs but I want to clarify on one thing I learn while installing helm. Since I am using K8s 1.9.3 RBAC is required. It would be easy to read to fast through the documentation quickstart and install helm before setting up your roles.

Just for ease I jump straight to this section https://docs.helm.sh/using_helm/#role-based-access-control

Create the rbac-config.yaml file with the following:

apiVersion: v1

kind: ServiceAccount
metadata:
 name: tiller
 namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
 name: tiller
roleRef:
 apiGroup: rbac.authorization.k8s.io
 kind: ClusterRole
 name: cluster-admin
subjects:
 - kind: ServiceAccount
   name: tiller
   namespace: kube-system

 

Now your namespace and Service account roles might be different. This works for my clusters. Read the documentation carefully to make sure you don’t create a security hole.

Download and install helm

1. Download the correct version for your system. Also if you are managing form a Mac, there is a homebrew install
   • https://github.com/kubernetes/helm/releases
   • For macos:
   • brew install kubernetes-helm
2. If you downloaded helm for linux or another system unpack and set the permissions on the binary
   • tar -zxvf helm-v2.0.0-linux-amd64.tgz
   • mv linux-amd64/helm /usr/local/bin/helm
3. Now if you have helm extracted and installed you should be able to type “helm version” or “helm help”

Setup your RBAC and Install Helm

 

$kubectl create -f rbac-config.yaml

serviceaccount "tiller" created

clusterrolebinding "tiller" created

$ helm init --service-account tiller

We initialized helm with the service account we created within our K8s cluster. Helm has 2 components. First is the helm client. Which is what you are running from your CLI. The second peice is a pod called tiller-deploy-<some unique id>. You can see this pod in my environment by running

$kubectl get pod -n kube-system

If you installed helm into another namespace you will have to substitute your namespace for kube-system.

 

Basically helm uses a chart. The contents of a chart can be found here(with an example of the files in the directory):

https://docs.helm.sh/developing_charts/#charts

wordpress/

Chart.yaml          # A YAML file containing information about the chart

LICENSE             # OPTIONAL: A plain text file containing the license for the chart

README.md           # OPTIONAL: A human-readable README file

requirements.yaml   # OPTIONAL: A YAML file listing dependencies for the chart

values.yaml         # The default configuration values for this chart

charts/             # OPTIONAL: A directory containing any charts upon which this chart depends.

templates/          # OPTIONAL: A directory of templates that, when combined with values,

# will generate valid Kubernetes manifest files.

templates/NOTES.txt # OPTIONAL: A plain text file containing short usage notes

There are many preconfigured charts in the default repo. You can also add a github repository of your own application as a repo that way you can easily install your charts anywhere. I will post this as a seperate blog.

So how do I actually deploy an application?

$helm install [chart] [flags]

In the following youtube demo I actually have the chart locally on my machine because I wanted to edit the values.yaml file to change some default options. There are ways to override the defaults in the command line. I decided to explore the chart a little more.

To download a chart

$helm fetch [chart]

This will download the tgz file and you can expand this file and see all the contents. For me a good way to learn was to start tweaking the files and see what happened.