Helm-1233333333333333333333_Masterclass-v3.pptx

StackSimplify
Helm Masterclass
Kalyan Reddy Daida

StackSimplify
© Kalyan Reddy Daida
AWS EKS
Kubernetes
Azure AKS
Kubernetes
AWS
CloudFormation
DevOps on
AWS & Azure
AWS ECS
Docker on AWS Kubernetes
Certifications
CKAD, CKA, CKS
HashiCorp Certified Terraform Associate on AWS with 50 Practical Demos
HELM Masterclass
40+ Concept
Demos
Terraform on AWS with SRE and IaC DevOps with 20 Real-World Demos
HashiCorp Certified Terraform Associate on Azure with 75 Practical Demos
Terraform on Azure with IaC DevOps SRE with 25 Real-World Demos
Jenkins
Ansible
Azure Certs
AZ-900, 104, 204,
400
DevOps &
SRE
Roadmap
Google Cloud
Associate &
Professional Certs
Azure AKS
Part-2
Terraform on AWS EKS Elastic Kubernetes Service with 50+ Real-World Demos
Google Kubernetes Engine with DevOps - 75+ Real-World Demos

StackSimplify
Associate Cloud Engineer
Professional Cloud Architect
Digital Cloud Leader
Professional Cloud Network Engineer
Professional Cloud Security Engineer
Professional Cloud DevOps Engineer
Professional Cloud Data Engineer
Professional Cloud Developer
Google Cloud Certifications
Road Map
Google Cloud Real-World
Courses Road Map
GKE Google Kubernetes Engine with
DevOps - 75+ Real-World Demos
Terraform on Google Cloud
with DevOps SRE - 50+ Real-World Demos
AWS EKS Kubernetes
Azure AKS Kubernetes
AWS ECS Docker on AWS
Terraform on AWS Cloud
Terraform on Azure Cloud
Terraform on AWS EKS

StackSimplify
Associate Cloud Engineer
Professional Cloud Architect
Digital Cloud Leader
Professional Cloud Network Engineer
Professional Cloud Security Engineer
Professional Cloud DevOps Engineer
Professional Cloud Data Engineer
Professional Cloud Developer
Google Cloud Certifications
Road Map
Google Cloud Real-World
Courses Road Map
GKE Google Kubernetes Engine with
DevOps - 70+ Real-World Demos
Terraform on Google Cloud
with DevOps SRE - 50+ Real-World Demos
AWS EKS Kubernetes
Azure AKS Kubernetes
AWS ECS Docker on AWS
Terraform on AWS Cloud
Terraform on Azure Cloud
Terraform on AWS EKS
Best
Selling
Courses

StackSimplify
Helm Masterclass: 50 Practical Demos for Kubernetes
DevOps
Kalyan Reddy Daida

StackSimplify
24
Helm
Commands
helm create
helm install
helm upgrade
helm rollback
helm package
helm list
helm repo
helm search
helm lint
helm template
helm get
helm history
helm pull
helm plugin
helm show
helm status
helm test
helm verify
helm version
helm env
helm
dependency
helm push
helm uninstall
helm help
Also covered many
Sub Commands and
Flags

StackSimplify
15
Helm
Development
Demos
Built-in Objects
(.Release, .Chart, .Files, .Values)
Helm Development Basics
(Template Actions, Control White
Spaces, default, lower, nindent)
Flow Control Actions
(If-Else, With, Range)
Template Functions
EQ, AND, NOT, OR, toYaml
Named Templates
(_helpers.tpl)

StackSimplify
Dependency
(Alias, Condition, Tags)
Sub Charts
(Global Values, Override Subchart
Values, Import Values)
Create and Package
Helm Charts
Hooks
(Types, Deletion Policy, Weight,
Tests)
Starters, Plugins
Helm
Important
Concepts

StackSimplify
Host Helm Repository on GitHub
with GitHub Pages
Sign and Verify Charts
Integrate GitHub Helm Repository
with Artifact Hub
Helm Values
Validate JSON Schema
Each demo will have its own Helm Chart
Helm
Important
Concepts

StackSimplify
GitHub Repositories
Repository Used For Repository URL
Course Main Repository with step-by-step
documentation
https://github.com/stacksimplify/helm-masterclass
Course Presentation https://github.com/stacksimplify/helm-masterclass/tree/main/course-
presentation
Helm Charts Repo 1 https://github.com/stacksimplify/helm-charts
Helm Charts Repo 2 https://github.com/stacksimplify/helm-charts-repo
130+ presentation slides outlining various
Helm concepts we have implemented

StackSimplify
HELM Learning
Environment Setup
Docker Hub
Docker Desktop
Helm CLI
Demo-01

StackSimplify
HELM Learning Environment Setup
Docker
Desktop
(Download and Install)
Docker Hub
(Sign Up)
Helm CLI
(Download and Install)
Kubernetes
Cluster
(Enable in Docker
Desktop)
Deploy k8s
Manifests
(Test k8s Cluster)

StackSimplify
HELM Install
Commands
Demo-02
helm install
helm repo
helm search
helm list
helm uninstall

StackSimplify
Helm Install
Local Desktop
Helm CLI k8s Cluster
Helm Repo
helm repo <COMMANDS>
helm install RELEASE-NAME CHART-NAME
helm list
helm search repo <COMMANDS>
1
2
3
4
helm repo add REPO-NAME REPO-URL
helm repo list
helm search repo nginx
5 helm uninstall RELEASE-NAME
Bitnami
helm search
helm install
helm repo
helm uninstall
helm list

StackSimplify
HELM Upgrade
Commands
Demo-03
helm upgrade
helm status
helm history

StackSimplify
Helm Upgrade with--set Option
Local Desktop
Helm Repo
helm install RELEASE-NAME CHART-NAME
helm upgrade –set image.tag=2.0.0
1
2
3
4
helm repo list
helm search repo stacksimplify/mychart1
StackSimplify
5
6
(Hosted on GitHub)
helm history
helm status
helm upgrade

StackSimplify
HELM Upgrade
with Chart Version
Demo-04
helm rollback

StackSimplify
Helm Install & Upgrade with Chart Version
Local Desktop
Helm Repo
helm install REL-NAME CHART-NAME --version “0.1.0”
helm upgrade REL-NAME CHART-NAME --version “0.2.0”
1
2
3
4
helm repo list
helm search repo stacksimplify/mychart2 --versions
StackSimplify
helm upgrade REL-NAME CHART-NAME
5
(Hosted on GitHub)
helm rollback
helm rollback
6
helm search repo stacksimplify/mychart2 --version “0.3.0”

StackSimplify
HELM Uninstall
Demo-05
--keep-history flag

StackSimplify
Helm Uninstall with--keep-history flag
Local Desktop
Helm Repo
helm install REL-NAME CHART-NAME --version “0.1.0”
helm upgrade REL-NAME CHART-NAME --version “0.2.0”
1
2
3
4
helm repo list
helm search repo stacksimplify/mychart2 --versions
StackSimplify
helm upgrade REL-NAME CHART-NAME
5
(Hosted on GitHub)
helm uninstall REL-NAME --keep-history
helm rollback
6
helm search repo stacksimplify/mychart2 --version “0.3.0”
Removes all associated resources and
marks the release as deleted
In addition, also retains the release history
which helps us to rollback to deleted
release
--keep-history flag

StackSimplify
HELM Install
Demo-06
--generate-name flag

StackSimplify
Helm Install with--generate-name flag
Local Desktop
Helm Repo
helm install CHART-NAME --generate-name
1
2
3
helm repo list
StackSimplify
(Hosted on GitHub)
helm install CHART-NAME --generate-name
It auto-generates the RELEASE-NAME
When we are implementing DevOps
Pipelines, if we want to generate the names
of our releases without throwing duplicate
release errors, we can use this setting.
--generate-name flag
NodePort
Service
helm install stacksimplify/mychart1 --generate-name
User
http://localhost:31231

StackSimplify
HELM Install
Demo-07
--atomic flag

StackSimplify
Helm Install with--atomic flag
Local Desktop
Helm Repo
helm install REL-NAME CHART-NAME
1
2
3
helm repo list
StackSimplify
(Hosted on GitHub)
helm install REL-NAME CHART-NAME --atomic
when --atomic flag is set, the installation process deletes the installation (release) on
failure.
The --wait flag will be set automatically if --atomic is used
--atomic flag
NodePort
Service
helm install dev101 stacksimplify/mychart1
User
helm install qa101 stacksimplify/mychart1
--wait will wait until all until all k8s resources (pods, deployments, svc) are
in a ready state before marking the release as successful. It will wait for
as long as --timeout
--timeout time to wait for any individual Kubernetes operation (like Jobs for hooks)
(default 5m0s)
helm install qa101 stacksimplify/mychart1 --atomic
This will create a
failed release due to
NodePort conflict
This will delete the
release as soon as the
release is failed

StackSimplify
HELM
Kubernetes Namespaces
Demo-08

StackSimplify
Helm with Kubernetes Namespaces
Local Desktop
Helm CLI
k8s Cluster
Helm Repo
helm install REL-NAME CHART-NAME --namespace dev --create-namespace
1
2
3
helm repo list
StackSimplify
(Hosted on GitHub)
helm install REL-NAME CHART-NAME --namespace dev --create-namespace
--create-namespace: Create the release namespace if not present
--namespace or –n : In which namespace our k8s resources should be deployed
using HELM
--namespace or –n and --create-namespace flag
NodePort
Service
helm install dev101 stacksimplify/mychart2 --namespace dev --create-namespace
User
By default, Kubernetes deploys resources in default namespace, so we didn’t use the
-n or --namespace in our previous demos with HELM Commands.
Important Note: During helm uninstall, the created namespace will not get deleted,
only k8s resources deployed in that namespace will be deleted.
dev Namespace

StackSimplify
HELM
Override Values
Demo-09
helm install --dry-run
helm install --debug
helm upgrade --dry-run
helm install --debug
helm get

StackSimplify
Helm- Override Values--set,-f and get
helm install myapp901 stacksimplify/mychart1 --set service.nodePort=31240
helm install myapp901 stacksimplify/mychart1 -f myvalues.yaml
Override
with
--set
Override
with
--values or -f helm install myapp901 stacksimplify/mychart1 --values myvalues.yaml
Already covered in Demo-3, here we are going to use to learn --dry-run and --debug flags
helm get values RELEASE_NAME
helm get manifest RELEASE-NAME
helm get notes RELEASE-NAME
helm get hooks RELEASE-NAME
helm get: Downloads information from a named release. Can extract info from releases like myapp1, myapp101 etc
helm get all RELEASE-NAME

StackSimplify
Helm --dry-run and--debug
helm install myapp901 stacksimplify/mychart1 --dry-run
--dry-run
(Simulate)
--debug
helm upgrade myapp901 stacksimplify/mychart1 --dry-run
helm uninstall myapp901 --dry-run
helm template myapp901 --dry-run
helm install myapp901 stacksimplify/mychart1 --debug
helm upgrade myapp901 stacksimplify/mychart1 --debug
--debug: enables verbose output (Will be present in most of the HELM commands)
helm install myapp901 stacksimplify/mychart1 --dry-run --debug
helm upgrade myapp901 stacksimplify/mychart1 --dry-run --debug
helm uninstall myapp901 --dry-run --debug
helm template myapp901 --dry-run --debug
--dry-run
&
--debug
helm uninstall myapp901 --debug

StackSimplify
HELM Create
Understand
HELM Chart Folder
Structure
Demo-10

StackSimplify
Helm Chart- Folder Structure
• .helmignore
• Contains patterns to ignore when
packaging helm charts
• Chart.yaml
• Contains all important chart
information (chart metadata)

StackSimplify
• values.yaml
• The default configuration values for this
chart
• We have implemented multiple demos
by overriding values from values.yaml
using –f myvalues.yaml and --set
• charts folder
• A directory containing any charts upon
which this (parent chart) chart depends
• Example:
• Parent Chart: UMS App
• Sub Chart (charts folder): mysql db chart

StackSimplify
• templates folder
• A directory of templates that, when
combined with values, will generate valid
Kubernetes manifest files.
• This is where Helm finds the YAML
manifests for our Services, Deployments
and other Kubernetes objects.
• If we already have Kubernetes resources
for our application, we just to need to
convert them to Helm equivalent and put
them in templates folder so that we can
deploy them using helm install command
• Helm runs each file in this directory
through a Go template rendering engine.

StackSimplify
• templates/_helpers.tpl
• Sometimes you want to create some
reusable parts in your chart then we
can use this file.
• In the templates/ directory, any file
that begins with an underscore(_) is
not expected to output a Kubernetes
manifest file.

StackSimplify
• Why do we need templates/NOTES.txt ?
• This is an optional file which provides important
information about our Helm Chart
• Example: How to access the Application deployed
using this Helm Chart?
• How does templates/NOTEST.txt work?
• NOTES.txt file is rendered same as regular template
file (deployment.yaml, service.yaml) by Helm
• The main difference is after NOTES.txt rendered,
it’s not sent to Kubernetes Cluster, but the output
is displayed in the command line window.
• As it behaves same as regular Helm Templates, we
can fetch values from the values.yaml file, we can
fetch values from the built-in
objects .Chart, .Release, add if conditional blocks,
use flow control, functions, pipelines, and so on.

StackSimplify
• tests folder
• We write tests that validate our chart
works as expected when it is installed.
• These tests also help the chart
consumer understand what this Helm
chart is supposed to do.
• Example Tests
• Verify k8s services in chart are up and
correctly load balancing
• Verify if application is up and running
after deploying the Chart
helm test RELEASE-NAME

StackSimplify
• README.md
• We will document on how to use this HELM
Chart in this file
• LICENSE
• License file about usage of HELM Chart

StackSimplify
HELM Built-In Objects
.Release
.Chart
.Values
Demo-11
.Capabilities
.Template
.Files
Root Object dot (.)

StackSimplify
Helm Built-In Object- Root Object (.)
• Root Object dot or Period (.)
• Top level Helm Object
• At the top-level Helm initializes dot
(.) to an object with keys like
• .Release
• .Values
• .Chart
• .Capabilities
• .Template
• .File
• Very Very Important Note: If we
use dot (.) inside range and with
actions, it is going to be current
context in that respective block
and not the Root Helm Object.
Input:
Output:
Objects are passed into a template from the template engine
Objects can be simple, and have just one value or they can
contain other objects or functions
Helm Objects

StackSimplify
Helm Built-In Objects- .Release Object
• .Release Object
• Contains Helm Release
Information
• Example: We can put our k8s
deployment name in combination
with release name
using .Release.Name object by
accessing it in deployment.yaml
helm template.
Input:
Output:

StackSimplify
Helm Built-In Objects- .Chart Object
• .Chart Object
• Contains Helm Chart Information
• We can access any data from
Chart.yaml file
• Chart.yaml fields for reference:
https://helm.sh/docs/topics/chart
s/#the-chartyaml-file
Input:
Output:

StackSimplify
Helm Built-In Objects .Values Object
• .Values Object
• Values Object contains values
from the values.yaml file and if
any user-supplied values (-f or --
set) that can be passed to
templates
Input:
Output:

StackSimplify
Helm Built-In Objects- .Capabilities Object
• .Capabilities Object
• This provides information
about what capabilities the
Kubernetes cluster supports
Input:
Output:

StackSimplify
Helm Built-In Objects- .Template Object
• .Template Object
• Contains information about
the current template that is
being executed
Input:
Output:

StackSimplify
Helm Built-In Objects- .Files Object
• .Files Object
• This provides access to all
non-special files in a chart
• We cannot use it to access
templates
• We can use it to access other files
in the chart.
Input:
Output:

StackSimplify
HELM Development
Template Action {{ }}
Quote Function
Pipeline
default Function Demo-12
Manage Whitespaces
indent
nindent
toYaml
Basics

StackSimplify
Helm Development Basics
Template Actions
Action Elements
quote Function
Pipeline
default function
lower function
Controlling Whitespaces indent function
nindent function
toYaml function

StackSimplify
HELM Development
EQ Function
Demo-13
Flow Control
if, else if, else

StackSimplify
• If / Else: helps us to create
Conditional blocks
• eq Function: Returns the
boolean equality of the
arguments (e.g., Arg1 == Arg2).
Helm Flow Control- If Else, eq Function
deployment.yaml
values.yaml
eq .Arg1 .Arg2

StackSimplify
HELM Development
AND Function
Demo-14
Flow Control
if, else if, else
Boolean Check

StackSimplify
• and Function: Returns the
boolean AND of two or more
arguments
Helm Flow Control- If Else, AND, Boolean
deployment.yaml
values.yaml
and .Arg1 .Arg2

StackSimplify
HELM Development
OR Function
Demo-15
Flow Control
if, else if, else

StackSimplify
• or Function: Returns the
boolean OR of two or more
arguments
Helm Flow Control- If Else, or
deployment.yaml
values.yaml
or .Arg1 .Arg2

StackSimplify
HELM Development
not Function
Demo-16
Flow Control
if, else if, else

StackSimplify
• not Function: Returns the
boolean negation of its
argument.
Helm Flow Control- If Else, not
deployment.yaml
values.yaml
not .Arg1

StackSimplify
HELM Development
Demo-17
Flow Control
with

StackSimplify
• with Action: Controls variable
scoping
• It can allow you to set the current
scope (.) to a particular object.
• Example: Pod Annotations
• Inside the with action, dot "."
always refers
to .Values.podAnnotations
• Outside the with action, dot "."
refers to Root Object
Helm Flow Control- with
deployment.yaml
values.yaml

StackSimplify
• How to access Root Objects inside WITH or RANGE Action?
• To access Root Objects inside WITH action we need to prepend that Root
object with $
deployment.yaml
Prepend with $

StackSimplify
deployment.yaml
values.yaml
• Access Single Object from Dictionary
• How to retrieve a single object from .Values.myapps.data.config ?
• What if there is only need for 1 or 2 values from .Values.myapps.data.config ?
• How to access each key value from .Values.myapps.data.config ?

StackSimplify
HELM Development
Demo-18
Flow Control
with & if-else

StackSimplify
• We are going to use WITH Action and If-Else in combination in this demo
• We are going to re-implement Demo-14: Flow Control If-Else with Boolean
Check and AND Function in combination with WITH Action.
• WITH simplifies the template code.
Helm Flow Control- If Else, AND, Boolean, With
WITH Action - deployment.yaml
Demo-14: deployment.yaml

StackSimplify
HELM Development
Demo-19
Variables

StackSimplify
• Variables are used to
simplify code
• Primarily used in WITH,
RANGE Actions and Named
Templates
• Variables are assigned with
a special assignment
operator :=
Helm Variables
How to define a Variable ?
How to reference a Variable ?
deployment.yaml

StackSimplify
HELM Development
Demo-20
Flow Control- Range Action
List

StackSimplify
• Range in Helm is equivalent to for,
foreach from other programming
languages
• In Helm, we can iterate over a
collection using Range Operator
• Range Demos
• Lists
• Demo-1: Range with Lists
• Demo-2: Range with Lists in combination with
Helm Variables
• Dictionaries
• Demo-1: Range with Dictionary / Map
• Demo-2: Range with Dictionary in
combination with Helm Variables
Helm Flow Control- Range Action
values.yaml
namespace.yaml
Range
with List
Demo-1

StackSimplify
Helm Flow Control- Range Action + Helm Variables
values.yaml namespace-with-variable.yaml
Range
with List
Demo-2

StackSimplify
HELM Development
Demo-21
Flow Control - Range Action
Dictionary

StackSimplify
Helm Flow Control- Range Action with Dict
values.yaml
configmap.yaml
Demo-1
Range Action with
Dictionary

StackSimplify
Helm Flow Control- Range Action with Dict
values.yaml
configmap-with-variable.yaml
Demo-2
Range Action with
Dictionary with
Variable

StackSimplify
HELM Development
Demo-22
Named Templates

StackSimplify
• What is named template ?
• A template defined inside a file (_helpers.tpl) and
given a name
• How to declare a named template ?
• We can declare it using define action
• What is the naming convention for named
templates ?
• Template names are global
• If you declare two templates with the same
name, whichever one is loaded last will be
the one used.
• Template name: <chartname>.<relevant-
template-name>
• Example: helmbasics.labels
HELM Named Templates
File:

StackSimplify
• How to call a named template ?
• We can call a named template using
template
• If we want to access any built-in objects in
our named template, what should we do ?
• We should pass the Root Object (.) as
scope to template call
• How to use Helm Pipelines in a template
call ?
• template action doesn’t allow pipelines
• Using special purpose function named
include, we can use pipelines
HELM Named Templates

StackSimplify
• templates/_helpers.tpl
• Sometimes you want to create some
reusable parts in your chart then we
can use this file.
• In the templates/ directory, any file
that begins with an underscore(_) is
not expected to output a Kubernetes
manifest file.
• In short, _helpers.tpl file contains the
re-usable named templates required
for our Helm Charts

StackSimplify
HELM Development
Demo-23
Named Templates
Create Resource Names
printf Function

StackSimplify
• We will create a reusable
named template for Resource
Names
• printf Function
• Very very important function
• It returns a string based on a
formatting string
• We need to pass the
arguments in the formatting
string order
Helm Named Templates- printf Function
deployment.yaml - Before Change
deployment.yaml - After Change
Named Template

StackSimplify
HELM Development
Demo-24
Named Templates
Template in Template

StackSimplify
• We are going to call one named template in other named template and
test it
Helm Named Template- Template in Template
File: _helpers.tpl

StackSimplify
HELM
Demo-25
Create & Package

StackSimplify
Helm Create & Package
helm create
Make changes to Chart
(Image Tag, NodePort)
helm install from chart folder and
verify
helm package from chart folder
Make changes
(version and appVersion in Chart.yaml)
helm package from chart folder
helm install from package file
(myfirstchart-2.0.0.tgz) and verify
helm package using
--version and ---app-version flags
helm install from package file
(myfirstchart-3.0.0.tgz) and verify
1.0.0
2.0.0
3.0.0

StackSimplify
HELM
Demo-26
Dependency

StackSimplify
Helm Dependency
Parent Chart or Main Helm
Chart
Sub Charts or Child Charts
Chart dependencies
refer to the mechanism
by which a Helm chart
can declare and
manage its external
dependencies on other
charts
This feature is
particularly useful when
we are building complex
applications that consist
of multiple components
or services, and we want
to manage their
deployment as a single
unit.

StackSimplify
Helm Dependency- Chart.yaml
Parent Chart: Chart.yaml

StackSimplify
HELM
Demo-27
Dependency
Alias

StackSimplify
Helm Dependency- Alias
Useful when you
have to add the
same chart
multiple times

StackSimplify
HELM
Demo-28
Dependency
Condition

StackSimplify
Helm Dependency- Condition
Parent Chart: values.yaml
Define a YAML path in
values.yaml, which will be
used for
enabling/disabling charts

StackSimplify
HELM
Demo-29
Dependency
Condition + Alias

StackSimplify
Helm Dependency- Condition + Alias

StackSimplify
HELM
Demo-30
Dependency
Tags

StackSimplify
Helm Dependency- Tags
Tags can be used to
group charts for
enabling/disabling
together

StackSimplify
Helm Dependency- Tags
When tags are used we can see how
simple it is easy to group and enable /
disable them as a group
When it is 2 to 3 charts it will be easy to manage with “condition: chartname.enabled” approach but if we are dealing with
10’s of charts then its good to use Tags appraoch

StackSimplify
HELM
Demo-31
Dependency
Override Sub chart values from
Parent Chart

StackSimplify
Helm Dependency- Override Sub chart Values
Both Sub chart
k8s deployments will create
3 replicas each

StackSimplify
HELM
Demo-32
Sub Charts
Use Global Values in Sub Charts

StackSimplify
Helm Parent Chart
Define Global value in
parent chart values.yaml
and use it in Sub Charts

StackSimplify
Helm Sub Chart- Changes
Child Chart: mychart2 deployment.yaml Child Chart: mychart4 deployment.yaml

StackSimplify
Helm Sub Chart- Changes
Parent Chart: deployment.yaml

StackSimplify
HELM
Demo-33
Dependency
Import Values Explicit

StackSimplify
Helm Dependency- Import Values Explicit
Parent Chart: Chart.yaml Child Chart: mychart1: values.yaml
ImportValues holds the mapping of child
chart values to parent key (mychart1Data)
to be imported.

StackSimplify
Helm Dependency- Import Values Explicit
Parent Chart: configmap.yaml
The value which we have exported from child chart
(mychart1) and which we have imported in parent chart
is used in above configmap for testing

StackSimplify
HELM
Demo-34
Dependency
Import Values Implicit

StackSimplify
Helm Dependency- Import Values Implicit
Parent Chart: configmap.yaml
The value which we which we
have imported in parent chart is
used in above configmap for
testing
We don’t need to explicitly define the exports in Sub Chart values
as part of this approach

StackSimplify
HELM
Demo-35
Starter Charts

StackSimplify
• What are Helm Starter charts ?
• Starter charts are same as regular Helm Charts
• They are reusable templates that helps us in
building new charts.
• A new developer don't need to start from
scratch in your organization if you already have
starter charts, he can use them and build on
top of it.
• We can also enforce certain resources that
needs to be available in the charts created
using Helm Starters.
Helm Starters
Starter Chart Template
Create a Helm Chart using Starter Chart

StackSimplify
• Where do we place the Helm Starter charts ?
• We need to place starter charts in folder
$HELM_DATA_HOME/starters folder
Helm Starters

StackSimplify
• Are there any drawbacks ?
• The Chart.yaml will be overwritten by the generator.
• Due to that we don't get the chart version, appversion or dependencies info
in Chart.yaml from the starter chart template.
• If you have any sub charts in your starter chart in “charts” directory those will
copied as packaged tgz files to new chart. We manually need to update
Chart.yaml dependencies accordingly
Helm Starters
Starter Chart Template: Chart.yaml Chart created using Starter Chart: Chart.yaml

StackSimplify
HELM
Demo-36
Plugins

StackSimplify
• Helm Plugins are add-on tools to existing
HELM CLI
• Helm Plugins are not part of Helm
codebase.
• Helm is built on GO programming language
• Helm Plugins provide a way to extend
the core feature set of Helm by
providing flexibility to develop
plugins in any programming
language
• We can access Helm Plugins using HELM CLI
Helm Plugins
Popular Helm Plugins: https://helm.sh/docs/community/related/#helm-plugins
helm plugin <list, install, uninstall, update>
helm plugin install <PLUGIN-URL>
helm <PLUGIN-NAME> <PLUGIN-COMMAND>
helm starter list
helm dashboard
helm plugin install https://github.com/salesforce/helm-
starter.git
helm plugin install https://github.com/komodorio/helm-
dashboard.git
Helm Plugin usage using Helm CLI:
Helm Plugin Commands:

StackSimplify
HELM
Demo-37
Build Plugins

StackSimplify
Helm- Build Plugin – myplugin1
myplugin1 : plugin.yaml
Plugin Folder Structure
myplugin3: Folder Structure myplugin3 – plugin.yaml

StackSimplify
Helm- Build Plugin- myplugin2
myplugin2: plugin.yaml
Commands might
differ based on OS
Platform.
We can define
platform specific
commands during
plugin build process

StackSimplify
HELM
Demo-38
Chart Hooks

StackSimplify
Helm Chart Hooks
helm install
pre-install post-install
helm upgrade
pre-upgrade post-upgrade
helm rollback
pre-rollback post-rollback
helm delete
pre-delete post-delete
helm test
test
Chart
Hooks
Using Hooks we can create k8s objects at
certain point in release life cycle
Example-1: Taking a database backup before
helm upgrade
Hook is just an annotation to be added to any
k8s object so that it can be executed at that
point of release life cycle
Example-2: Create a pre-install configmap,
secret that will be used in main pod

StackSimplify
HELM
Demo-39
Hooks Deletion Policy

StackSimplify
Helm Hooks Deletion Policy
Hook
Deletion Policy
before-hook-
creation
hook-
succeded
hook-failed
Delete the previous resource before a new hook
is launched (default)
Delete the resource after the hook is successfully
executed
Delete the resource if the hook failed during
execution
Hooks Deletion Policy annotation will determine when to delete hook resources

StackSimplify
HELM
Demo-40
Hook Weight

StackSimplify
• Helm allows defining multiple hooks of the
same type within a chart
• The order of execution is determined by
the “hook-weight” attribute assigned to
each hook.
• Hooks with lower weight values are
executed before those with higher weight
values.
• Default weight is 0 if not specified.
Helm Hook Weight
"helm.sh/hook-weight": ”3"
"helm.sh/hook-weight": ”-2"
A
S
C
E
N
D
I
N
G
O
R
D
E
R
Helm Hook Weight

StackSimplify
HELM
Demo-41
Tests
Test Hook

StackSimplify
• Helm Tests feature enables automated testing of
Kubernetes applications deployed using Helm charts.
• These tests ensure that the deployed application is
functioning as expected.
• They provide confidence in the application's
health and functionality
Helm Tests
helm test <RELEASE-NAME>
Command:

StackSimplify
HELM
Demo-42
Resource Policy

StackSimplify
• Sometimes there are resources that should not be uninstalled when Helm
runs a helm uninstall.
• We can can add an annotation to a resource to prevent it from being
uninstalled.
• This annotation, "helm.sh/resource-policy": keep, tells Helm not to delete
the resource when using Helm operations like uninstall, upgrade, or
rollback that would normally delete it.
• Resource becomes orphaned, Helm will no longer manage it in
any way.
• Note: Quotations are mandatory
Helm Resource Policy

StackSimplify
HELM
Demo-43
Sign and Verify Charts

StackSimplify
• Why do we need to sign Helm Charts ?
• Integrity
• It prevents attackers from injecting malicious code
• Authentication
• When a Helm chart is signed, it comes with a digital signature generated
using a private key held by the chart maintainer.
• Users can verify the authenticity of the chart using the corresponding public
key.
• This provides a way to verify that the chart was indeed created by the
expected source or maintainer.
Helm Sign and Verify Charts

StackSimplify
• What happens when we sign Helm
Charts ?
• When we sign Helm charts, it creates a
provenance record in a provenance file
(myfirstchart-0.1.0.tgz.prov)
• We can verify the integrity of our Helm
Chart by comparing a chart to a
provenance record
Helm Sign and Verify Charts

StackSimplify
Sign and Verify Helm Charts
Generate private/public keys with
gpg
Helm doesn’t support latest gnupgv2
(kbx format), so we need to export
the private key to gpg format
Package and Sign the Helm Chart
using
helm package--–sign command
Helm doesn’t support latest gnupgv2
(kbx format), so we need to export
the public key to gpg format
Verify Helm Chart using
helm verify command
Sign Verify

StackSimplify
Sign and Verify Helm Charts
helm verify command:
helm install command:
helm upgrade command:

StackSimplify
HELM
Demo-44
Host Helm Repository on
GitHub

StackSimplify
Host Helm Repository on GitHub
Remote GitHub Repository
Local Desktop
Local
Git Repo
Chart Releaser
Actions
(CRA)
main
branch
gh-pages
branch
Releases / Tags
Chart
Developer
Check-In Code
Chart Versions
1
2 git push
3
Triggers CRA
4
Publish Packages
to Releases
5
Updates
index.yaml
0.1.0
0.2.0
0.3.0

StackSimplify
HELM
Demo-45
Artifact Hub

StackSimplify
Helm Artifact Hub

StackSimplify
HELM
Demo-46
Values
Validate with JSON Schema

StackSimplify
• Helm3 added support to validate
values in values.yaml using Json
schema
• Requirement checks:
• Example: Required fields in values.yaml
• Constraint Validation:
• Example: pullPolicy should contain only
values from below 3 items
• IfNotPresent,
• Always, or
• Never
Helm Values- Validate with JSON Schema

StackSimplify
• Type validation:
• Example-1: Replica Count is a number or
integer and not a string
• Example-2: Image Tag is a string such as
“0.1.0" and not the number 0.1.0
• Range validation:
• Example: The value for a CPU utilization
percentage key is between 1 and 100
• In short, we can add restrictions in our
values.yaml using values.schema.json
file
Helm Values- Validate with JSON Schema

StackSimplify
HELM
Demo-47
How to use OCI Registries
to store Helm Charts ?

StackSimplify
• What are OCI Registries ?
• OCI means Open Containers Initiative.
• An OCI Registry is like a special storage place for containers that follow
specific rules created by the Open Container Initiative
• In short, the place where we store our Docker Container Images
• Docker Hub
• Amazon ECR (Elastic Container Registry)
• Azure Container Registry
• Google Artifact Registry
• IBM Cloud Container Registry
• JFrog Artifact Registry
• Helm supports the above OCI registries for storing Helm Charts
OCI Registry

Helm-1233333333333333333333_Masterclass-v3.pptx

More Related Content

Similar to Helm-1233333333333333333333_Masterclass-v3.pptx (20)

Recently uploaded (20)

Helm-1233333333333333333333_Masterclass-v3.pptx