Helm Charts

Charts describe a set of Kubernetes resources – e.g. a full web app stack with HTTP servers, databases, caches, etc.

requirements.yamldefines dependencies using:

  • name
  • version
  • repository

Tags: like Ansible

Condition: enabled / disabled – always override tags.

See https://github.com/helm/helm/blob/master/docs/charts.md

 

Manage charts with helm:

  • create – creates chart
  • package – packages
  • lint – checks formatting

 

Getting started with Helm:

1. check kubectl config – i.e. using local minikube

kubectl config view | grep current

2. start helm

helm init

https://medium.com/@anthonyganga/getting-started-with-helm-tiller-in-kubernetes-part-one-3250aa99c6ac

 

Installing MySQL as a Helm Chart

Running helm install stable/mysql

(which uses: https://github.com/helm/charts/tree/master/stable/mysql )

helm install stable/mysql

NAME:   queenly-seahorse
LAST DEPLOYED: Mon Nov  5 11:22:13 2018
NAMESPACE: default
STATUS: DEPLOYED

RESOURCES:
==> v1/Secret
NAME                    AGE
queenly-seahorse-mysql  0s

==> v1/ConfigMap
queenly-seahorse-mysql-test  0s

==> v1/PersistentVolumeClaim
queenly-seahorse-mysql  0s

==> v1/Service
queenly-seahorse-mysql  0s

==> v1beta1/Deployment
queenly-seahorse-mysql  0s

==> v1/Pod(related)

NAME                                     READY  STATUS   RESTARTS  AGE
queenly-seahorse-mysql-6dc964999c-h4w54  0/1    Pending  0         0s


NOTES:
MySQL can be accessed via port 3306 on the following DNS name from within your cluster:
queenly-seahorse-mysql.default.svc.cluster.local

To get your root password run:

    MYSQL_ROOT_PASSWORD=$(kubectl get secret --namespace default queenly-seahorse-mysql -o jsonpath="{.data.mysql-root-password}" | base64 --decode; echo)

To connect to your database:

1. Run an Ubuntu pod that you can use as a client:

    kubectl run -i --tty ubuntu --image=ubuntu:16.04 --restart=Never -- bash -il

2. Install the mysql client:

    $ apt-get update && apt-get install mysql-client -y

3. Connect using the mysql cli, then provide your password:
    $ mysql -h queenly-seahorse-mysql -p

To connect to your database directly from outside the K8s cluster:
    MYSQL_HOST=127.0.0.1
    MYSQL_PORT=3306

    # Execute the following command to route the connection:
    kubectl port-forward svc/queenly-seahorse-mysql 3306

    mysql -h ${MYSQL_HOST} -P${MYSQL_PORT} -u root -p${MYSQL_ROOT_PASSWORD}

Let’s test we can connect to MySQL.

From the output, let’s get the MySQL password:

kubectl get secret --namespace default queenly-seahorse-mysql -o jsonpath="{.data.mysql-root-password}" | base64 --decode; echo

Copy.

Note: you could have got the pod name with:

kubectl get pods

Now exec into MySQL with:

kubectl exec -it queenly-seahorse-mysql-6dc964999c-h4w54 bash

Install MySQL client:

apt-get update && apt-get install mysql-client -y --force-yes

and connect with:

mysql -h localhost -p

 

 

More on:

  • kubectl commands here: Kubernetes: kubectl
  • MySQL Notes here: https://github.com/helm/charts/blob/master/stable/mysql/templates/NOTES.txt

Installing WordPress as a Helm Chart

helm install --name my-release stable/wordpress

List with

helm list

and delete with

helm delete my-release

https://github.com/helm/charts/tree/master/stable/wordpress

 

Errors

Error: no available release name found

https://github.com/helm/helm/issues/3055

also

https://stackoverflow.com/questions/43499971/helm-error-no-available-release-name-found/43513182

 

Error: Get https://10.96.0.1:443/api/v1/namespaces/kube-system/configmaps?labelSelector=OWNER%!D(MISSING)TILLER: dial tcp 10.96.0.1:443: i/o timeout

When you do a helm list

From https://github.com/helm/helm/issues/3055#issuecomment-385371327

suggests

kubectl delete the tiller service and deployment.)

$ kubectl create serviceaccount --namespace kube-system tiller
$ kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
$ helm init --service-account tiller

So: kubectl delete tiller-deploy-6fd8d857bc-fp5s2
error: resource(s) were provided, but no name, label selector, or –all flag specified

kubectl list
Error: unknown command “list” for “kubectl”

This suggests deleting tiller using

helm reset

but this gives:

helm reset
Error: Get https://10.96.0.1:443/api/v1/namespaces/kube-system/configmaps?labelSelector=OWNER%!D(MISSING)TILLER: dial tcp 10.96.0.1:443: i/o timeout

 

https://stackoverflow.com/questions/47583821/how-to-delete-tiller-from-kubernetes-cluster

and helm ls

Error: Get https://10.96.0.1:443/api/v1/namespaces/kube-system/configmaps?labelSelector=OWNER%!D(MISSING)TILLER: dial tcp 10.96.0.1:443: i/o timeout

Another, not very helpful, issue on why you can’t delete tiller:

https://github.com/helm/helm/issues/3536

Checking tiller:

kubectl get deploy -n kube-system

NAME                   DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
coredns                1         1         1            1           12d
kube-dns               1         1         1            0           71d
kubernetes-dashboard   1         1         1            0           71d
tiller-deploy          1         1         1            1           8d

 

To see pods in kube-system

kubectl get pods –namespace kube-system

e.g.

tiller-deploy-6fd8d857bc-fp5s2 1/1 Running 7 8d

 

Notes:

Tiller namespaces and RBAC

Namespaces are for different environments. E.g. production, staging.

https://medium.com/@amimahloof/how-to-setup-helm-and-tiller-with-rbac-and-namespaces-34bf27f7d3c3

RBAC and Service Accounts: 

https://docs.helm.sh/using_helm/#securing-your-helm-installation

 

Further reading

Use ksonnet to generate Kubernetes configurations from Helm Charts

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *