
<!— Banner ads
—>
New in version 2.4.
- Synopsis
- Parameters
- Examples
- Status
- Synopsis ¶
- Requirements ¶
- Parameters ¶
- Examples ¶
- Status ¶
- Author ¶
- Overview
- Why Helm?
- Architecture
- No more Tiller in Helm 3
- More examples
- Helm CLI client
- Helm CLI Version
- helm env
- Helm installing Vault
- Articles
- Helmsman Desired State Configurator
- Videos
- Cloud vendors
- More on DevOps
- Create new Helm Chart
- Yaml
- Templates folder
- Dependencies in requirements.yaml
- Lint a Chart
- Specify app
- Search apps
- Add repo
- Install Chart in Kubernetes
- Komodor install
- In Kubernetes
- Uninstall
- Package to Archive
- Ingress
- Installation
- Install Ansible
- Videos
- Interactive
- . For example use
Synopsis
¶
- Install, upgrade, delete and list packages with the Helm package manage
Requirements
¶
The below requirements are needed on the host that executes this module.
- pyhelm
- grpcio
Parameters
¶
Examples
¶
Install helm chart Uninstall helm chart
Status
¶
This module is flagged as preview
which means that it is not guaranteed to have a backwards compatible interface.
community.kubernetes.helm
is an Ansible Galaxy to install, upgrade, delete packages with the Helm to manages Kubernetes packages with the Helm package manager
Ansible is Simple IT Automation — https://www.ansible.com/
can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates.
Ansible’s main goals are simplicity and ease-of-use. It also has a strong focus on security and reliability, featuring a minimum of moving parts, usage of OpenSSH for transport (with other transports and pull modes as alternatives), and a language that is designed around auditability by humans–even those not familiar with the program.
Ansible is a universal language, unraveling the mystery of how work gets done. Turn tough tasks into repeatable playbooks.
This article is about how to use community.kubernetes.helm to manage releases with the Helm package manager.
If you are planning to set the CI/CD and use the helm only you can deploy services without ansible.
Helm use the context once your context is set in CI/CD respective service will deploy to that specific environment.
You can just use the helm.
However with ansible
you can write the playbook which will use proper K8s context dev or QA and further ansible will deploy the helm simply.
Example playbook however you can remove the extra part if anything not required in your case
---
- hosts: localhost connection: local vars: helm_namespace: "ansible-helm-jenkins-demo" helm_release_name: "ansible-helm-jenkins-demo" helm_version: "v3.2.3" helm_binary_directory: /tmp/helm helm_archive_name: "helm-{{ helm_version }}-{{ ansible_system | lower }}-amd64.tar.gz" helm_binary: "{{ helm_binary_directory}}/{{ ansible_system | lower }}-amd64/helm" tasks: - name: Init Helm folders file: path: "{{ helm_binary_directory }}" state: directory - name: Check if Helm Binary Present stat: path: "{{ helm_binary }}" register: helm_binary_present - name: Unarchive Helm binary unarchive: src: "https://get.helm.sh/{{ helm_archive_name }}" dest: "{{ helm_binary_directory }}" remote_src: yes when: not helm_binary_present.stat.exists - name: Create Helm Namespace community.kubernetes.k8s: name: "{{ helm_namespace }}" api_version: v1 kind: Namespace state: present - name: Deploy Helm Chart community.kubernetes.helm: name: "{{ helm_release_name }}" chart_ref: "{{ playbook_dir }}/../../helm/ansible-helm-jenkins-demo" release_namespace: "{{ helm_namespace }}" binary_path: "{{ helm_binary }}" values: "{{ chart_values | default({}) }}" Github reference : https://github.com/sabre1041/ansible-helm-jenkins-demo
- Check current installed helm version, if any
- Download helm and notify the handler to unarchive the binary
- Unarchive the binary, if needed
- Delete downloaded file, if needed
- name: Set current helm version ansible.builtin.command: cmd: helm version --client --template={{ "'{{ .Version }}'" }} changed_when: false failed_when: false register: current_helm_version
- name: Download helm archive ansible.builtin.get_url: url: https://get.helm.sh/helm-{{ helm_version }}-linux-arm64.tar.gz checksum: sha256:https://get.helm.sh/helm-{{ helm_version }}-linux-arm64.tar.gz.sha256sum dest: /tmp owner: root group: root mode: 0644 notify: Unarchive helm binary when: helm_version != current_helm_version.stdout | default(false)
- name: Flush handlers ansible.builtin.meta: flush_handlers
- name: Delete helm archive ansible.builtin.file: path: /tmp/helm-{{ helm_version }}-linux-arm64.tar.gz state: absent - name: Unarchive helm binary ansible.builtin.unarchive: src: /tmp/helm-{{ helm_version }}-linux-arm64.tar.gz dest: /usr/local/bin extra_opts: "--strip-components=1" owner: root group: root mode: 0755 remote_src: true asked Feb 4 at 8:15
10 bronze badges
You can do it with one single task:
---
- hosts: localhost tasks: - name: Install helm if not exists unarchive: src: https://get.helm.sh/helm-v3.11.0-linux-amd64.tar.gz dest: /usr/local/bin extra_opts: "--strip-components=1" owner: root group: root mode: 0755 remote_src: true args: creates: /usr/local/bin/helm When /usr/local/bin/helm
exists, it will not execute the task.
7 gold badges
52 silver badges
66 bronze badges
answered Feb 4 at 11:44

2 silver badges
10 bronze badges
This is what I came up with. It will install latest version if helm_version
is not specified. It will not do anything if /usr/local/bin/helm
is already present.
---
- name: Download Helm command line tool ansible.builtin.uri: url: https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 return_content: true register: helm_installer
- name: Install Helm ansible.builtin.command: cmd: bash stdin: "{{ helm_installer.content }}" creates: /usr/local/bin/helm environment: DESIRED_VERSION: "{{ helm_version | default('') }}" answered May 5 at 11:48
$ helmExport export <role> —helm-chart=<location of chart> —workspace=<output location> —generatreFilters=true —emitKeysSnakeCase=true
This will mostly give you an Ansible role that works the same as you Helm chart with the templates in /<your role>/templates/ . However, there are a few things that will need to be modified. Helm template syntax is a bit different at time from Jinja2 that Ansible uses. Some common things to watch out for are:
The «toYaml» filter in Helm is «to_yaml» in jinja2.
«toJSON» likewise needs to be changed to «to_json»
The «b64enc» filter needs to be changed to «b64encode»
Any varibles generated by your _helpers.tpl file are not available. You can either define them in the role’s defaut/main.yml, hardcode them, or remove them from the templates.
Values that come from the Chart directly instead of the Values.yaml file (ex. . Chart. Name) are also not available
Check your templates for these syntax errors and go ahead and fix them.
If you create new variables, remember to add them to the roles/<your role>/defaults/main.yml file (this is what replaces the Values.yaml file, and works exactly the same).
In Helm, there’s a lot of labels that will be consistent throughout things your operator will create. You can choose to keep some around and remove some entirely as redundant. For example, in the sample operator, we’ve removed the release and heritage labels/label selectors, and changed the app and chart labels to use a new values in the defaults/main.yml file.
In the above example, we’d take out lines 8 and 9 (line 8 would stay in if we had some annotations we wanted). The same bit of yaml in an Ansible role would look like this:
#The annotations field was removed entirely, since we don’t have any for this object.
After making these changes, it is highly recommended to test the ansible role. It’s impossible to account for all the filters with different syntax between Helm and Ansible, so you’ll want to verify the role will run before moving on with your operator. To test the role, create a playbook.yml in the operator’s root directory that looks like this:
$ ansible-playbook playbook.yml
while logged in to your testing cluster. If everything comes back fine, you’re all set. Otherwise, you’ll need to look at the error message to see what bit of syntax is causing the problem, and change it in your templates. To test each template one at a time, go to the roles/<your role>/tasks/main.yml and comment out the templates you aren’t testing yet.
Package manager for Kubernetes











Overview
This article is a hands-on introduction about Helm “Charts” used to stand up a Kubernetes cluster.
NOTE: Content here are my personal opinions, and
not intended to represent any employer (past or present).
“PROTIP:” here highlight information I haven’t seen elsewhere on the internet
because it is hard-won, little-know but significant facts
based on my personal research and experience.
Helm simplifies discovering and deploying services to a Kubernetes cluster.
Helm reduces “configuration sprawl” of different specifications for Dev, Staging, UAT, QA, Prod.
Thus, Helm competes with docker-compose.
Here is the guided tour (aimed to be succinct yet deep):
Visit helm.sh
, Helm’s marketing home page (served from https://github.com/helm/helm-www
using hugo). It calls helm a package manager for Kubernets (like Brew on macOS, Chocolately on Windows, apt on Debian/Ubuntu, yum
on Red Hat, etc).
Helm is a cloud industry consortium composed of Google, Microsoft, Bitnami, and others.Why Helm?
- search available packages —
- provide information on packages
- download and install packages, along with dependencies, creation of folders, and insertion of those folders in the system’s PATH variable
- list installed packages
- lint installed packages
- update existing installed packages
- delete packages
PROTIP: Words in Chart names are separated by dashes, not underlines nor dots.
Visit https://github.com/helm/helm
where Helm is open-sourced.Helm was created by Matt Butcher (“The Mister Rogers of Cloud Native” living in Boulder, Colorado, USA)
and others at Deislabs.io
(acquired by Microsoft in May 2017).In 2016, Helm was donated Helm to CNCF (the same organization who owns Kubernetes itself).
Visit the latest release at https://github.com/helm/helm/releases
CNCF graduated Helm2 in 2016. Helm3 released in 2019.
helm version
on your laptop is a different version sequence.Architecture
The Helm CLI client
running on your local machine sends requests to Kubernetes.This CLI client is needed because operations such as rollback, running chart tests, etc. are done from the Helm CLI client.
No more Tiller in Helm 3
According to https://helm.sh/docs/community/history/
See https://github.com/helm/helm-2to3 for the strangler
pattern (co-existing in the same cluster) or in situ
(with migration).helm3 plugin list
Helm 3 uses Secrets
as the default storage driver
instead of Helm 2’s ConfigMaps
(default) to store release information.The chart dependency management system has moved from requirements.yaml and requirements.lock in Helm 2 to Chart.yaml and Chart.lock in Helm3. An improved upgrade strategy, leveraging three-way strategic merge patches. Helm considers the old manifest, its live state, and the new manifest of when generating a patch.
More examples
Visist community.kubernetes.helm — Manages Kubernetes packages with the Helm package manager — Ansible Documentation: https://docs.ansible.com/ansible/latest/collections/community/kubernetes/helm_module.html
to see more examples.
Helm CLI client
On your Terminal on any folder:
This extends and summarizes https://helm.sh/docs/intro/install
Install Kubernetes first.
PROTIP: The Helm client learns about Kubernetes clusters by using files in the Kube config file. By default, Helm attempts to find this file in the place where kubectl creates it ($HOME/.kube/config).
See whether you already have it installed:
Helm CLI Version
helm version
If you see something like this, you already have it installed:
version. BuildInfo{Version:"v3.10.1", GitCommit:"9f88ccb6aee40b9a0535fcc7efea6055e1ef72c9", GitTreeState:"clean", GoVersion:"go1.19.2"}What is the latest Kubernetes helm CLI client for macOS?
brew info helm
Response at time of writing:
helm: stable 3.2.1 (bottled), HEAD The Kubernetes package manager https://helm.sh/ /usr/local/Cellar/helm/3.2.1 (7 files, 43.3MB) * Poured from bottle on 2020-05-30 at 03:34:11 From: https://github.com/Homebrew/homebrew-core/blob/master/Formula/helm.rb ==> Dependencies Build: go@1.13 ✘ ==> Options --HEAD Install HEAD version ==> Caveats Bash completion has been installed to: /usr/local/etc/bash_completion.d zsh completions have been installed to: /usr/local/share/zsh/site-functions ==> Analytics install: 36,371 (30 days), 110,830 (90 days), 251,843 (365 days) install-on-request: 35,636 (30 days), 108,563 (90 days), 246,528 (365 days) build-error: 0 (30 days)
/usr/local/Cellar/helm/3.2.1 (7 files, 43.3MB) * /usr/local/Cellar/helm/3.1.1. (7 files, 41.2MB) /usr/local/Cellar/helm/3.1.0 (7 files, 41.2MB) *
To install helm CLI client for the first time:
brew install helm
To upgrade Kubernetes helm CLI client (if brew info returned a version):
brew upgrade helm
==> Downloading https://storage.googleapis.com/helm/releases/v3.1.0/helm-darwin-amd64
Obtain the version again after an upgrade.
PROTIP: Helm is written in the Go language, built using the Make utility.
helm env
Examine your local Helm enviorinment locations:
helm env
Notice that the MacOS Library is used as storage locations:
HELM_BIN="helm" HELM_BURST_LIMIT="100" HELM_CACHE_HOME="/Users/wilsonmar/Library/Caches/helm" HELM_CONFIG_HOME="/Users/wilsonmar/Library/Preferences/helm" HELM_DATA_HOME="/Users/wilsonmar/Library/helm" HELM_DEBUG="false" HELM_KUBEAPISERVER="" HELM_KUBEASGROUPS="" HELM_KUBEASUSER="" HELM_KUBECAFILE="" HELM_KUBECONTEXT="" HELM_KUBEINSECURE_SKIP_TLS_VERIFY="false" HELM_KUBETLS_SERVER_NAME="" HELM_KUBETOKEN="" HELM_MAX_HISTORY="10" HELM_NAMESPACE="default" HELM_PLUGINS="/Users/wilsonmar/Library/helm/plugins" HELM_REGISTRY_CONFIG="/Users/wilsonmar/Library/Preferences/helm/registry/config.json" HELM_REPOSITORY_CACHE="/Users/wilsonmar/Library/Caches/helm/repository" HELM_REPOSITORY_CONFIG="/Users/wilsonmar/Library/Preferences/helm/repositories.yaml"
NOTE: Helm stores its configuration files in XDG Base directory specifications created the first time helm is run.
Cache: $XDG_CACHE_HOME - ${HOME}/ .cache /helm/ Config: $XDG_CONFIG_HOME - ${HOME}/ .config /helm/ Data: $XDG_CONFIG_HOME - ${HOME}/ .local /helm/Helm 3 puts K8s CRD’s (Custom Resource Definitions) in the “crds” directory and can be skipped using --skip-crds
on install. https://github.com/bitnami-labs/helm-crd is not under active development.Helm 3 has a GoSDK CLI.
Open Container Initiative (OCI) with Docker Registry API.
Helm installing Vault
Ansible is used in the aws_eks_cluster.py. Compre the Python 3.8 vs. 3.7 versions:
diff /usr/local/Cellar/ansible/2.9.6_2/libexec/lib/python3.8/site-packages/ansible/modules/cloud/amazon/aws_eks_cluster.py $HOME/Library/Python/3.7/lib/python/site-packages/ansible/modules/cloud/amazon/aws_eks_cluster.py
https://learning.oreilly.com/live-events/helm-charts-with-kubernetes/0636920074683/0636920079146/
Helm Charts with Kubernetes
Articles
An Introduction to Helm, the Package Manager for Kubernetes
August 6, 2018
by Brian Boucheron
Helmsman Desired State Configurator
Open-sourced at https://github.com/Praqma/helmsman
, Helmsman from Praqma
(by SAMI ALAJRAMI and others)
provides an “autopilot” for Kubernetes clusters which automates the lifecycle management of Helm Charts using declarative (desired state) configuration files (DSF) to create, delete, upgrade, and move Kubernetes objects to different namespaces.
This approach makes it easier to replicate a CI pipeline.
This also takes care of secrets passing (from environment variables to Charts).
The desired state approach achieves idempotentcy — executing Helmsman several times gets the same result, and continues from failures.
Videos
Venkat’s playlist on Kubernetes
includes:
-
[ Kube 63 ] Creating your first Helm chartDec 2, 2019 based on v2.14 rather than v3, from scratch, drawing from
with source in https://github.com/justmeandopensource
Helm (v1) and Kubernetes Tutorial — Introduction
by Matthew Palmer
Helm 3: Navigating to Distant Shores
by Codefresh
If you have an O’Reilly subscription, the 10 minute “almost-live” hands-on scenario (from Katota) “Get Started with the Helm Package Manager”
has you clicking each command and see it executed on an Ubuntu Bash terminal. This scenario teaches you how to use Helm, the package manager for Kubernetes, to deploy Redis.
- Wait for Kubernetes to start. Then install it using a curl command.
The scenario is based on version 2 because it tells you to update the local cache to sync the latest available packages with the environment:
helm init helm repo update
- helm search redis
- helm inspect stable/redis to see configuration policies.
To deploy the chart to your cluster:
helm install stable/redis
List package namespaces installed:
Find out what pods, replication controllers, and services (master and slave) were deployed:
kubectl get all
List the persistent volumes available:
kubectl apply -f pv.yaml
The pod remains in a pending state while the Docker Image is downloaded.
Grant Redis data mount permissions to write:
chmod 777 -R /mnt/data*
Provide helm with a more friendly name “my-release”:
helm install –name my-release stable/redis
To get your password run:
To connect to your Redis server, run a Redis pod that you can use as a client:
kubectl run –namespace default dinky-newt-redis-client –rm –tty -i –restart=’Never’
–env REDIS_PASSWORD=$REDIS_PASSWORD
–image docker.io/bitnami/redis:5.0.7-debian-10-r27 – bash
Connect using the Redis CLI:
redis-cli -h dinky-newt-redis-master -a $REDIS_PASSWORD
redis-cli -h dinky-newt-redis-slave -a $REDIS_PASSWORDkubectl port-forward –namespace default svc/dinky-newt-redis-master 6379:6379 &
redis-cli -h 127.0.0.1 -p 6379 -a $REDIS_PASSWORD
Cloud vendors
More on DevOps
This is one of a series on DevOps:
Create new Helm Chart
A Helm “Chart” is a collective noun for a set of folders and files.
Create a new Helm Chart:
helm create mychart
Optionally, –starter
option can be added to specify a “starter chart”.Examine the files created using a Tree command:
tree
├── Chart.yaml ├── charts ├── templates └── values.yaml
REMEMBER: Each Helm Chart must contain a Chart.yaml
file (with a capital C), a values.yaml
file (with a lower case v) to override default values with your own information.Those files provide files to “handlebars” within yaml files in the templates
directory/folder containing Kubernetes deployment.yaml and other files,Sometimes other charts are in a chart folder.
In an editor (such as VSCode), open the Chart.yaml
file.PROTIP: apiVersion
is v2 starting with Helm3. Confusing, I know.Yaml
REMEMBER: In yaml format
files, indents use two spaces (and never tabs). ( Kubernetes objects) into one unit. The charts
file defines dependencies.Templates folder
In the templates folder:
├── templates │ ├── NOTES.txt │ ├── _helpers.tpl │ ├── deployment.yaml │ ├── ingress.yaml │ ├── service.yaml │ ├── serviceaccount.yaml │ └── tests │ └── test-connection.yaml
Template yaml files contain placeholders:
\{\{- if . Values.serviceAccount.create -}} apiVersion: v1 kind: ServiceAccount metadata: name: \{\{ include "my-chart.serviceAccountName" . }} labels: \{\{- include "my-chart.labels" . | nindent 4 }} \{\{- with . Values.serviceAccount.annotations }} annotations: \{\{- toYaml . | nindent 4 }} \{\{- end }} \{\{- end -}}Dependencies in requirements.yaml
The requirements.yaml
file to Kubernetes specifies a MariaDB database:dependencies: - name: mariadb version: 0.6.0 repository: https://kubernetes-charts.storage.googleapis.com
The chart folder
is populated by the archive of “dependencies” of other charts with its own set of yaml files.
Lint a Chart
Linting is automatic with helm install, upgrade, and template.
But you can run it anytime:helm lint
==> Linting . [INFO] Chart.yaml: icon is recommended 1 chart(s) linted, 0 chart(s) failed
Specify app
Since Kubernetes works off Docker images, specify the Docker image, such as the simple “ToDo” app:
image: repository: prydonius/todo tag: latest pullPolicy: IfNotPresent
The client CLI knows to look for the repository within the https://hub.helm.sh
public repository.
PROTIP: A Chart release
number is an incremental counter that advances forward even on rollback.
A Sematic version number
(such as 1.2.3) is required on every chart.
Search for the ToDo
chart this tutorial uses.For a list of all apps in Hub:
help search hub
A repository of helm charts to “find, install, and publish Kubernetes packages”:
Search apps
Search for a specific Chart:
helm search hub vault
Note that the list contains “stable” and “incubator” editions.
To see logos among publicly available charts, view https://hub.helm.sh
, search for “stable” Charts:- Anchore
, Clair - web server Apache
, Nginx, Tomcat, WordPress - Argo-cd
, GitLab - Artifactory
- Databases: Cassandra, Mongodb, CockroadhDB
, MySQL, Neo4j, Spark, Spinniker - Secrets manager: Consul, Vault
- Testing tools: JMeter, Selenium
- Elastic Stack, Logstash, Prometheus, Kibana,
- Weave
Add repo
- Anchore
Define that folder in a system environment variable for use in shell file statements below:
MY_HELM_PATH="~/github-wilsonmar/helm-samples"
Replace “github-wilsonmar” with your folder.
Create then Navigate to a folder holding your Helm chart.
cd echo "${MY_HELM_PATH}" mkdir "${MY_HELM_PATH}" cd "${MY_HELM_PATH}"helm repo add dev https://hub.helm.sh
FIXME: ??? If you get back:
Error: looks like "https://hub.helm.sh" is not a valid chart repository or cannot be reached: error unmarshaling JSON: while decoding JSON: json: cannot unmarshal string into Go value of type repo. IndexFile
Install Chart in Kubernetes
This is a summary of https://helm.sh/docs/intro/using_helm/
helm install --name todo "${MY_HELM_PATH}" --dry-run --debug --set service.type=NodePortHighlight and copy the response to your Clipboard to paste in your local Terminal:
export NODE_PORT=$(kubectl get —-namespace default -o jsonpath="{.spec.ports[0].nodePort}" services todo-mychart) export NODE_IP=$(kubectl get nodes —-namespace default -o jsonpath="{.items[0].status.addresses[0].address}") echo http://$NODE_IP:$NODE_PORTCopy and paste the URL in the response (such as http://127.0.0.1:8080) in your browser’s address to see the app’s UI.
Komodor install
Alternately, Komodor.io provides this to install
:helm repo add komodorio https://helm-charts.komodor.io ; helm repo update; helm upgrade --install k8s-watcher komodorio/k8s-watcher --set watcher.actions.basic=true --set watcher.actions.advanced=true --set apiKey=12345678-abcd-3333-ccc-2edb0fe9e263 --set watcher.clusterName=default --wait --timeout=90s && open https://app.komodor.com/main/services
In Kubernetes
See what is running in the Kubernetes cluster:
helm list --all
Uninstall
helm uninstall --keep-history
Package to Archive
Package a Chart folder:
helm package mychart
After a Chart is packaged by being tarred and gzipped (compressed/packed) to a .tgz file, and optionally signed, it is called an archive
.helm verify my-chart-0.1.0.tgz
1) Package a Chart folder:
Ingress
VIDEO:
Kubernetes Ingress Explained Completely For Beginners
by KodeKloud
Installation
Install Ansible
This plugin is part of the community.kubernetes collection.
To install it use:
Videos
https://www.youtube.com/watch?v=TJ9hPLn0oAs
Create a Helm chart
Oct 3, 2019
https://docs.bitnami.com/tutorials/create-your-first-helm-chart
Interactive
“Helm Package Manager” on Qwiklabs
covers installation and configure a Chart (based in MySQL) on GCP.
Examples
To use it in a playbook, specify:
. For example use
to install nfs-server-provisioner helm chart.See the directory structure.
Edit the playbook file.
See Helm release about cert-manager.
See pods about cert-manager.

![[Ansible Galaxy] Use Ansible community.kubernetes.helm to manages Kubernetes (K8S) packages with the Helm package manager](https://cdn2.hubspot.net/hubfs/330046/docs-graphics/ASB-docs-top-left.png)
![[Ansible Galaxy] Use Ansible community.kubernetes.helm to manages Kubernetes (K8S) packages with the Helm package manager](https://cdn2.hubspot.net/hubfs/330046/docs-graphics/ASB-docs-top-right.png)
