Skip to content

Helm

Helm

Helm is the Kubernetes Package Manager.

The Helm Quickstart Guide contains all required information use the tool. We recommend using helm v3 which no longer requires the tiller component.

Chart Repositories

We host a set of useful repositories, including a CERN specific one.

Here's an example setup:

helm repo list
NAME            URL
cern            https://registry.cern.ch/chartrepo/cern
openstack-infra https://registry.cern.ch/chartrepo/openstack-infra
openstack       https://registry.cern.ch/chartrepo/openstack
stable          https://registry.cern.ch/chartrepo/stable

stable hosts for convenience some of the charts in the old and now deprecated upstream stable repository.

You should ideally use the newer published charts in the artifact hub, let us know if you would like to replicate some of those charts in the CERN registry.

Managing Secrets

We recommend relying on SOPS and the Barbican plugin, you can find instructions and an example in our gitops-getting-started.

The previous helm barbican plugin is now being deprecated in favor of SOPS.

Chart Provenance

Charts hosted under registry.cern.ch are signed and provenance can be checked using the --verify option. As an example when deploying eosxd:

helm install --verify cern/eosxd

GitOps

GitOps is the principle of relying on a git repo as the source of truth for the configuration and deployment of your application.

We've prepared an example setup and instructions you can use as a starting point to do the same for your own application, check it out: https://gitlab.cern.ch/helm/releases/gitops-getting-started.