Skip to content

Helm

Helm

Helm is the Kubernetes Package Manager.

The Helm Quickstart Guide contains all required information use the tool. We recommend using helm v3 which no longer requires the tiller component.

Managing Secrets

We recommend relying on SOPS and the Barbican plugin, you can find instructions and an example in our gitops-getting-started.

The previous helm barbican plugin is now being deprecated in favor of SOPS.

Chart Repositories

We host a set of useful repositories, including a CERN specific one.

Here's an example setup:

helm repo list
NAME            URL
cern            https://registry.cern.ch/chartrepo/cern
openstack-infra https://registry.cern.ch/chartrepo/openstack-infra
openstack       https://registry.cern.ch/chartrepo/openstack

To check all available charts, try helm search.

Chart Provenance

Charts hosted under registry.cern.ch are signed and provenance can be checked using the --verify option. As an example when deploying eosxd:

helm install --verify cern/eosxd

GitOps

GitOps is the principle of relying on a git repo as the source of truth for the configuration and deployment of your application.

We've prepared an example setup and instructions you can use as a starting point to do the same for your own application, check it out: https://gitlab.cern.ch/helm/releases/gitops-getting-started.