#helmfile (2020-11)

https://github.com/roboll/helmfile

Questions and discussion around helmfile https://github.com/roboll/helmfile and https://github.com/cloudposse/helmfiles Archive: https://archive.sweetops.com/helmfile/

2020-11-29

Zbigniew Żołnierowicz avatar
Zbigniew Żołnierowicz

Hey! I was wondering - does anyone here have a working example of a Helmfile with Traefik configured? I could really use some pointers.

Issif avatar
Issif

for traefik v2? what do you need exactly?

2020-11-28

muhaha avatar
muhaha

anyone tried to run https://registry.terraform.io/providers/mumoshu/helmfile in terraform cloud ? not sure how to add actual helm & helmfile binaries there..

muhaha avatar
muhaha
Feature Request: Binary Downloads to Support Terraform Cloud · Issue #5 · mumoshu/terraform-provider-helmfile

what Add flag to download kubectl and helmfile from GitHub pinned to a specific release why Running provider in terraform cloud requires binaries be installed by some other means Using local-exec w…

muhaha avatar
muhaha

@Erik Osterman (Cloud Posse) did you find any workaround for terraform cloud ?

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Actually, I think he has addressed this issue so it downloads the dependencies but haven’t tried it yet

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

It uses another library called “dep” to manage those dependencies

muhaha avatar
muhaha

I tried last helmfile provider release and no, it will not download binaries

muhaha avatar
muhaha

But its generic problem of Terraform Cloud..

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Did you read this section?

muhaha avatar
muhaha

Seems its not stable enough, I tried:

helmfile_release_set "mystack" {
  version = "0.128.0"
  helm_version = "3.2.1"
  helm_diff_version = "v3.1.3"
  ...
}

in TF 0.13.5, but plan will get stuck, without any log info… ( TF_LOG_PATH=/tmp/tf.log TF_LOG=TRACE terraform plan )

2020-11-27

2020-11-26

Gus Narea avatar
Gus Narea

Hey folks. I have this helmfile.yaml where I’m trying to pass the namespace to a presync hook: https://github.com/relaycorp/cloud-gateway/blob/2f3fd5331342302ce52354386d87b76c07975717/charts/helmfile.yaml#L45-L46

.Release.Name is resolved properly but .Namespace resolves to an empty string. I’ve also tried .Release.Namespace. What else should I try?

voron avatar
voron
"{{`{{.Release.Namespace}}`}}"
voron avatar
voron

works for me in presync hook args

Gus Narea avatar
Gus Narea

Hmm, I’ll try it again. Maybe there was a typo.

Gus Narea avatar
Gus Narea
Gus Narea avatar
Gus Narea

Are you setting the namespace explicitly in the helmfile?

Gus Narea avatar
Gus Narea

Maybe I need to do that

voron avatar
voron


Are you setting the namespace explicitly in the helmfile?
Yes. IDK other options for helmfile to guess the namespace.

Gus Narea avatar
Gus Narea

I assumed it’d read the current context . I’ll set the namespace explicitly

2020-11-25

Ievgenii Shepeliuk avatar
Ievgenii Shepeliuk

Hi all It is about using helmfile with jsonPatches

  • doing helmfile deps is causing some transformations, but it should not, i suppose
  • values passed to helmfile apply /helmfile sync via –set or –values arguments are ignored while applying the patch, only way is to pass those values via helmfile.yaml

It seems there is no open isses for that

mumoshu avatar
mumoshu

thanks! the first one seems like a bug. would you mind opening an issue?

mumoshu avatar
mumoshu


- values passed to helmfile apply /helmfile sync via –set or –values arguments are ignored while applying the patch, only way is to pass those values via helmfile.yaml
this can also be a bug(or regression?) i rarely try to add adhoc chart values via command-line(i only do that via —state-values-set/values) so perhaps i slipped it while testing

Ievgenii Shepeliuk avatar
Ievgenii Shepeliuk

will open issue(s) for this thank you

Ievgenii Shepeliuk avatar
Ievgenii Shepeliuk

Hi again, I am trying to build a docker image from this Dockerfile using a following command

$ docker build -t eshepelyuk/helmfile -f Dockerfile.helm3 .

I know that there’s a docker image available, but I’m trying to create a Pull Request, so I have to build the image myself to test my PR.

And I am receiving such error

Ievgenii Shepeliuk avatar
Ievgenii Shepeliuk
go: downloading [github.com/Azure/go-autorest/autorest/to](http://github\.com/Azure/go\-autorest/autorest/to) v0.3.0
env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GOFLAGS=-mod=vendor go build -o "dist/helmfile_linux_amd64" -ldflags '-X [github.com/roboll/helmfile/pkg/app/version.Version=v0.135.0](http://github\.com/roboll/helmfile/pkg/app/version\.Version=v0\.135\.0)'
go: inconsistent vendoring in /workspace/helmfile:
        [github.com/Azure/[email protected]+incompatible](http://github\.com/Azure/azure\-sdk\-for\[email protected]\.0\.0github.com/Azure/[email protected]+incompatibleincompatible): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/Masterminds/semver/[email protected]](http://github\.com/Masterminds/semver/[email protected]\.1\.0): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/Masterminds/sprig/[email protected]](http://github\.com/Masterminds/sprig/[email protected]\.1\.0): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/aryann/[email protected]](http://github\.com/aryann/[email protected]\.0\.0\-20170710044230\-e206f873d14a): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/frankban/[email protected]](http://github\.com/frankban/[email protected]\.11\.2): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/go-test/[email protected]](http://github\.com/go\-test/[email protected]\.0\.7): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/golang/[email protected]](http://github\.com/golang/[email protected]\.4\.4): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/google/[email protected]](http://github\.com/google/go\[email protected]\.5\.2): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/gosuri/[email protected]](http://github\.com/gosuri/[email protected]\.0\.4): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/hashicorp/[email protected]](http://github\.com/hashicorp/go\[email protected]\.5\.0): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/hashicorp/[email protected]](http://github\.com/hashicorp/go\[email protected]\.6\.3): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/hashicorp/[email protected]](http://github\.com/hashicorp/go\[email protected]\.2\.1): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/howeyc/[email protected]](http://github\.com/howeyc/[email protected]\.0\.0\-20190910152052\-7cb4b85ec19c): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/imdario/[email protected]](http://github\.com/imdario/[email protected]\.3\.11): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/konsorten/[email protected]](http://github\.com/konsorten/go\-windows\-terminal\[email protected]\.0\.2): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/pierrec/[email protected]+incompatible](http://github\.com/pierrec/[email protected]\.3\.0github.com/pierrec/[email protected]+incompatibleincompatible): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/r3labs/[email protected]](http://github\.com/r3labs/[email protected]\.1\.0): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/spf13/[email protected]](http://github\.com/spf13/[email protected]\.1\.1): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/tatsushid/[email protected]](http://github\.com/tatsushid/go\[email protected]\.0\.0\-20141013043238\-ed2d14c29939): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/urfave/[email protected]](http://github\.com/urfave/[email protected]\.22\.5): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/variantdev/[email protected]](http://github\.com/variantdev/[email protected]\.5\.0): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/variantdev/[email protected]](http://github\.com/variantdev/[email protected]\.0\.0\-20191028002400\-bb0b3c785363): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [github.com/variantdev/[email protected]](http://github\.com/variantdev/[email protected]\.11\.0): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [go.uber.org/[email protected]](http://go\.uber\.org/[email protected]\.6\.0): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [go.uber.org/[email protected]](http://go\.uber\.org/[email protected]\.16\.0): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [golang.org/x/[email protected]](http://golang\.org/x/[email protected]\.0\.0\-20201020160332\-67f06af15bc9): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [gopkg.in/square/[email protected]](http://gopkg\.in/square/go\-jose\[email protected]\.4\.0): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [gopkg.in/[email protected]](http://gopkg\.in/yaml\[email protected]\.3\.0): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [email protected]+incompatible: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        gotest.tools/[email protected]: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
        [k8s.io/[email protected]](http://k8s\.io/[email protected]\.19\.3): is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt

run 'go mod vendor' to sync, or use -mod=mod or -mod=readonly to ignore the vendor directory
make: *** [Makefile:37: static-linux] Error 1
The command '/bin/sh -c make static-linux' returned a non-zero code: 2
Ievgenii Shepeliuk avatar
Ievgenii Shepeliuk

Could anyone help ?

Andrey Nazarov avatar
Andrey Nazarov

You might want to check Makefile in the repo:) It helped me when I faced this. Can’t write the solution right now answering with the phone, sorry

Ievgenii Shepeliuk avatar
Ievgenii Shepeliuk

Well, there’s a few issues

  1. have no idea what to check in Makefile, since has zero experience with them
  2. Makefile in master branch is expected to be working without any changes, especially when building inside a docker but thanx anyway, if you got a chance to give some clues later - I’d be appreciated
Andrey Bronin avatar
Andrey Bronin

I can just confirm, I have the same errors on docker build for .helm3 Dockerfile

mumoshu avatar
mumoshu

ah good catch. this is far from ideal but you need to run go mod vendor before running make image

mumoshu avatar
mumoshu
roboll/helmfile

Deploy Kubernetes Helm Charts. Contribute to roboll/helmfile development by creating an account on GitHub.

Andrey Nazarov avatar
Andrey Nazarov

Oh, I’m a bit late for an answer)). Yeah mumoshu nailed it. I messed up files a bit, it was in circleci configuration indeed, couldn’t check yesterday. Sorry for the misleading info.

1
Ievgenii Shepeliuk avatar
Ievgenii Shepeliuk

Yet again, i am building a docker image From a dockerfile from master branch

isnt it supposed that proposed go mod vendor must be put into dockerfile ?

mumoshu avatar
mumoshu

i dont remeber the rationale/original reason anymore, but ideally there should be no go mod vendor in neither circleci config nor dockerfile

mumoshu avatar
mumoshu

as go build is expected to download all the deps as in go.mod on demand

Ievgenii Shepeliuk avatar
Ievgenii Shepeliuk

well, but currently either Dockerfile in master is broken or docker image should be built with some undocumented steps ,or finally, maybe i have some very special bug in my PC setup causing this issue

Andrey Bronin avatar
Andrey Bronin

No special bug, I also can’t build Dockerfile.helm3 from master branch

mumoshu avatar
mumoshu

yep. i think that’s bug in (perhaps) helmfile’s go.mod/go.sum

Ievgenii Shepeliuk avatar
Ievgenii Shepeliuk

Should I open an issue ? Or you all could open / fix it ?

mumoshu avatar
mumoshu

it would be great if you could open one!

2020-11-24

discourse avatar
discourse
07:01:55 PM
Looking for a simple helmfile example [Helmfile]

Sure, have you seen the library of examples that Cloud Posse publishes?

We have dozens available here: https://github.com/cloudposse/helmfiles/tree/master/releases

We try to keep these up to date. And while not all of them are “easy” examples, there are some simple ones, like this one: https://github.com/cloudposse/helmfiles/blob/master/releases/reloader/helmfile.yaml

btai avatar

is there a way to show the generated kubernetes yaml files from helmfile?

Issif avatar
Issif

yes sure, just run helm template -f values.yaml .

btai avatar

sweet

btai avatar

i think helmfile template

2020-11-22

discourse avatar
discourse
08:57:03 PM
Looking for a simple helmfile example [Helmfile]

Hello,

I’m hoping someone can share a simple helmfile example with me. I’d like to know how to deploy a single app (like prometheus-pushgateway for example) to multiple clusters/contexts. Only the URL and the secret/certificate will change per cluster/context.

Thanks.

Vugar avatar
Vugar

Greetings! I was wondering if anyone knows why it was decided not to use {{.Values}} for ‘condition:’ field in the helmfile? It seems like there is at least one related issue here… I wonder if there are some other considerations on the matter? I can see that Cloud Posse helmfiles do not use ‘condition:’ field at all… it will be interesting to hear your opinion on this field in general. Thank you!

Panic on condition parameter of a release · Issue #1242 · roboll/helmfile

Hey, if I use the example provided in the README.md, helmfile throws an panic stacktrace: $ helmfile sync panic: interface conversion: interface {} is nil, not map[string]interface {} goroutine 1 […

2020-11-18

Justin Seiser avatar
Justin Seiser

Anyone have any experience dealign with the Kubernetes Raw chart? I want to create a TLS secret, but I only appear able to do so, if I pass in the values directly. If I reference a secrets or values file, it errors out.

Justin Seiser avatar
Justin Seiser

Like, this works

Justin Seiser avatar
Justin Seiser
environments:
  default:
    secrets:
    - helm_vars/default/certs/secrets.yaml
    - helm_vars/default/linkerd-cert-manager/secrets.yaml

releases:
  - name: linkerd-cert-manager
    namespace: linkerd
    chart: ./raw/
    needs:
      - cert-manager/cert-manager
    wait: true
    missingFileHandler: Error
    values:
      - resources:
        - apiVersion: v1
          kind: Secret
          metadata:
            name: linkerd-trust-anchor
          type: [kubernetes.io/tls](http://kubernetes\.io/tls)
          data:
            tls_cert: {{ .Values.linkerd_cert | b64enc | quote }}
            tls_key: {{ .Values.linkerd_key | b64enc | quote }}
        - apiVersion: [cert-manager.io/v1alpha3](http://cert\-manager\.io/v1alpha3)
          kind: Issuer
          metadata:
            name: linkerd-trust-anchor
            namespace: linkerd
          spec:
            ca:
              secretName: linkerd-trust-anchor
        - apiVersion: [cert-manager.io/v1alpha3](http://cert\-manager\.io/v1alpha3)
          kind: Certificate
          metadata:
            name: linkerd-identity-issuer
            namespace: linkerd
          spec:
            secretName: linkerd-identity-issuer
            duration: 24h
            renewBefore: 1h
            issuerRef:
              name: linkerd-trust-anchor
              kind: Issuer
            commonName: identity.linkerd.cluster.local
            isCA: true
            keyAlgorithm: ecdsa
            usages:
            - cert sign
            - crl sign
            - server auth
            - client auth
Justin Seiser avatar
Justin Seiser

but If I move this to a values.yaml it breaks

rei avatar

Try using the fromYaml filter. Or take a look to the template feature in the helmfile docs, specially the github issues

mumoshu avatar
mumoshu

To render a go template that contains expressions like {{ .Values... }}, try renaming the values file as values.yaml.gotmpl

mumoshu avatar
mumoshu

otherwise it’s treated as a plain yaml without templates and may result in e.g. a yaml syntax error

mumoshu avatar
mumoshu

ah i just realized that you found it yourself :)

Justin Seiser avatar
Justin Seiser


STDERR:
Error: failed to parse /var/folders/_v/82h1zgqd5zg63wr6wb7t5qdw0000gp/T/values294919079: error converting YAML to JSON: yaml: invalid map key: map[interface {}]interface {}{“.Values.tls_cert | b64enc | quote”:interface {}(nil)}

Justin Seiser avatar
Justin Seiser

o i think i got it.

Justin Seiser avatar
Justin Seiser

need to be values.yaml.gotmpl

1
1
Justin Seiser avatar
Justin Seiser

Sad thing.. I opened a ticket like this, and it was explained to me before, and I literally just now understood

2
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Happens to me all the time! =)

Justin Seiser avatar
Justin Seiser
Is it Possible to Run the Same chart against multiple namespaces · Issue #1479 · roboll/helmfile

Basically, I need a way to create our TLS cert for nginx, in all of our namespaces in one go. I feel like I could somehow use the kubernetes raw chart, but Im not sure how to go about looping throu…

Justin Seiser avatar
Justin Seiser

im a thick one.

rei avatar

I had myself a bad experience with helmfile today: suddenly helmfile was unable to apply the charts. The diff plugin kept crashing. At the end it was the kubecontext. Saddly I need to specify it in the cmd line. Using the kubeContext key in the defaults config did not work as expected. I should write an issue…

2020-11-13

rei avatar

@Andriy Knysh (Cloud Posse) Thank you for updating the helmfiles. Although I have some issues with them, specially the “environment” configuration. Compared to other CP modules, specially Terraform, the use of environment and stage and namespace is very opinionated. For example here I do need to set the stage even if we only use the namespace and environment(=dev, prod, etc.). https://github.com/cloudposse/helmfiles/blob/master/releases/cert-manager/helmfile.yaml#L67 Yeah specifying stage: environment would skip this, however it crates confusion and it collides with the handling in other nodules.

Any ideas on how to improve this?

Maybe add some base yaml/gotpl analogous to heml helpers templates to generate base-variables. Similar to the [context.tf](http://context\.tf) and label TF module?

cloudposse/helmfiles

Comprehensive Distribution of Helmfiles for Kubernetes - cloudposse/helmfiles

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

environments in helmfile are completely diff concept (not related to terraform and the environment variable in the TF modules)

cloudposse/helmfiles

Comprehensive Distribution of Helmfiles for Kubernetes - cloudposse/helmfiles

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)
roboll/helmfile

Deploy Kubernetes Helm Charts. Contribute to roboll/helmfile development by creating an account on GitHub.

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

in your helmfile.yaml you specify something like this

bases:
- ../environments.yaml
Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

and then in the environments.yaml you do

environments:
  prod:
    values:
      - defaults.yaml
      - prod.yaml
  staging:
    values:
      - defaults.yaml
      - staging.yaml
  dev:
    values:
      - defaults.yaml
      - dev.yaml
Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

where each YAML file is a collection of values for the helmfile for a particular environment

Andriy Knysh (Cloud Posse) avatar
Andriy Knysh (Cloud Posse)

e.g. in dev.yaml you could have

installed: true

unlimited_staging_enabled: false
rei avatar

The problem is not the environments feature of helmfile but the dependency of the release to use specific variables like .Values.stage to specify the IAM role

rei avatar

I have an Idea and could push a MR as a proposal

2020-11-12

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

I plan to move these notifications to #releases

:--1:1
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

these are now moved.

2020-11-11

Release notes from helmfile avatar
Release notes from helmfile
12:46:26 AM

v0.134.1: Fix helmfile template --include-crds not to break with chartify (… f6bf885 (HEAD, tag: v0.134.1, origin/master, origin/HEAD, master) Fix helmfile template –include-crds not to break with chartify (<a class=”issue-link js-issue-link” data-error-text=”Failed to load title” data-id=”741161059”…

Release v0.134.1: Fix `helmfile template --include-crds` not to break with `chartify` (… · roboll/helmfile

f6bf885 (HEAD, tag: v0.134.1, origin/master, origin/HEAD, master) Fix helmfile template –include-crds not to break with chartify (#1583) 2857382 fix: support arm binaries (#1580) 972667f Mention o…

Fix `helmfile template --include-crds` not to break with `chartify` (… · roboll/[email protected]

…#1583) * Fix helmfile template --include-crds not to break with chartify This bumps variantdev/chartify to 0.4.9 so that we can incorporate https://github.com/variantdev/chartify/commit/fe

2020-11-09

Mykola avatar
Mykola

Hi Thanks for the great app. I have one question In release 0.132.1 was added skipDeps parameter. As our developers work on different helmfile version I’m trying to add something for backward compatibility with the older versions I’ve added to the helmfiles/common/helm-config.yaml

{{ if ge (exec "helmfile" (list "version" "|" "sed 's/^.*v//'")) "0.132.1" }}
  skipDeps: true
{{ end }}

It works with the current version but older still have an issue

: failed to read common/helm-config.yaml: reading document at index 1: yaml: unmarshal errors:
line 2: field skipDeps not found in type state.HelmState

Has anyone solved this issue? Thanks

voron avatar
voron

it’s better to keep helmfile updated all around, as long as you’re not blocked by some bug etc

voron avatar
voron

it’s just a tool, no need to pin version w/o reason.

voron avatar
voron

mumoshu bakes new features and fixes bugs really fast

:--1:1
rei avatar

Hi, I am interested in knowing how do you organize your IaaC. looking for ideas. Currently we are building our new k8s based infrastructure, thus requiring Terraform, helm, helmfiles and gitlab ci. which is a good pattern to combine all this elements? monorepo? repo with submodules? script/makefile magic? what if the helmfiles and charts repos also contain stuff for the infra and main application?

2020-11-08

Release notes from helmfile avatar
Release notes from helmfile
12:26:25 AM

v0.134.0: Bump dependencies (#1573) 709913b (HEAD, tag: v0.134.0, origin/master, origin/HEAD, master) Bump dependencies (<a class=”issue-link js-issue-link” data-error-text=”Failed to load title” data-id=”737365351” data-permission-text=”Title is private”…

Release v0.134.0: Bump dependencies (#1573) · roboll/helmfile

709913b (HEAD, tag: v0.134.0, origin/master, origin/HEAD, master) Bump dependencies (#1573) 88884b6 feat: helmfile template –skip-cleanup (#1570) 5a15b65 feat: Add helmfile apply –skip-cleanup (#…

Bump dependencies (#1573) · roboll/[email protected]

Bumps dependencies mainly to fix possible go mod error that is fixed via https://github.com/variantdev/vals/commit/0edd5343228b96e1ca5f3599f923fee0ff1fd0cb, but also bumps all the other dependencie…

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Just a heads up: we’ve published all of our new helmfiles that we’ve been using for the past year.

:--1:5
Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
cloudposse/helmfiles

Comprehensive Distribution of Helmfiles for Kubernetes - cloudposse/helmfiles

2020-11-06

Craig Dunford avatar
Craig Dunford

I was doing some reading the archives of sweetops and saw a discussion (looked like @Erik Osterman (Cloud Posse) was involved) about pulling off Blue/Green deployments with helmfile. I didn’t find the specific example that was discussed. Does anyone have any examples of executing Blue/Green deployments governed by helmfile ?

mumoshu avatar
mumoshu

I don’t have an example project right now but it shouldn’t be hard with flagger.

You will deploy flagger and your apps with helmfile. Flagger is configured to monitor your apps as “canary” k8s deployments, so that Flagger watches and mirrors your deployment, balances traffic between the older “stable” k8s deployments, and carries blue/green deployment.

Craig Dunford avatar
Craig Dunford

@mumoshu - do you have a link to flagger? I’m not familiar with it, but it sounds wonderful.

mumoshu avatar
mumoshu

here you are! https://flagger.app/

Flagger attachment image

Progressive delivery Kubernetes operator (Canary, A/B Testing and Blue/Green deployments)

2020-11-05

Release notes from helmfile avatar
Release notes from helmfile
01:16:24 AM

v0.132.3: Fix redundant helm-dep-build and prepare hook regression (#1566) bdbaa00 (HEAD, tag: v0.132.3, master) Fix redundant helm-dep-build and prepare hook regression (<a class=”issue-link js-issue-link” data-error-text=”Failed to load title” data-id=”735731920” data-permission-text=”Title is private”…

Release v0.132.3: Fix redundant helm-dep-build and prepare hook regression (#1566) · roboll/helmfile

bdbaa00 (HEAD, tag: v0.132.3, master) Fix redundant helm-dep-build and prepare hook regression (#1566) Build Info

2020-11-04

yuri avatar

hey guys, anyone using both helm2 and 3 with the same release files? im loading helmdefaults base in a release that should be installed with helm2 and 3 based on env how do i get rid of this when running with helm3?

executing "stringTemplate" at <.Values.tillerNamespace>: map has no entry for key "tillerNamespace"
yuri avatar

hmm solved it with leaving the tillerNamespace empty

tillerNamespace: ""
Release notes from helmfile avatar
Release notes from helmfile
01:06:24 AM

v0.132.3: Fix redundant helm-dep-build and prepare hook regression (#1566) Fixes #1511 Fixes <a class=”issue-link js-issue-link” data-error-text=”Failed to load title” data-id=”707725401” data-permission-text=”Title is private”…

prepare hooks executed on apply even if the release is not fit into selector · Issue #1511 · roboll/helmfile

Have upgraded from old version 0.82.0 to 0.130.0 and found that prepare hooks are not filtered by selectors any more and execute each time on apply/sync. According to README they should not execute…

Release notes from helmfile avatar
Release notes from helmfile
01:36:22 AM

v0.133.0: feat: Add helmfile template --include-crds (#1568) 6b86408 (HEAD, tag: v0.133.0, origin/master, origin/HEAD, master) feat: Add helmfile template –include-crds (<a class=”issue-link js-issue-link” data-error-text=”Failed to load title” data-id=”736498829” data-permission-text=”Title is…

Release v0.133.0: feat: Add `helmfile template --include-crds` (#1568) · roboll/helmfile

6b86408 (HEAD, tag: v0.133.0, origin/master, origin/HEAD, master) feat: Add helmfile template –include-crds (#1568) Build Info

feat: Add `helmfile template --include-crds` (#1568) · roboll/[email protected]

This allows you to use helmfile-template output as a GitOps source, when the template output contains CRDs and you use Helm 3. Helm 3 by default removes CRDs from the template output. If you wan…

2020-11-03

Joaquin Menchaca avatar
Joaquin Menchaca
02:55:59 PM

How’s this for a logo? (I didn’t make it, got it from codefresh)

voron avatar
voron

it’s too much of helm, and too few of helmfile, imho

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Here’s what I use in my slides…

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
12:03:03 AM
J Alkjær avatar
J Alkjær

Hi All, as part of our git-ops pipeline we run helmfile lint. We have just added a remote chart (stable/spark-operator) but the linter pukes with

templates/crds.yaml: the kind "[apiextensions.k8s.io/v1beta1> CustomResourceDefinition" is deprecated in favor of "<http://apiextensions.k8s.io/v1|apiextensions.k8s.io/v1](http://apiextensions\.k8s\.io/v1beta1) CustomResourceDefinition"

Besides forking / self-hosting the chart with a fix, what options do we have (version is “hardcoded” in the crd.yaml)? Is there a way to configure the linter rules pr release (couldn’t find a way to pass args to helm lint) - or simply disable linting that specific release

roth.andy avatar
roth.andy
spark-gcp 2.4.0 · operator-framework/community-operators attachment image

Apache Spark is a unified analytics engine for large-scale data processing.

J Alkjær avatar
J Alkjær
helm/charts

Curated applications for Kubernetes. Contribute to helm/charts development by creating an account on GitHub.

roth.andy avatar
roth.andy

I wonder if the one I linked will have the problem too. The Incubator repo usually isn’t the best when you are trying to find something reliable

J Alkjær avatar
J Alkjær

Will take a look on the one spark-gcp (although we are not running in gcp and use Spark 3)

J Alkjær avatar
J Alkjær

Its actually the same: The opertaor code is at https://github.com/GoogleCloudPlatform/spark-on-k8s-operator

GoogleCloudPlatform/spark-on-k8s-operator

Kubernetes operator for managing the lifecycle of Apache Spark applications on Kubernetes. - GoogleCloudPlatform/spark-on-k8s-operator

roth.andy avatar
roth.andy

I’m not seeing anything that locks it to GCP

roth.andy avatar
roth.andy

but idk, haven’t looked that hard

J Alkjær avatar
J Alkjær

Forget what I wrote last - the charts may of course be diff.

J Alkjær avatar
J Alkjær

Ah - the operator hub link is just for the operator and doesn’t appear to include a Chart

J Alkjær avatar
J Alkjær

Found a workaround - I will simply add a label “skiplint: true” and run helmfile -l 'skiplint!=true' lint

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)
04:46:58 PM

Also, note…

J Alkjær avatar
J Alkjær

Thanks for the heads up - I’m running helm 3.4.0 so I have already swapped stable and incubator to charts.helm.sh since it kept nagging me about it

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

though if you’re using a chart based on <https://github.com/helm/charts/tree/master/incubator/sparkoperator> (as above), the entire <https://github.com/helm/charts/> repo will be archived, and incapable of receiving updates.

Curtis Ruck avatar
Curtis Ruck

is there a good way to gather data from charts already deployed to feed as values into subsequent charts? via hooks or something? use case is one chart deployment generates a uuid we need to pull to provide to a subsequent chart in values

voron avatar
voron

can’t you just generate uuid outside of deployment and just provide generated UUID to deployment to use it ?

Curtis Ruck avatar
Curtis Ruck

we are doing that for most of them that we need, but it doesn’t work for all cases as the first chart doesn’t expose the ability to set all of them

Curtis Ruck avatar
Curtis Ruck

in another case, sometimes its more than just uuid’s, some charts generate secrets during first install, and it would be nice to pull those in for subsequent charts

voron avatar
voron

well, you may wrap anything in exec | get

voron avatar
voron

but it may be tricky to wait for external value generation

Release notes from helmfile avatar
Release notes from helmfile
12:46:25 AM

v0.132.2: Fix helmfile --selector x=y template with needs (#1564) 87e86dc (HEAD, tag: v0.132.2, origin/master, origin/HEAD, master) Fix helmfile –selector x=y template with needs (<a class=”issue-link js-issue-link” data-error-text=”Failed to load title” data-id=”734095869” data-permission-text=”Title…

Release v0.132.2: Fix `helmfile --selector x=y template` with `needs` (#1564) · roboll/helmfile

87e86dc (HEAD, tag: v0.132.2, origin/master, origin/HEAD, master) Fix helmfile –selector x=y template with needs (#1564) 995b201 mention Arch Linux support (#1549) Build Info

Fix `helmfile --selector x=y template` with `needs` (#1564) · roboll/[email protected]

I had mistakenly inverted the necessary flag to turn off the legacy processing on selectors that should be used only for helmfile commands that does not support DAGs/needs. Fixes #1552

    keyboard_arrow_up