Skip to main content

Helm alternative

Picture of Maciej Olesiński, null

Maciej Olesiński

Nov 2, 2018|5 min read
virtuslab-header

This is a follow-up to a great post “Think twice before using Helm”. Recently we’ve had a lot of questions about what could be an alternative to Helm. In this blog post I will try to show you an alternative.

Image Alt

What do we need

To download render application visit:
https://github.com/VirtusLab/render

Helm Chart that is interesting for us — can be downloaded here:
https://github.com/helm/charts

How to do it — TL/DR

  • Get Chart you are interested in.
  • Remove unneeded stuff from both directory structure and files.
  • Merge all templates into one — following desired resource creation order (optional but recommended).
  • Render the newly created template file with desired config file(s).
  • Commit to your VCS (optional but recommended).
  • Deploy to Kubernetes
  • Feel good!

How to do it —instructions in more details

Let’s convert a Helm Chart to plain Kubernetes manifest template. As an example we will use kube2iam Chart.
Let’s have a look what can be found in typical Chart directory:

Image Alt

To create valid Kubernetes manifest we only need these files:

  • clusterrole.yaml
  • clusterrolebinding.yaml
  • daemonset.yaml
  • secret.yaml
  • serviceaccount.yaml

and a confog file:

  • values.yaml

Now we can merge them into single file (ensure resource creation order as a good practice):

Next step for our newly created template file is to remove stuff that is not needed anymore. All Helm specific variables should be removed since we do not need them.

These would be variables and functions using:

Be aware that this is a quick workaround. I strongly recommend to make these changes manually so you can make sure you are not introducing any breaking changes or leaving leftovers in the template file.

Search for .Capabilities in template and remove it since this is pure Helm functionality.

{{ template "kube2iam.name" }} and {{ template "kube2iam.fullname" }} can be changed to .Name and .FullName.

Finally all configuration variables are passed without the `.Values` prefix. This means you can remove it from your new manifest template by running the following command (again, please use this command with caution and review the results):

After all modifications we get a nice and clean kube2iam.yaml.tmpl manifest template which should look like this:

Now we can render our template to a valid Kubernetes manifest:

This will output rendered file kube2iam.yaml.tmpl to kube2iam.yaml file which can be deployed to Kubernetes:

From now on, we can live a happy and prosperous Helm-free life.

Summary

Using simple rendering as a part of deployment process has a lots of benefits, but on the other hand you have to be aware of some of the more advanced Helm functionalities you lose with a simple renderer.

Pros:

  • simple deployment process with full visibility and useful audit logs
  • using native Kubernetes authorization mechanism (RBAC)
  • no more tiller server security issues (one giant sudo server)
  • no separate state in ConfigMap and Etcd
  • client side, transparent, git friendly rendering

Cons:

  • no complex Helm features like hooks
  • no Helm dependency management
  • no automatic removal of resources (kubectl diff might be helpful here)
Previous article
Next article

Explore more topics

Cloud_security_policies_in_GCP_How_to_set_them_up_using_Terraform_image

Cloud security policies in GCP: How to set them up using Terraform

Image Alt

What is platform engineering and its role in modern IT

E2e_infrastructure_testing_in_Terraform_How_to_make_scripts_reproducible_and_reliable_image

E2e infrastructure testing in Terraform: How to make scripts reproducible and reliable