Hey, Helm, can you scale? @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 1
Slide 2
About me @jbaruch
Slide 3
Shownotes • https://jfrog.com/shownotes • The slides • The video (by tomorrow) • All the links • Comments, ratings • Raffle! @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 4
Poll time! Let’s calibrate the level first @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 5
Helm what? • Heard about Helm • Played a bit with Helm • Using Helm in non-prod environments • Using Helm in production • I wrote this thing @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 6
What the helm is helm? Dependency manager for Kubernetes @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 7
How to deploy anything to k8s • Copy YAML • Paste YAML • Fix indents • Repeat @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 8
Kubernetes resource { "kind": "Deployment", "apiVersion": "extensions/v1beta1", "metadata": { "name": "my-release-docker-app-chart" }, "spec": { "containers": [ { "name": "docker-app-chart", "image": "docker.artifactory/docker-app:1.0", @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 9
Let’s build a new one! > docker build –t docker.artifactory/docker-app:1.1 @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 10
One last thing… > sed –i.bak s#docker.artifactory/docker-app:1.1#${imageTag}# deployment.yaml
@jbaruch
#DevOpsCon18
@HelmPack
jfrog.com/shownotes
Slide 11
@jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 12
Or just use :latest "image": "docker.artifactory/docker-app:latest" @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 13
Enter helm @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 14
Encapsulated packages of Kubernetes deployments All this… Becomes this xrayxray-analysis xray-event xray-indexer xray-nfs-server xray-persist xray @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 15
Powerful templating for descriptor files { "kind": "Deployment", "apiVersion": "extensions/v1beta1", "metadata": { "name": "{{ template "docker-app.fullname" . }}" }, "spec": { "containers": [ { "name": "{{ template "docker-app.name" . }}", "image": "{{ .Values.image.repository }}: {{ .Values.image.tag }}" @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 16
Values: # Default values for docker-app. # This is a YAML-formatted file. # Declare name/value pairs to be passed into your templates. image: repository: docker.artifactory/docker-app tag: 1.1 secretName: regsecret pullPolicy: Always @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 17
Simple! • Templates • Values • Metadata @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 18
Chart < -> image relationship • Using templates we can reuse charts for multiple image tags • Chart versions != Image tags • Or are they…? @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 19
Kubernetes cluster control @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 20
Two parts Helm client • Local chart development • Managing repositories • Interacting with the Tiller server @jbaruch #DevOpsCon18 Tiller Server • Listening for incoming requests from the Helm client • Combining a chart and configuration to build a release • Installing charts into Kubernetes, and then tracking the subsequent release • Upgrading and uninstalling charts by interacting with Kubernetes @HelmPack jfrog.com/shownotes
Slide 21
Helm commands > helm > helm > helm > helm > helm init search install status repo @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 22
Helm repositories • Official repository - kubeapps.com @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 23
@jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 24
Helm repositories • Official repository - kubeapps.com • Get a local one! • Option 1: Create your own: • Run an http server with index.yaml • Run helm repo index to generate one the index • Option 2: Use JFrog Artifactory (or others) • Kubernetes Registry which supports Helm, containers, and everything inside them @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 25
Helm 3 • No tiller (who needs it anyway) • Lua instead of YAML @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 26
Software engineering venn diagram SOFTWARE I KNOW REALLY WELL SOFTWARE I LIKE @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 27
What Dependency managers and printers have in common? @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 28
@jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 29
@jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 30
7 deadly sins of package managers 1. 2. 3. 4. 5. 6. 7. Over-architecture Not thinking of enterprise scenarios Having downloadable index Cross-site dependency resolution loopholes Author authentication done wrong Version management (or lack of thereof) Using wrong place for central registry (and hardcoding it!) @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 31
7 deadly sins of package managers 1. 2. 3. 4. 5. 6. 7. Over-architecture Not thinking of enterprise scenarios Having downloadable index Cross-site dependency resolution loopholes Author authentication done wrong Version management (or lack of thereof) Using wrong place for central registry (and hardcoding it!) @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 32
Enterprise scenarios • In-house registry • User authentication and authorization • org/project/team segmentation with central management • Promotion pipelines @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 33
@jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 34
Downloadable index? • Pros: • Simple server • Offline search (not sure how it’s useful?) • Offload the search off the server to spare computer power @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 35
Downloadable index? • Pros: • Simple server • Offline search (not sure how it’s useful?) • Offload the search off the server to spare computer power • Cons: • Trends to become obsolete • Index is a bottleneck (specially if done wrong) @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 36
Let’s run some tests on 120k of charts… @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 37
120k of charts?! • True, you can reuse same charts for different image tags • What will be the value in values.yaml? • LATEST probably • Every time you run you have to specify the image tag @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 38
120k of charts?! • True, you can reuse same charts for different image tags • What will be the value in values.yaml? • LATEST probably • Every time you run you have to specify the image tag @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 39
You’ll have a Cartesian product of charts from the all the tags of all the images in the charts. That’s a lot of charts. @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 40
Index bottlenecks docker run -m=512m -it alpine-helm helm repo add helm-prod $helm-repo @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 41
How can we fix it? • gzip index in transit • Fixes some of the issues • Distribute the index @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 42
@jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 43
Divide and conquer! • Main index: list of apps (with latest version) • artifactory:5.8.3 • App index: list of versions (and app-level metadata) • • • • description maintainers keywords sources • Version index: the details of the version • • • • appVersion created digest url @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 44
Structured index requires structured repository • Layout! • Repo • App • ver1 • ver2 • This complicates the push! • We used to just upload the file! • See debs (or don’t) @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 45
Let’s talk about push @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
Slide 46
Q&A and Twitter ads • @jbaruch • #DevOpsCon18 • @HelmPack • https://jfrog.com/shownotes @jbaruch #DevOpsCon18 @HelmPack jfrog.com/shownotes
