Where the Helm are your binaries?

Join.jfrog.com

About me @ jbaruch

shownotes • www.jfrog.com / shownotes • Slides • Video (tomorrow!) • All the links! • Ratings, comments • Raffle! @jbaruch www.jfrog.com/shownotes

What the helm is helm? Dependency manager for Kubernetes @jbaruch www.jfrog.com/shownotes

How to deploy anything to k8s • Copy YAML • Paste YAML • Fix indents • Repeat @jbaruch www.jfrog.com/shownotes

Kubernetes resource { "kind" : "Deployment" , " apiVersion " : "extensions/v1beta1" , "metadata" : { "name" : "my

release

docker

app

chart" }, "spec" : { "containers" : [ { "name" : " docker

app

chart" , "image" : " docker.artifactory /docker

app:1.0" , @jbaruch www.jfrog.com/shownotes

Let’s build a new one!

docker build – t docker.artifactory /docker

app:1.1 @jbaruch www.jfrog.com/shownotes

One last thing…

sed – i.bak ` s#docker.artifactory /docker

app:1.1#${ imageTag }#` deployment.yaml @jbaruch www.jfrog.com/shownotes

@jbaruch www.jfrog.com/shownotes

Or just use :latest "image" : " docker.artifactory / docker

app:latest " @jbaruch www.jfrog.com/shownotes

Enter helm @jbaruch www.jfrog.com/shownotes

Encapsulated packages of Kubernetes deployments All this… xrayxray

analysis xray

event xray

indexer xray

nfs

server xray

persist Becomes this xray @jbaruch www.jfrog.com/shownotes

Powerful templating for descriptor files { "kind" : "Deployment" , " apiVersion " : "extensions/v1beta1" , "metadata" : { "name" : "{{ template " docker

app.fullname " . }}" }, "spec" : { "containers" : [ { "name" : "{{ template " docker

app.name " . }}" , "image" : "{{ . Values.image.repository }}: {{ . Values.image.tag }}" @jbaruch www.jfrog.com/shownotes

Values:

Default values for

docker

app.

This is a YAML

formatted file.

Declare name/value pairs to be passed into your templates.

image : repository : docker.artifactory / docker

app tag : 1.1 secretName : regsecret pullPolicy : Always @jbaruch www.jfrog.com/shownotes

Simple! • Templates • Values • Metadata @jbaruch www.jfrog.com/shownotes

Chart <

image relationship • Using templates we can reuse charts for multiple image versions • Chart versions != Image versions @jbaruch www.jfrog.com/shownotes

Kubernetes cluster control @jbaruch www.jfrog.com/shownotes

Two parts Helm client • Local chart development • Managing repositories • Interacting with the Tiller server Tiller Server • Listening for incoming requests from the Helm client • Combining a chart and configuration to build a release • Installing charts into Kubernetes, and then tracking the subsequent release • Upgrading and uninstalling charts by interacting with Kubernetes @jbaruch www.jfrog.com/shownotes

Helm commands

helm init

helm search

helm install

helm status

helm repo @jbaruch www.jfrog.com/shownotes

Helm repositories • Official repository

kubeapps.com @jbaruch www.jfrog.com/shownotes

@jbaruch www.jfrog.com/shownotes

Helm repositories • Official repository

kubeapps.com • Get a local one! • Option 1: Create your own: • Run an http server with index.yaml • Run helm repo index to generate one the index • Option 2: Use JFrog Artifactory • Universal Artifact Repository which supports Docker, Helm and everything else @jbaruch www.jfrog.com/shownotes

What Dependency managers and printers have in common? @jbaruch www.jfrog.com/shownotes

@jbaruch www.jfrog.com/shownotes

@jbaruch www.jfrog.com/shownotes

Seven deadly sins of package managers 1. Over

architecture 2. Lack of planning for enterprise scenarios (e.g., no private repositories, won’t scale, etc.) 3. Downloadable index 4. CSDR (cross

site dependency resolution) loopholes 5. Lack of proper package authentication 6. Lack of version management 7. Using the wrong service for the central registry (and hard

coding it) @ jbaruch www.jfrog.com / shownotes

Seven deadly sins of package managers 1. Over

architecture 2. Lack of planning for enterprise scenarios (e.g., no private repositories, won’t scale, etc.) 3. Downloadable index 4. CSDR (cross

site dependency resolution) loopholes 5. Lack of proper package authentication 6. Lack of version management 7. Using the wrong service for the central registry (and hard

coding it ) @ jbaruch www.jfrog.com / shownotes

Tiller is a pain • Back in the days we had a good reason for Tiller • Pre

RBAC days in k8s • Now it is just PITA • Good news: you can use Helm without Tiller today! • Also, Helm 3 is tillerless @jbaruch www.jfrog.com/shownotes

Downloadable index @jbaruch www.jfrog.com/shownotes

How bad can it be? @jbaruch www.jfrog.com/shownotes

Why in the world you need 120k or charts?! @jbaruch www.jfrog.com/shownotes

Use Artifactory: Take your metadata seriously Where the helm is my binary? @jbaruch www.jfrog.com/shownotes

The Age of Binaries IoT Docker Microservices DevOps CD CI Agile 2001 2018

Who cares about those binaries anyway? @jbaruch www.jfrog.com/shownotes

@jbaruch www.jfrog.com/shownotes

@jbaruch www.jfrog.com/shownotes

@jbaruch www.jfrog.com/shownotes

@jbaruch www.jfrog.com/shownotes

@jbaruch www.jfrog.com/shownotes

@jbaruch www.jfrog.com/shownotes

@jbaruch www.jfrog.com/shownotes

@jbaruch www.jfrog.com/shownotes

@jbaruch www.jfrog.com/shownotes

Demo time Talk is cheap, show me the code! @jbaruch www.jfrog.com/shownotes

QA and links • www.jfrog.com / shownotes • Slides • Video (tomorrow!) • All the links! • Ratings, comments • Raffle! @jbaruch www.jfrog.com/shownotes