Helm is a package manager for Kubernetes. Package managers automate the process of installing, configuring, upgrading, and removing computer programs. Examples include the Red Hat Package Manager (RPM), Homebrew, and Windows® PackageManagement.
An application in Kubernetes typically consists of at least two resource types: a deployment resource, which describes a set of pods to be deployed together, and a service resource, which defines endpoints for accessing the APIs in those pods. In additional to a deployment and a service, an application will typically include other Kubernetes resource types such as ConfigMaps, Secrets, and Ingress.
For any application in Kubernetes, you will need to run several Kubernetes commands (kubectl
) to create and configure resources. With Helm, instead of manually creating each resource separately, you can create many resources with one command (helm install
). This greatly simplifies the process and allows you to manage the related resources as a single unit called a Helm chart.
Helm charts are stored in a Helm chart repository, which is an HTTP server that houses packaged charts and an index.yaml
file. The index.yaml
file has an index of all the charts in the repository. A chart repository can be any HTTP server that can serve YAML and .tar files and can answer GET HTTP requests. Therefore, you have many options for hosting your chart repository such as a Google Cloud Storage bucket, an Amazon S3 bucket or you can create your own web server. For this lab, we will be using a local test repository provided by Helm to test the hosting of a chart repository.
In this lab you'll create a Helm chart repository and use it to deploy a small Java EE app to the IBM Cloud Kubernetes Service using the open source Helm CLI.
- Let's log into the kubernetes cluster. From the web terminal, enter the following command:
ibmcloud login -sso
- When asked about opening the url in a browser enter n
-
Then, click on the link for the one time code. This will open up a new browser window for you to log into IBM Cloud, if you aren't logged in already. After logging in, you will be taken to a page with a one time passcode.
-
Copy the one time code.
-
Go back to your terminal and paste in the code that you copied and press enter. Since this input is masked for privacy, you will not see the characters appear.
-
If asked to select an account, enter the number for the "Sprint PoC" account
-
When asked to select a region, select the number for us-south.
-
If asked to update, enter n
Now that we are authenticated with IBM Cloud, we need to get the connection information for our cluster
- Run the following command to set your environment variable for your cluster name, replacing your_cluster_name_here with the name of your cluster:
export CLUSTER_NAME=your_cluster_name_here
- Enter the following command to get the cluster configuration:
ibmcloud ks cluster config $CLUSTER_NAME
- Then copy the yellow export command that appears in your terminal, paste it back into your terminal, and press enter.
Now that we are authenticated with the cluster, we can use the Kubernetes CLI (kubectl) to interact with our cluster.
- Next let's install helm. Run the following commands:
kubectl create serviceaccount --namespace kube-system tiller
kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
helm init --upgrade
kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
Step 1: Build an Open Liberty image of the app and then push it to the IBM Cloud Kubernetes container registry
-
Build the application .ear file using Maven by typing in (or copying and pasting in) the following command
mvn package
-
Build a docker image by typing in (or copying and pasting in) the following (uncommented) commands
Note: if you don't have the environment variables in the command set, replace $CRNAMESPACE with your container registry namespace and $USERNAME with your lab user id.
Run the following commands, replacing lab_username with your lab username
export CRNAMESPACE=sprint-workshop export USERNAME=lab_username
Then run the following command to build a docker image
docker build -t us.icr.io/$CRNAMESPACE/$USERNAME/pbw-mariadb-web:1.0.0 .
-
Log in to the Container registry with the following command:
ibmcloud cr login
-
Push the image to the IBM Container registry by typing in (or copying and pasting in) the following (uncommented) commands
Note: if you don't have the environment variables in the command set, replace $CRNAMESPACE with your container registry namespace and $USERNAME with your lab user id.
docker push us.icr.io/$CRNAMESPACE/$USERNAME/pbw-mariadb-web:1.0.0
-
Login in your Github account
-
Select your fork of the repository app-modernization-plants-by-websphere-jee6 that you forked in the previous lab.
-
Using the Github's UI file browser to take a look at the files in the chart folder. This is a Helm chart with child charts for the web app and MariaDB portions of the app. Since there already is a published chart for MariaDB, it is listed as a required child chart in the file requirements.yaml and you don't have to create a chart for the MariaDB portion of the app.
-
From your web terminal type in (or copy and paste in) the following (uncommented) commands
# Fetch required MariaDB chart helm repo add ibmcom https://raw.githubusercontent.com/IBM/charts/master/repo/stable helm dependency update chart/pbw-liberty-mariadb # Generate the chart archive. helm package chart/pbw-liberty-mariadb -d ~/.helm/repository/local
-
In your terminal window type the following command, to start the local test Helm repository substituting for [PORT_NUMBER]. If you're using a web based terminal as part of an IBM instructor led workshop, use a port number derived from your username so it will be unique and not conflict with other users. The pattern is
90 + USER_NUMBER
. For example if your username isuser23
use port9023
, if your username isuser09
use port9009
and so on. If you're using a terminal on your own machine use any free port number.helm serve --address 127.0.0.1:[PORT_NUMBER] &
Then press enter.
-
In your terminal window type the following command. Verify that the contents of index.yaml are returned and it contains the chart archive you just added. Use the same port number you used in the previous instruction.
curl http://127.0.0.1:[PORT_NUMBER]/charts/index.yaml
-
In your terminal window type the following command, substituting your terminal user for [YOUR_USERNAME]. Note: Helm charts can be deployed multiple times but each deployment must have a unique name
Note: if you don't have the environment variables in the command set, replace $CRNAMESPACE with your container registry namespace and $USERNAME with your lab user id.
helm install --name pbw-liberty-mariadb --set liberty.image.registry=us.icr.io \ --set liberty.image.namespace=$CRNAMESPACE/$USERNAME local/pbw-liberty-mariadb
You'll use the following commands to get the endpoint and port number of your deployed Helm release.
-
Run the following command to get the port number of your deployed app
echo `kubectl --namespace default get service pbw-liberty-mariadb-liberty -o jsonpath='{.spec.ports[0].nodePort}'`
-
Run the following command to get the external IP address of the first worker node in your cluster
ibmcloud ks workers $CLUSTER_NAME | grep -v '^*' | egrep -v "(ID|OK)" | awk '{print $2;}' | head -n1
-
In your browser's address bar enter the URL of your deployed app. To find the app URL, enter the following commands
nodeip=$(bx cs workers $CLUSTER_NAME | grep -v '^*' | egrep -v "(ID|OK)" | awk '{print $2;}' | head -n1)
port=$(kubectl --namespace default get service pbw-liberty-mariadb-liberty -o jsonpath='{.spec.ports[0].nodePort}')
echo "http://${nodeip}:${port}"
Click on the address in the terminal to be taken to the app.
- Verify that the app's UI opens in another tab. Click on the HELP link.
-
Click on Reset database to populate the MariaDB database with data
-
Verify that browsing different sections of the online catalog shows product descriptions and images.
With even small simple apps requiring multiple Kubernetes objects, Helm charts greatly simplify the process of distributing and updating your Kubernetes based apps. Helm repos allow you to distribute your Helm charts via HTTP, further simplifying the process of distributing and deploying your apps.
Continue on to the next lab, building a CI/CD pipeline in Jenkins.