Skip to content

Latest commit

 

History

History
170 lines (116 loc) · 5.97 KB

glossary.md

File metadata and controls

170 lines (116 loc) · 5.97 KB

Helm Glossary

Helm uses a few special terms to describe components of the architecture.

Chart

A Helm package that contains information sufficient for installing a set of Kubernetes resources into a Kubernetes cluster.

Charts contain a Chart.yaml file as well as templates, default values (values.yaml), and dependencies.

Charts are developed in a well-defined directory structure, and then packaged into an archive format called a chart archive.

Chart Archive

A chart archive is a tarred and gzipped (and optionally signed) chart.

Chart Dependency (Subcharts)

Charts may depend upon other charts. There are two ways a dependency may occur:

  • Soft dependency: A chart may simply not function without another chart being installed in a cluster. Helm does not provide tooling for this case. In this case, dependencies may be managed separately.
  • Hard dependency: A chart may contain (inside of its charts/ directory) another chart upon which it depends. In this case, installing the chart will install all of its dependencies. In this case, a chart and its dependencies are managed as a collection.

When a chart is packaged (via helm package) all of its hard dependencies are bundled with it.

Chart Version

Charts are versioned according to the SemVer 2 spec. A version number is required on every chart.

Chart.yaml

Information about a chart is stored in a special file called Chart.yaml. Every chart must have this file.

Helm (and helm)

Helm is the package manager for Kubernetes. As an operating system package manager makes it easy to install tools on an OS, Helm makes it easy to install applications and resources into Kubernetes clusters.

While Helm is the name of the project, the command line client is also named helm. By convention, when speaking of the project, Helm is capitalized. When speaking of the client, helm is in lowercase.

Helm Home (HELM_HOME)

The Helm client stores information in a local directory referred to as helm home. By default, this is in the $HOME/.helm directory.

This directory contains configuration and cache data, and is created by helm init.

Kube Config (KUBECONFIG)

The Helm client learns about Kubernetes clusters by using files in the Kube config file format. By default, Helm attempts to find this file in the place where kubectl creates it ($HOME/.kube/config).

Lint (Linting)

To lint a chart is to validate that it follows the conventions and requirements of the Helm chart standard. Helm provides tools to do this, notably the helm lint command.

Provenance (Provenance file)

Helm charts may be accompanied by a provenance file which provides information about where the chart came from and what it contains.

Provenance files are one part of the Helm security story. A provenance contains a cryptographic hash of the chart archive file, the Chart.yaml data, and a signature block (an OpenPGP "clearsign" block). When coupled with a keychain, this provides chart users with the ability to:

  • Validate that a chart was signed by a trusted party
  • Validate that the chart file has not been tampered with
  • Validate the contents of a chart metadata (Chart.yaml)
  • Quickly match a chart to its provenance data

Provenance files have the .prov extension, and can be served from a chart repository server or any other HTTP server.

Release

When a chart is installed, Tiller (the Helm server) creates a release to track that installation.

A single chart may be installed many times into the same cluster, and create many different releases. For example, one can install three PostgreSQL databases by running helm install three times with a different release name.

(Prior to 2.0.0-Alpha.1, releases were called deployments. But this caused confusion with the Kubernetes Deployment kind.)

Release Number (Release Version)

A single release can be updated multiple times. A sequential counter is used to track releases as they change. After a first helm install, a release will have release number 1. Each time a release is upgraded or rolled back, the release number will be incremented.

Rollback

A release can be upgraded to a newer chart or configuration. But since release history is stored, a release can also be rolled back to a previous release number. This is done with the helm rollback command.

Importantly, a rolled back release will receive a new release number.

Operation Release Number
install release 1
upgrade release 2
upgrade release 3
rollback 1 release 4 (but running the same config as release 1)

The above table illustrates how release numbers increment across install, upgrade, and rollback.

Tiller

Tiller is the in-cluster component of Helm. It interacts directly with the Kubernetes API server to install, upgrade, query, and remove Kubernetes resources. It also stores the objects that represent releases.

Repository (Repo, Chart Repository)

Helm charts may be stored on dedicated HTTP servers called chart repositories (repositories, or just repos).

A chart repository server is a simple HTTP server that can serve an index.yaml file that describes a batch of charts, and provides information on where each chart can be downloaded from. (Many chart repositories serve the charts as well as the index.yaml file.)

A Helm client can point to zero or more chart repositories. By default, Helm clients point to the stable official Kubernetes chart repository.

Values (Values Files, values.yaml)

Values provide a way to override template defaults with your own information.

Helm Charts are "parameterized", which means the chart developer may expose configuration that can be overridden at installation time. For example, a chart may expose a username field that allows setting a user name for a service.

These exposed variables are called values in Helm parlance.

Values can be set during helm install and helm upgrade operations, either by passing them in directly, or by uploading a values.yaml file.