Install Helm charts in a Space

This topic tells you how to install Helm charts in a Space.

Helm applications on Spaces give you flexibility in deploying, promoting, and managing application workloads packaged as Helm charts. Helm applications enable you to use your existing build-tooling investments while benefiting from the features of Tanzu Platform for Kubernetes to streamline deployment and maximize efficiency.

Prepare your application environment for Helm

The following sections describe how to prepare your environment for the helm application.

Before you begin

Before you can create a Helm-enabled Space, ensure that you have the following:

• Infrastructure in Tanzu Platform for Kubernetes, which includes:

  • A Project in your organization
  • A run cluster group in the Project
  • A cluster in the cluster group to run your packaged application
  • Availability Targets configured in the Project

  For information about how to create a cluster group, cluster, and Availability Targets, see Set up the infrastructure to create an application environment.

Install the Flux CD Source Capability

To install the Flux CD Source Capability:

1. Go to Application Spaces > Capabilities.
2. Click the FluxCD Source Controller Capability.
3. Click install on the Details page.
4. Click the clustergroup that has the cluster part of the Availability Target.

Install the Flux CD Helm Capability

To install the Flux CD Helm Capability:

1. Go to Application Spaces > Capabilities.
2. Click the FluxCD Helm Controller Capability.
3. Click install on the Details page.
4. Click the clustergroup that has the cluster part of the Availability Target.

Create a Space

To create a Space:

1. Go to Application Spaces > Spaces.
2. Click Create Space and then click Step by step.
3. Fill in the necessary details, including the Space name and the Availability Target.

4. Select the fluxcd-helm.tanzu.vmware.com Profile. This Profile includes two Helm-related Capabilities and a single Trait that introduces the fluxcd-helmrelease-installer ServiceAccount with the following permissions. All the permissions are verbs for resources:

   • ConfigMap
   • Deployment
   • Pod
   • PodDisruptionBudget
   • ReplicaSet
   • Secret
   • ServiceAccount
   • Service

5. Add the my-custom-networking Profile.

6. Add api-gateway.spring.tanzu.vmware.com as a required Trait to the my-custom-networking Profile.
7. (Optional) Add the spring-dev.tanzu.vmware.com Profile. If you add the spring-dev Trait, api-gateway.spring.tanzu.vmware.com is not needed.
8. Finish the Space creation process.

Deploy Helm Chart

The following sections instruct how to deploy the podinfo Helm chart to a newly created Space.

Create Helm configuration

To create Helm configuration:

1. Define the location of the Helm chart through the GitRepository, HelmRepository, and OCIRepository APIs that the Flux CD Source Controller package provides. Use the following YAML to reference the standard Helm repository location:

   # helmrepository.yaml
   apiVersion: source.toolkit.fluxcd.io/v1
   kind: HelmRepository
   metadata:
     name: podinfo
   spec:
     interval: 5m
     url: https://stefanprodan.github.io/podinfo
   

   For more information about these APIs, see the Source Controller documentation.

2. The HelmRelease API enables continuous server-side orchestration of Helm releases through Helm actions, such as install, upgrade, test, uninstall, and rollback. This API also enables correction of configuration drift from the wanted release state.

   Choose which Helm chart to install (fetched from the referenced repository) and provide configuration values. For example:

   # helmrelease.yaml
   apiVersion: helm.toolkit.fluxcd.io/v2
   kind: HelmRelease
   metadata:
     name: podinfo
   spec:
     serviceAccountName: fluxcd-helmrelease-installer
     interval: 10m
     timeout: 5m
     chart:
       spec:
         chart: podinfo
         version: '6.5.4'
         sourceRef:
           kind: HelmRepository
           name: podinfo
         interval: 5m
     releaseName: podinfo
     install:
       remediation:
         retries: 3
     upgrade:
       remediation:
         retries: 3
     valuesFrom:
       - kind: Secret
         name: podinfo-values
   

3. Use the following YAML to define your secret:

   # podinfo-values.yaml
   apiVersion: v1
   kind: Secret
   metadata:
     name: podinfo-values
   type: Opaque
   stringData:
     values.yaml: |
       replicaCount: 3
   

4. To expose the podinfo application, use HTTPRoute API as in this example:

   # route.yaml
   apiVersion: gateway.networking.k8s.io/v1beta1
   kind: HTTPRoute
   metadata:
     name: podinfo-main
     annotations:
       healthcheck.gslb.tanzu.vmware.com/service: podinfo
       healthcheck.gslb.tanzu.vmware.com/path: /
       healthcheck.gslb.tanzu.vmware.com/port: "9898"
   spec:
     parentRefs:
     - group: gateway.networking.k8s.io
       kind: Gateway
       name: default-gateway
       sectionName: http-podinfo
     rules:
     - backendRefs:
       - group: ""
         kind: Service
         name: podinfo
         port: 9898
         weight: 1
       matches:
       - path:
           type: PathPrefix
           value: /
   

Your directory structure now looks like this:

> tree
.
├── helmrelease.yaml
├── helmrepository.yaml
├── podinfo-values.yaml
└── route.yaml

Deploy Helm resources

To deploy Helm resources:

1. In the context of your Space, run:

   tanzu space use
   
   tanzu deploy --only .
   

2. To verify that the Helm chart was downloaded successfully, view the status of HelmRepository by running:

   kubectl get srs -l "resource-name=podinfo,kind=HelmRepository" -oyaml
   ...
             .status:
               artifact:
                 digest: sha256:e09ebbeaf866d6c135bc52af01b736af10f604480fb10c89e4679e708cbd86dc
                 lastUpdateTime: "2024-05-14T01:04:11Z"
                 path: helmrepository/helm-565df78945-6h5kq/podinfo/index-604cc6699bc91ac6015f7324a41f43f079a5b96d559c51bcf812e9d9f1beda94.yaml
                 revision: sha256:604cc6699bc91ac6015f7324a41f43f079a5b96d559c51bcf812e9d9f1beda94
                 size: 66394
                 url: http://fluxcd-source-controller.flux-system.svc.cluster.local./helmrepository/helm-565df78945-6h5kq/podinfo/index-604cc6699bc91ac6015f7324a41f43f079a5b96d559c51bcf812e9d9f1beda94.yaml
               conditions:
               - lastTransitionTime: "2024-05-14T01:04:11Z"
                 message: 'stored artifact: revision ''sha256:604cc6699bc91ac6015f7324a41f43f079a5b96d559c51bcf812e9d9f1beda94'''
                 observedGeneration: 1
                 reason: Succeeded # <---
                 status: "True"
                 type: Ready
               - lastTransitionTime: "2024-05-14T01:04:11Z"
                 message: 'stored artifact: revision ''sha256:604cc6699bc91ac6015f7324a41f43f079a5b96d559c51bcf812e9d9f1beda94'''
                 observedGeneration: 1
                 reason: Succeeded
                 status: "True"
                 type: ArtifactInStorage
               observedGeneration: 1
               url: http://fluxcd-source-controller.flux-system.svc.cluster.local./helmrepository/helm-565df78945-6h5kq/podinfo/index.yaml
   

3. To verify that the Helm chart was installed successfully, view the status of HelmRelease by running:

   kubectl get srs -l "resource-name=podinfo,kind=HelmRelease" -oyaml
   ...
             .status:
               conditions:
               - lastTransitionTime: "2024-05-14T01:08:48Z"
                 message: Release reconciliation succeeded
                 reason: ReconciliationSucceeded # <---
                 status: "True"
                 type: Ready
               - lastTransitionTime: "2024-05-14T01:08:48Z"
                 message: Helm upgrade succeeded
                 reason: UpgradeSucceeded
                 status: "True"
                 type: Released
               helmChart: helm-565df78945-6h5kq/helm-565df78945-6h5kq-podinfo
               lastAppliedRevision: 6.5.4
               lastAttemptedRevision: 6.5.4
               lastAttemptedValuesChecksum: e8ec8c464e25c6b24e812282564f2f6edb011ade
               lastReleaseRevision: 2
               observedGeneration: 2
   

(Optional) Use ContainerApps to track application details

To use ContainerApps to track application details:

1. Ensure that the container-app.tanzu.vmware.com Capability is available in your Space to work with container applications.

2. ContainerApp resource is generally used for describing an application ready to be built and deployed. However, in this case you create a ContainerApp CR manually to represent the already deployed application (the podinfo application that is found inside the installed Helm chart).

   Use the following example YAML to define the ContainerApp resource. The value of the labelSelector field is used to aggregate the status of deployments or pods created by HelmRelease.

   # containerapp.yaml
   apiVersion: apps.tanzu.vmware.com/v1
   kind: ContainerApp
   metadata:
     name: podinfo
     annotations:
       containerapp.apps.tanzu.vmware.com/class: "kubernetes"
   spec:
     description: Podinfo application from Helm
     contact:
       slack: "#my-helm-apps"
     image: ghcr.io/stefanprodan/podinfo
     relatedRefs:
       - for: kubernetes.list-replicas
         kind: Pod
         labelSelector: app.kubernetes.io/name=podinfo
   

3. In the context of your Space, run:

   tanzu space use
   
   tanzu deploy --only containerapp.yaml
   

4. To verify the deployment, see information about the application by running:

   tanzu app list
   

   For example:

   $ tanzu app list
   
   tanzu app replicas podinfo
    REPLICA                   STATE    AT                            CONTENT  AGE
    podinfo-5cdff9fb64-h4wz7  Running  all-regions.tanzu.vmware.com           1m
    podinfo-5cdff9fb64-qc9vs  Running  all-regions.tanzu.vmware.com           1m
    podinfo-5cdff9fb64-rbcvz  Running  all-regions.tanzu.vmware.com           1m