This topic tells you how to install Helm charts in a Space.
Helm applications on Spaces give you flexibility in deploying, promoting, and managing application workloads packaged as Helm charts. Helm applications enable you to use your existing build-tooling investments while benefiting from the features of Tanzu Platform for Kubernetes to streamline deployment and maximize efficiency.
The following sections describe how to prepare your environment for the helm
application.
Before you can create a Helm-enabled Space, ensure that you have the following:
Infrastructure in Tanzu Platform for Kubernetes, which includes:
run
cluster group in the ProjectFor information about how to create a cluster group, cluster, and Availability Targets, see Set up the infrastructure to create an application environment.
To install the Flux CD Source Capability:
To install the Flux CD Helm Capability:
To create a Space:
Select the fluxcd-helm.tanzu.vmware.com Profile. This Profile includes two Helm-related Capabilities and a single Trait that introduces the fluxcd-helmrelease-installer
ServiceAccount
with the following permissions. All the permissions are verbs for resources:
ConfigMap
Deployment
Pod
PodDisruptionBudget
ReplicaSet
Secret
ServiceAccount
Service
Add the my-custom-networking Profile.
api-gateway.spring.tanzu.vmware.com
as a required Trait to the my-custom-networking
Profile.spring-dev
Trait, api-gateway.spring.tanzu.vmware.com
is not needed.The following sections instruct how to deploy the podinfo Helm chart to a newly created Space.
To create Helm configuration:
Define the location of the Helm chart through the GitRepository
, HelmRepository
, and OCIRepository
APIs that the Flux CD Source Controller package provides. Use the following YAML to reference the standard Helm repository location:
# helmrepository.yaml
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: podinfo
spec:
interval: 5m
url: https://stefanprodan.github.io/podinfo
For more information about these APIs, see the Source Controller documentation.
The HelmRelease API enables continuous server-side orchestration of Helm releases through Helm actions, such as install, upgrade, test, uninstall, and rollback. This API also enables correction of configuration drift from the wanted release state.
Choose which Helm chart to install (fetched from the referenced repository) and provide configuration values. For example:
# helmrelease.yaml
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: podinfo
spec:
serviceAccountName: fluxcd-helmrelease-installer
interval: 10m
timeout: 5m
chart:
spec:
chart: podinfo
version: '6.5.4'
sourceRef:
kind: HelmRepository
name: podinfo
interval: 5m
releaseName: podinfo
install:
remediation:
retries: 3
upgrade:
remediation:
retries: 3
valuesFrom:
- kind: Secret
name: podinfo-values
Use the following YAML to define your secret:
# podinfo-values.yaml
apiVersion: v1
kind: Secret
metadata:
name: podinfo-values
type: Opaque
stringData:
values.yaml: |
replicaCount: 3
To expose the podinfo
application, use HTTPRoute
API as in this example:
# route.yaml
apiVersion: gateway.networking.k8s.io/v1beta1
kind: HTTPRoute
metadata:
name: podinfo-main
annotations:
healthcheck.gslb.tanzu.vmware.com/service: podinfo
healthcheck.gslb.tanzu.vmware.com/path: /
healthcheck.gslb.tanzu.vmware.com/port: "9898"
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: default-gateway
sectionName: http-podinfo
rules:
- backendRefs:
- group: ""
kind: Service
name: podinfo
port: 9898
weight: 1
matches:
- path:
type: PathPrefix
value: /
Your directory structure now looks like this:
> tree
.
├── helmrelease.yaml
├── helmrepository.yaml
├── podinfo-values.yaml
└── route.yaml
To deploy Helm resources:
In the context of your Space, run:
tanzu space use
tanzu deploy --only .
To verify that the Helm chart was downloaded successfully, view the status of HelmRepository
by running:
kubectl get srs -l "resource-name=podinfo,kind=HelmRepository" -oyaml
...
.status:
artifact:
digest: sha256:e09ebbeaf866d6c135bc52af01b736af10f604480fb10c89e4679e708cbd86dc
lastUpdateTime: "2024-05-14T01:04:11Z"
path: helmrepository/helm-565df78945-6h5kq/podinfo/index-604cc6699bc91ac6015f7324a41f43f079a5b96d559c51bcf812e9d9f1beda94.yaml
revision: sha256:604cc6699bc91ac6015f7324a41f43f079a5b96d559c51bcf812e9d9f1beda94
size: 66394
url: http://fluxcd-source-controller.flux-system.svc.cluster.local./helmrepository/helm-565df78945-6h5kq/podinfo/index-604cc6699bc91ac6015f7324a41f43f079a5b96d559c51bcf812e9d9f1beda94.yaml
conditions:
- lastTransitionTime: "2024-05-14T01:04:11Z"
message: 'stored artifact: revision ''sha256:604cc6699bc91ac6015f7324a41f43f079a5b96d559c51bcf812e9d9f1beda94'''
observedGeneration: 1
reason: Succeeded # <---
status: "True"
type: Ready
- lastTransitionTime: "2024-05-14T01:04:11Z"
message: 'stored artifact: revision ''sha256:604cc6699bc91ac6015f7324a41f43f079a5b96d559c51bcf812e9d9f1beda94'''
observedGeneration: 1
reason: Succeeded
status: "True"
type: ArtifactInStorage
observedGeneration: 1
url: http://fluxcd-source-controller.flux-system.svc.cluster.local./helmrepository/helm-565df78945-6h5kq/podinfo/index.yaml
To verify that the Helm chart was installed successfully, view the status of HelmRelease
by running:
kubectl get srs -l "resource-name=podinfo,kind=HelmRelease" -oyaml
...
.status:
conditions:
- lastTransitionTime: "2024-05-14T01:08:48Z"
message: Release reconciliation succeeded
reason: ReconciliationSucceeded # <---
status: "True"
type: Ready
- lastTransitionTime: "2024-05-14T01:08:48Z"
message: Helm upgrade succeeded
reason: UpgradeSucceeded
status: "True"
type: Released
helmChart: helm-565df78945-6h5kq/helm-565df78945-6h5kq-podinfo
lastAppliedRevision: 6.5.4
lastAttemptedRevision: 6.5.4
lastAttemptedValuesChecksum: e8ec8c464e25c6b24e812282564f2f6edb011ade
lastReleaseRevision: 2
observedGeneration: 2
To use ContainerApps
to track application details:
Ensure that the container-app.tanzu.vmware.com
Capability is available in your Space to work with container applications.
ContainerApp
resource is generally used for describing an application ready to be built and deployed. However, in this case you create a ContainerApp
CR manually to represent the already deployed application (the podinfo
application that is found inside the installed Helm chart).
Use the following example YAML to define the ContainerApp
resource. The value of the labelSelector
field is used to aggregate the status of deployments or pods created by HelmRelease
.
# containerapp.yaml
apiVersion: apps.tanzu.vmware.com/v1
kind: ContainerApp
metadata:
name: podinfo
annotations:
containerapp.apps.tanzu.vmware.com/class: "kubernetes"
spec:
description: Podinfo application from Helm
contact:
slack: "#my-helm-apps"
image: ghcr.io/stefanprodan/podinfo
relatedRefs:
- for: kubernetes.list-replicas
kind: Pod
labelSelector: app.kubernetes.io/name=podinfo
In the context of your Space, run:
tanzu space use
tanzu deploy --only containerapp.yaml
To verify the deployment, see information about the application by running:
tanzu app list
For example:
$ tanzu app list
tanzu app replicas podinfo
REPLICA STATE AT CONTENT AGE
podinfo-5cdff9fb64-h4wz7 Running all-regions.tanzu.vmware.com 1m
podinfo-5cdff9fb64-qc9vs Running all-regions.tanzu.vmware.com 1m
podinfo-5cdff9fb64-rbcvz Running all-regions.tanzu.vmware.com 1m