Honestbee has been running Kubernetes in production since mid 2016. We have heavily invested in Helm and have real experience managing our Kubernetes service deployments as code with Helm. We would like to share how Helm is used internally at Honestbee. In the presentation we will tackle the following examples and use cases:
* Continuous Delivery using Helm
* Secret management with VaultController
* Building and hosting our own chart repositories (and the iterations we did)
* Plugins to help manage values
* Helm Chart best practices
5. What are Containers?
● Packages up software binaries & dependencies
● Immutable & testable
● Isolate software from each other
● Portable across environments
a self-contained process
ref: kubernetes-comic
7. Versioning
$ make get-tags-prod
getting apse1a tag:
master-ebf3205b
getting apse1b tag:
master-ebf3205b
$ make get-tags-staging
getting apse1a tag:
staging-98a2aa4f
getting apse1b tag:
staging-98a2aa4f
latest is not a version
8.
9. More than just packing and
Isolation
- Scheduling: Where should the containers run?
- Resource Optimisation: How much resources does each container
really need?
- Monitoring: What’s happening with the containers?
- Lifecycle and health: Keep containers running despite failures
- Auth{n,z}: Control who can do what with the containers?
- Scaling: Handle higher load by adding more instances
- Discovery: How can I connect to the containers?
- …
Source
18. Kubernetes Deployment
challenges
- Each application has multiple components
- Every component has its own k8s resources
How to:
- Deploy, Manage, Edit and Update multiple k8s configurations
- Deploy multiple k8s configurations as a single application
- Parameterise and support multiple environments
- Manage application releases: rollout, rollback, history, ...
- ...
25. Helm Values
Define your application configuration per environment!
- Should be source controlled
- roboll/helmfile
- skuid/helm-value-store
- Should not contain secrets
SECRETS
29. Private Chart Repository
Honestbee Version 2:
- Use ChartMuseum
- CI/CD:
- Package and push
honestbee/drone-chartmuseum
ChartMuseum is an open-source Helm Chart Repository written in Go (Golang), with support for cloud
storage backends, including Google Cloud Storage and Amazon S3.
Works as a valid Helm Chart Repository, and also provides an API for uploading new chart packages to
storage etc.
I am focused on the adoption of DevOps culture, improve the agility of the company and improve Developer experience
- How to keep up to speed:
Engage, open source projects no longer just adopt but engage
And share your success and failures
Iterate, start small, and improve
Docker Containers provided a powerful baseline for CI/CD Systems
these systems pipelines:
Using Docker Images and
Containers
For reproducible builds and pipelines often fully defined as code
(Often the first phase of adopting containers, start with containerizing your CI/CD Pipelines)