Book Image

Learn Helm

By : Andrew Block, Austin Dewey
Book Image

Learn Helm

By: Andrew Block, Austin Dewey

Overview of this book

Containerization is currently known to be one of the best ways to implement DevOps. While Docker introduced containers and changed the DevOps era, Google developed an extensive container orchestration system, Kubernetes, which is now considered the frontrunner in container orchestration. With the help of this book, you’ll explore the efficiency of managing applications running on Kubernetes using Helm. Starting with a short introduction to Helm and how it can benefit the entire container environment, you’ll then delve into the architectural aspects, in addition to learning about Helm charts and its use cases. You’ll understand how to write Helm charts in order to automate application deployment on Kubernetes. Focused on providing enterprise-ready patterns relating to Helm and automation, the book covers best practices for application development, delivery, and lifecycle management with Helm. By the end of this Kubernetes book, you will have learned how to leverage Helm to develop an enterprise pattern for application delivery.
Table of Contents (15 chapters)
Section 1: Introduction and Setup
Section 2: Helm Chart Development
Section 3: Adanced Deployment Patterns
Other Books You May Enjoy

Signing and verifying Helm charts

Similar to how the Helm maintainers sign releases, you can sign your own Helm charts so that users can verify that the chart they install actually came from you and contains the expected contents. To sign a chart, you must first have a gpg keypair present on your local workstation.

Next, you can leverage certain flags from the helm package command to sign your chart with a specified key.

Let's demonstrate how this can be accomplished by leveraging the guestbook chart from the Packt repository. This chart is located in the Learn-Helm/helm-charts/charts/guestbook folder. We will assume that you already have a gpg keypair on your local workstation, but if you do not, you can follow the instructions from the Setup section of the Data provenance and integrity section of this chapter to configure your keypair.

One important point to note before signing the guestbook chart is that you must export your public and secret keyrings to a legacy...