Book Image

Learn Helm

By : Andrew Block, Austin Dewey
Book Image

Learn Helm

By: Andrew Block, Austin Dewey

Overview of this book

Containerization is currently known to be one of the best ways to implement DevOps. While Docker introduced containers and changed the DevOps era, Google developed an extensive container orchestration system, Kubernetes, which is now considered the frontrunner in container orchestration. With the help of this book, you’ll explore the efficiency of managing applications running on Kubernetes using Helm. Starting with a short introduction to Helm and how it can benefit the entire container environment, you’ll then delve into the architectural aspects, in addition to learning about Helm charts and its use cases. You’ll understand how to write Helm charts in order to automate application deployment on Kubernetes. Focused on providing enterprise-ready patterns relating to Helm and automation, the book covers best practices for application development, delivery, and lifecycle management with Helm. By the end of this Kubernetes book, you will have learned how to leverage Helm to develop an enterprise pattern for application delivery.
Table of Contents (15 chapters)
Section 1: Introduction and Setup
Section 2: Helm Chart Development
Section 3: Adanced Deployment Patterns
Other Books You May Enjoy

Developing secure Helm charts

While provenance and integrity play a major role in the security of Helm, they are not the only concerns you need to consider. Chart developers should ensure that, during the development process, they are adhering to best practices regarding security to prevent vulnerabilities from being introduced when a user installs the chart in a Kubernetes cluster. In this section, we will discuss many of the primary concerns around security as it relates to Helm chart development and what you, as a developer, can do to write Helm charts with security as a priority.

We will begin by first discussing the security around any container images that your Helm chart may use.

Using secure images

Since the goal of Helm (and Kubernetes) is to deploy container images, the image itself is a major security concern. To start, chart developers should be aware of the differences between image tags and image digests.

A tag is a human-readable reference to a given image...