Book Image

Learn Helm

By : Andrew Block, Austin Dewey
Book Image

Learn Helm

By: Andrew Block, Austin Dewey

Overview of this book

Containerization is currently known to be one of the best ways to implement DevOps. While Docker introduced containers and changed the DevOps era, Google developed an extensive container orchestration system, Kubernetes, which is now considered the frontrunner in container orchestration. With the help of this book, you’ll explore the efficiency of managing applications running on Kubernetes using Helm. Starting with a short introduction to Helm and how it can benefit the entire container environment, you’ll then delve into the architectural aspects, in addition to learning about Helm charts and its use cases. You’ll understand how to write Helm charts in order to automate application deployment on Kubernetes. Focused on providing enterprise-ready patterns relating to Helm and automation, the book covers best practices for application development, delivery, and lifecycle management with Helm. By the end of this Kubernetes book, you will have learned how to leverage Helm to develop an enterprise pattern for application delivery.
Table of Contents (15 chapters)
Section 1: Introduction and Setup
Section 2: Helm Chart Development
Section 3: Adanced Deployment Patterns
Other Books You May Enjoy

Chapter 9: Helm Security Considerations

Here are some sample answers to the questions presented in this chapter:

  1. Data provenance is about determining the origin of data. Data integrity determines whether the data you received is the data that you expected.
  2. A user needs to download the accompanying .asc file, which contains the digital signature.
  3. The helm verify command can be used to verify locally downloaded charts, while the helm install --verify command can be used against charts stored in an upstream chart repository.
  4. You can incorporate regular vulnerability scanning. You can also try to avoid deploying images that need to be run as root or a subset of root capabilities. Finally, you can reference images using a sha256 value instead of a tag to ensure that you are always deploying the expected image.
  5. Resource limits help prevent an application from being able to exhaust the underlying node resources. You can also leverage LimitRanges to set the maximum...