Tags | kubernetes helm |
Hard Prerequisites | |
IMPORTANT: Please review these prerequisites, they include important information that will help you with this content. | |
|
|
Soft Prerequisites |
|
Let’s get ready to finally get our own buttons helm chart hosted for that you’ll need the following, it should start feelign familiar by now.
# apps/buttons/kustomization.yaml
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: buttons
resources:
- namespace.yaml
- release.yaml
configMapGenerator:
- name: values
files:
- values.yaml=values.yaml
configurations:
- kustomizeconfig.yaml
# apps/buttons/namespace.yaml
---
apiVersion: v1
kind: Namespace
metadata:
name: buttons
# apps/buttons/kustomizeconfig.yaml
---
# Kustomize config for enabling HelmRelease values from
# ConfigMaps and Secrets generated by Kustomize
nameReference:
- kind: ConfigMap
version: v1
fieldSpecs:
- path: spec/valuesFrom/name
kind: HelmRelease
# apps/buttons/release.yaml
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: buttons
spec:
releaseName: buttons
chart:
spec:
chart: buttons
sourceRef:
kind: HelmRepository
name: buttons
namespace: flux-system
version: "*"
interval: 0h1m0s
install:
remediation:
retries: 3
valuesFrom:
- kind: ConfigMap
name: values
The values file we take the values.yaml from the helm chart and overwrite with our own user supplied values.
# apps/buttons/values.yaml
---
imagePullSecrets:
- name: your-regcred
nginx:
name: nginx
image:
repository: harbor.<your-domain>/application/nginx
tag: {myLatestTag} # this is the latest tag from Harbor
python:
image:
repository: harbor.<your-domain>/application/python
tag: {myLatestTag} # this is the latest tag from Harbor
name: python
envs:
- name: DB_HOST
value: "postgres-postgresql.buttons.svc.cluster.local"
- name: DB_NAME
value: dbname
- name: DB_USER
value: postgres
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-postgresql
key: postgres-password
ingress:
enabled: true
className: "nginx"
annotations:
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: <your-domain>
paths:
- path: /
pathType: Prefix
service:
name: "nginx"
port: 80
- path: /api
pathType: Prefix
service:
name: "python"
port: 5000
tls:
- secretName: chart-example-tls
hosts:
- <your-domain>
remember to add your imagePullSecrets
to the cluster to pull images from the Harbor registry.
kubectl -n buttons create secret docker-registry your-regcred --docker-server=https://your.domain.com --docker-username=admin --docker-password=*******
As we nuked the cluster at the beggining of this project you will need to set up the “application” project in harbor again as well as re-run your GitHub Actions to get the images in to the new cluster.