Using Azure Blob Service as private Helm repository

Helm is a tool to manage kubernetes workloads with the ease of a package manager such as dpkg and pacman in Linux distributions. Also the repository feature that it supports, makes it easier to share kubernetes workload with the community or your team. It’s possible to host your own repository with

 helm serve 

command but this is only for local working scenarios on your lappy. When it comes to share your work with your team you’ll need a private repository for your charts. I’m assuming you know the basic concepts of kubernetes, helm and azure cli. Now let’s up to work!

First of all you have to be logged in to your Azure account from the az cli. Just type

az login 

and navigate to the web page from the output of the command and paste the code. After that if you don’t have a resource group at your Azure account you must create it now with typing:

az group create --name helmgroup --location "westeurope"

As I mentioned at the title of the blog we’ll use Azure Blob Storage service for storing the data of charts. So you have to create a storage account for this purpose.

You can both create your Storage Account from azure cli or Azure Portal. I’m gonna give you the cli command ( ps. I don’t like UIs ) to move on…

az storage account create -n blobbloghelm -g helmgroup -l westeurope --sku Standard_LRS --kind BlobStorage --access-tier Cool

After creating storage account you have to retrieve the storage key to reach that account from az cli. To do so :

export AZURE_STORAGE_ACCOUNT=blobbloghelm
export AZURE_STORAGE_KEY=$(az storage account keys list --resource-group helmgroup --account-name blobbloghelm | grep -m 1 value | awk -F'"' '{print $4}')

Next, create a blob container for charts :

az storage container create --name helm

Now we’ve need a URL for connecting our helm client to the Blob Storage service.

export SAS_TOKEN=`az storage container generate-sas --name helm --expiry 2023-01-01 --permissions lr`

Now we are ready to add the repository to our helm client.:

helm repo add azure ‘https://blobbloghelm.blob.core.windows.net/helm/?/$SAS_TOKEN’

That’s all you have to do for adding an Blob Storage account to your helm repository list. To validate the process you can check it via :

helm repo list

From now, I assume that you have a valid chart to update into to repository.To create a valid chart for repository, first you have to execute the commands below in your chart directory.

helm repo index . 
helm package .

These two commands will generate two different files. First one contains repository metadata about your chart and the latter one contains templates of your chart as tar.gz archive. You have to push these two files onto your Blob Storage Account to fetch them later with helm client. To do so, use the following template :

az storage blob upload --container-name helm --file $file_to_upload --name $blob_name

If you upload your chart successfully, you can query your chart with executing the following command.

helm search azure

That’s all for this post. Have a nice day ! :)

Here’s my reference links :

Using the Azure CLI 2.0 with Azure Storage

Setting up secure helm chart repository on Azure Blob Storage - cwienczek.com

Helm - The Package Manager for Kubernetes.