How set-up a Helm Chart Repository using Apache Web server
Helm is a package manager for Kubernetes. Maintaining and deploying of complex Kubernetes application is a difficult task and Helm has made it easy. Helm uses a package format called Chart to describe set of Kubernetes resources. A Chart can consist of several files. Helm package is a versioned archive of a set of Charts that describe Kubernets resources. The official repository for Helm packages is https://kubernetes-charts-incubator.storage.googleapis.com/.
Most of the time, the official repository cannot fulfil the business requirements. In this case, we can deploy a private Helm Chart repository. Helm has described several methods to deploy a Helm Chart repository. You can find more details here.
In this tutorial, I am explaining how to deploy a Helm Chart repository using an Apache web server.
Helm Chart repository is simply a file server which serves an index.yaml file and Helm Charts. The index.yaml file contains the metadata of each Helm Chart, therefore, it describes the repository. The following directory structure is the layout of Helm chart repository.
index
├── charts
│ ├── jenkins-0.16.1.tgz
│ └── mysql-0.8.0.tgz
└── index.yaml
Helm has defined following requirements for a Helm repository that uses a file server.
- Put your index and charts in a directory that the server can serve
- Make sure the
index.yaml
file can be accessed with no authentication requirement - Make sure
yaml
files are served with the correct content type (text/yaml
ortext/x-yaml
)
I am going to use an Apache web server to host Helm resources and Basic authentication as the authentication mechanism.
- You can find instruction to setup Helm here.
- Once you have configured the Helm, you can list the current repositories using following command,
helm repo list
As you can see in the output, only stable and local repositories are availble.
stable https://kubernetes-charts.storage.googleapis.com
local http://127.0.0.1:8879/charts
3. Let’s download and save a simple Helm chart to a tempory directory to test this scenario.
mkdir index && helm fetch stable/mysql -d index/
4. Generate the index.yaml file in the index/
directory by running following command
helm repo index index/ --url https://helm.example.repo.com/charts
--url
argument is used to describe the location of the charts. The generated index.yaml file is shown below,
apiVersion: v1
entries:
mysql:
- appVersion: 5.7.14
created: 2018-06-13T01:02:13.610733294+05:30
description: Fast, reliable, scalable, and easy to use open-source relational
database system.
digest: 76d9998c1b3d17745252ec43f55ab863f0fcb81ffbc76645c2517c86fb197697
engine: gotpl
home: https://www.mysql.com/
icon: https://www.mysql.com/common/logos/logo-mysql-170x115.png
keywords:
- mysql
- database
- sql
maintainers:
- email: viglesias@google.com
name: viglesiasce
name: mysql
sources:
- https://github.com/kubernetes/charts
- https://github.com/docker-library/mysql
urls:
- https://helm.example.repo.com/charts/mysql-0.8.0.tgz
version: 0.8.0
- appVersion: 5.7.14
created: 2018-06-13T01:02:13.610191957+05:30
description: Fast, reliable, scalable, and easy to use open-source relational
database system.
digest: 3d5ccb6077ca931fd6e73cf1cf65a8bdcfb05f8f5cecc5ff2fa05b4d0bca22da
engine: gotpl
home: https://www.mysql.com/
icon: https://www.mysql.com/common/logos/logo-mysql-170x115.png
keywords:
- mysql
- database
- sql
maintainers:
- email: viglesias@google.com
name: viglesiasce
name: mysql
sources:
- https://github.com/kubernetes/charts
- https://github.com/docker-library/mysql
urls:
- https://helm.example.repo.com/charts/mysql-0.7.0.tgz
version: 0.7.0
generated: 2018-06-13T01:02:13.609181508+05:30
5. Move the mysql chart to a directory named charts
mkdir index/charts && mv index/mysql-0.8.0.tgz index/charts/
6. Configure Apache web server.
- Install Apache web server and the utils using following commands,
sudo apt-get update && \
sudo apt-get install apache2 apache2-utils
- Remove default configurations
sudo su
rm /etc/apache2/sites-available/* && \
rm /etc/apache2/sites-enabled/000-default.conf
- Create SSL certificates for helm.example.repo.com domain
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/apache-selfsigned.key -out /etc/ssl/certs/apache-selfsigned.crt
- Add a entry for helm.example.repo.com domain in
/etc/hosts
sudo su
echo "127.0.0.1 helm.example.repo.com" >> /etc/hosts
- Enable SSl module for Apache web server
sudo a2enmod ssl
- Now let’s create a .htpasswd file with credentcials for user admin
sudo htpasswd -c /etc/apache2/.htpasswd admin
Please enter admin as the password as well, once it is requested.
- Create a Virtual host configuration
helm.conf
for the repository in/etc/apache2/sites-available
directory with the following content
<VirtualHost *:443>
ServerName helm.example.repo.comDocumentRoot "/var/www/index"Alias /charts "/var/www/index/charts/"ErrorLog ${APACHE_LOG_DIR}/helm-error.logCustomLog ${APACHE_LOG_DIR}/helm-access.log combinedAddType text/yaml .yaml<Directory "/var/www/index/charts">AuthType BasicAuthName "Restricted Content"AuthUserFile /etc/apache2/.htpasswdRequire valid-user</Directory>SSLEngine onSSLCertificateFile /etc/ssl/certs/apache-selfsigned.crtSSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.keySSLCertificateChainFile /etc/ssl/certs/apache-selfsigned.crt</VirtualHost>
- Enable above configuration
sudo a2ensite helm.conf
- At last, move the index directory to
/var/www/
sudo mv index /var/www/
- Now restart the Apache web server to apply new changes.
sudo /etc/init.d/apache2 start
7. Let’s add our private repository to local helm client
helm repo add private-repo https://helm.example.repo.com --username admin --password admin
8. Search mysql Helm chart in the added repositories
helm search mysql | grep mysql
As you can see, it is listed under both stable and private-repo repositories.
9. You can verify it is working by simply fetching the Helm chart
helm fetch private-repo/mysql
Now you have successfully deployed a Helm Chart repository !.