After attending in on a helm based lab at the OpenStack summit, I decided I wanted to try it out for myself on my OpenShift cluster.
Since helm is not yet part of Fedora, I used the upstream binary distribution Inside the tarball was, among other things, a standalone binary named helm, which I moved to ~/bin (which is in my path). Once I had that in place:
$ helm init Creating /home/ayoung/.helm Creating /home/ayoung/.helm/repository Creating /home/ayoung/.helm/repository/cache Creating /home/ayoung/.helm/repository/local Creating /home/ayoung/.helm/plugins Creating /home/ayoung/.helm/starters Creating /home/ayoung/.helm/repository/repositories.yaml $HELM_HOME has been configured at /home/ayoung/.helm. Tiller (the helm server side component) has been installed into your Kubernetes Cluster. Happy Helming! |
Checking on that Tiller install:
$ kubectl get pods --all-namespaces NAMESPACE NAME READY STATUS RESTARTS AGE default docker-registry-2-z91cq 1/1 Running 0 23h default registry-console-1-g4qml 1/1 Running 0 1d default router-5-4w3zt 1/1 Running 0 23h kube-system tiller-deploy-3210876050-8gx0w 1/1 Running 0 1m |
But trying a helm command line operation fails.
$ helm list Error: User "system:serviceaccount:kube-system:default" cannot list configmaps in project "kube-system" |
This looks like an RBAC issue. I want to assign the role ‘admin’ to the user “system:serviceaccount:kube-system:tiller” on the project “kube-system”
$ oc project kube-system Now using project "kube-system" on server "https://munchlax:8443". [ansible@munchlax ~]$ oadm policy add-role-to-user admin system:serviceaccount:kube-system:tiller role "admin" added: "system:serviceaccount:kube-system:tiller" [ansible@munchlax ~]$ ./helm list [ansible@munchlax ~]$ |
Now I can follow the steps outlined in the getting started guide:
[ansible@munchlax ~]$ ./helm create mychart Creating mychart [ansible@munchlax ~]$ rm -rf mychart/templates/ deployment.yaml _helpers.tpl ingress.yaml NOTES.txt service.yaml [ansible@munchlax ~]$ rm -rf mychart/templates/*.* [ansible@munchlax ~]$ [ansible@munchlax ~]$ [ansible@munchlax ~]$ vi mychart/templates/configmap.yaml [ansible@munchlax ~]$ ./helm install ./mychart NAME: esteemed-pike LAST DEPLOYED: Wed May 24 11:46:52 2017 NAMESPACE: kube-system STATUS: DEPLOYED RESOURCES: ==> v1/ConfigMap NAME DATA AGE mychart-configmap 1 0s [ansible@munchlax ~]$ ./helm get manifest esteemed-pike --- # Source: mychart/templates/configmap.yaml apiVersion: v1 kind: ConfigMap metadata: name: mychart-configmap data: myvalue: "Hello World" [ansible@munchlax ~]$ ./helm delete esteemed-pike release "esteemed-pike" deleted |