Helm Support for Critical Stack

Pre-requisites

  1. A Critical Stack cluster

  2. Master node with access to the Internet for helm, helm charts, and Docker images

  3. At least one worker node (provisioned in the Critical Stack UI from the Create Node button under DATA CENTER->Nodes) with access to the Internet for Docker images

Overview

This document describes how to deploy helm to support deployment of helm chart-based applications.

Note that the next version of helm will not include tiller so steps to deploy will change significantly (expected to be much simpler and more secure).

Steps

  1. SSH to master node

  2. Get helm

    curl -f https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get > /tmp/get_helm.sh
    sudo bash /tmp/get_helm.sh
    sudo helm init --kubeconfig /etc/kubernetes/admin.conf  # --tiller-tls-verify
  3. Fix RBACs

    sudo kubectl create serviceaccount --namespace kube-system tiller --kubeconfig /etc/kubernetes/admin.conf
    sudo kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller --kubeconfig /etc/kubernetes/admin.conf
    sudo kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}' --kubeconfig /etc/kubernetes/admin.conf
  4. Deploy helm charts, e.g., jenkins

    sudo helm install stable/jenkins --namespace development --kubeconfig /etc/kubernetes/admin.conf

Follow-up

  1. Enable --tiller-tls-verify for better security

Troubleshooting tips

  1. To uninstall helm client and tiller server, first try:

    sudo helm reset --force --kubeconfig /etc/kubernetes/admin.conf
  2. Delete tiller server deployment

    sudo kubectl --kubeconfig /etc/kubernetes/admin.conf -n kube-system delete deployment tiller-deploy
  3. Delete tiller server replicaset (old style tiller)

    sudo kubectl --kubeconfig /etc/kubernetes/admin.conf -n kube-system delete replicaset tiller-deploy-     # use <ESC> to complete
  4. Delete tiller server pod

    sudo kubectl --kubeconfig /etc/kubernetes/admin.conf -n kube-system delete pod tiller-deploy-     # use <ESC> to complete
  5. Uninstall helm chart, delete pods, delete helm release

    sudo helm delete <chart> --purge --kubeconfig /etc/kubernetes/admin.conf