Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Helmfile: Supercharge your deployment pipeline
Search
KUOKA Yusuke
May 27, 2020
Technology
4
2.1k
Helmfile: Supercharge your deployment pipeline
https://k8sjp.connpass.com/event/175030/
KUOKA Yusuke
May 27, 2020
Tweet
Share
More Decks by KUOKA Yusuke
See All by KUOKA Yusuke
Migrating to EKS
mumoshu
0
460
Kubernetes on AWS/EKSベストプラクティス2019.2 #jawsdays
mumoshu
34
16k
[5 min. LT] Kubernetes on AWS after EKS & Recommendations on production EKS clusters
mumoshu
4
6.8k
Zero to Anomaly Detection with Kubeflow
mumoshu
1
2.3k
Programming on Kubernetes - Do More With Less
mumoshu
6
1.2k
Sustainable Kubernetes
mumoshu
16
4.4k
Kubernetesへのデプロイメント 〜進化の過程と展望〜 後半パート
mumoshu
2
9.4k
Helmfile - A declarative way to deploy Helm charts -
mumoshu
5
10k
Rails on Kubernetes 2018 #railsdm
mumoshu
10
9.6k
Other Decks in Technology
See All in Technology
AI駆動開発に向けた新しいエンジニアマインドセット
kazue
0
300
AWSを利用する上で知っておきたい名前解決のはなし(10分版)
nagisa53
9
2.7k
Nstockの一人目エンジニアが 3年間かけて向き合ってきた セキュリティのこととこれから〜あれから半年〜
yo41sawada
0
210
allow_retry と Arel.sql / allow_retry and Arel.sql
euglena1215
1
160
250905 大吉祥寺.pm 2025 前夜祭 「プログラミングに出会って20年、『今』が1番楽しい」
msykd
PRO
1
560
【Grafana Meetup Japan #6】Grafanaをリバプロ配下で動かすときにやること ~ Grafana Liveってなんだ ~
yoshitake945
0
390
ZOZOマッチのアーキテクチャと技術構成
zozotech
PRO
3
1.3k
20250903_1つのAWSアカウントに複数システムがある環境におけるアクセス制御をABACで実現.pdf
yhana
3
490
大「個人開発サービス」時代に僕たちはどう生きるか
sotarok
20
9.5k
自作JSエンジンに推しプロポーザルを実装したい!
sajikix
1
160
Kubernetes における cgroup v2 でのOut-Of-Memory 問題の解決
pfn
PRO
0
470
クラウドセキュリティを支える技術と運用の最前線 / Cutting-edge Technologies and Operations Supporting Cloud Security
yuj1osm
2
300
Featured
See All Featured
Why Our Code Smells
bkeepers
PRO
339
57k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
34
6k
GraphQLとの向き合い方2022年版
quramy
49
14k
Learning to Love Humans: Emotional Interface Design
aarron
273
40k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
667
120k
It's Worth the Effort
3n
187
28k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
8
910
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
16k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
1.9k
Code Review Best Practice
trishagee
70
19k
4 Signs Your Business is Dying
shpigford
184
22k
Transcript
Helmfile Supercharge your deployment pipeline Yusuke Kuoka / @mumoshu, Z
Lab Corporation
“Deploying to K8s is unnecessarily hard”
“Deploying to K8s is unnecessarily hard” • ʮKubernetesͷσϓϩΠͳΜΘ͔ΒΜʯ • kubectl
apply -f dir/ ҰͰ? • ͍͍͑͑
Α͋͘Δύϥϝʔλ • ϚχϑΣετॻ͖͍ͨ vs Ͱ͖Δ͚ͩॻ͖ͨ͘ͳ͍ • DRYʹ͍ͨ͠ vs ͨ͘͠ͳ͍ •
ࣗͰCI/CDΈ͍ͨ vs ͍ͤͨ • (ηΩϡϦςΟ|ύϑΥʔϚϯε|etc) ʹͩ͜ΘΔ vs ͩ͜ΘΒͳ͍ • KubernetesͷॊೈੑΏ͑બࢶ͕ଟ͍
Α͋͘Δ՝ • ૿͑ଓ͚Δπʔϧ • kubectl, kustomize, helm, kpt, go(client-go +
whatever), etc. • ཚཱ͢ΔWrapper • make, bash, ruby, go, js, yaml(CircleCI config.yml, GitHub Actions Workflow, …) • ߏཧ • WrapperͲ͜ (ΞϓϦέʔγϣϯϨϙδτϦ?ConfigRepo? • OSSͷެࣜϚχϑΣετ/ChartΛͦͷ··ͬͯΔͷ͔ɺforkͯ͠Δͷ͔ • forkͯ͠ΔͳΒࠩͲ͔͜ • πʔϧͷظ͢Δόʔδϣϯ?
Α͋͘Δରࡦ • ૿͑ଓ͚Δπʔϧ ← ϕετϓϥΫςΟεͷυΩϡϝϯτԽ • ཚཱ͢ΔWrapper ← ڞ௨ԽɾࣾπʔϧԽ •
ߏཧ ← نΛͭ͘Δ
ΊͰͨ͠ΊͰͨ͠?
Α͋͘Δ՝ - Phase 2 • ૿͑ଓ͚ΔυΩϡϝϯτπʔϧͷϝϯςφϯε • ेʹςετ͞Εͳ͍ࣾπʔϧ • ૿͑ଓ͚Δن
“Deployment on K8s is unnecessarily hard” • <—ίετେ— πʔϧઐνʔϜ, WG,
ਆ(K8s͓͡͞Μ), ϘϥϯςΟΞ —খ—> • େίετ͔͚ͨ΄͏͕πʔϧͱ͍ͯ͘͢͠ͳΔ(ܦݧଇ • ͏·͍͘͘·ͰίετΛ͔͚ଓ͚Δ͔ʁˠجຊతʹYes • ʢͰ͖Εʣ࠷খݶͷίετͰΛղܾ͍ͨ͠ • ୭͔͕طʹૺ۰ͨ͠ճආ͍ͨ͠ • େ͖ͳϛεΛճආ͍ͨ͠ • طଘπʔϧͳ͍ͷ͔ʁ
Helmfile
Helmfile: HISTORY & NUMBERS HelmϕʔεͷએݴతσϓϩΠπʔϧ https://github.com/roboll/helmfile/ - Nov. 2016: First
Commit by @roboll (Datadog) - Feb. 2018: @mumoshu as maintainer - Apr. 2018: ϓϩμΫγϣϯͰΘΕ࢝ΊΔ - 200ίϛοτɾ100ϦϦʔε/ - 2.1K GitHubελʔ @ 2020/05
Helmfile Benefits • πʔϧཚཱ ← ϚχϑΣετɾHelm Chartɾkustomizeαϙʔτ • ཚཱ͢ΔWrapper ←
helmfile͕kubectl/kustomize/helmͷڞ௨ Wrapperʹ • ߏཧ ← نΛͭ͘ΔͷͰͳ͘ɺhelmfileͷنΛར༻
Helm
Helmfile (helmfile.yaml)
Helmfile + Kustomize (./deploy/prod/kustomization.yamlΛHelmͰΠϯετʔϧ)
Helmfile as a “Wrapper” (ར༻πʔϧʹؔΘΒͣ౷ҰతͳίϚϯυͰෳΞϓϦΛҰׅཧ)
ߏཧ - ϓϩδΣΫτϧʔτʹ helmfile.yaml Λஔ͘ - ϓϩδΣΫτΘͣɺͨͩhelmfileΛ ࣮ߦ͢Δ͚ͩͰσϓϩΠՄೳ - ༨ྗ͕͋ΕͦΕҎ֎ͷཁૉͷ໋໊ن
ଇϑΝΠϧͷஔ͖ͷϧʔϧΛܾΊ Δ
ศརػೳ • Diff • όʔδϣϯϩοΫ • ϚχϑΣετੜ • Secretཧ •
Values provider: AWS SecretsManager/Vault/SOPS/Terraform State • DAG • σόοάࢧԉ (helmfile build, helmfile —debug)
None
None
None
None
Alternatives • Terraform + Kubernetes/Helm provider • Pulumi + Kubernetes
provider • AWS CDK / cdk8s • KPT (https://github.com/GoogleContainerTools/kpt) • Terraform + terraform-provider-helmfile
terraform-provider-helmfile https://github.com/mumoshu/terraform-provider-helmfile
Also see… • helmfile.yamlαϯϓϧू https://github.com/cloudposse/helmfiles • Helmfileͷsecret refػೳͰ͑ΔόοΫΤϯυ https://github.com/variantdev/vals/
·ͱΊ • Kubernetes ͚ͷσϓϩΠҙ֎ͱ໘ʢબࢶ͕ଟ͍͕ނʣ • kubectl/helm/kustomizeΛϥοϓ͢Δπʔϧ͕ಠࣗ։ൃ͞Ε͕ͪ • υΩϡϝϯτπʔϧͷ࡞ɾϝϯςίετ࠷খݶʹ͍ͨ͠ • ಠࣗ։ൃ෦ΛݮΒ͢
/ ཁ݅ʹ͋͏طଘπʔϧ͕͋Εར༻ • Helmfile͕͓ͦΒ͘࠷ଟػೳ • ൺֱݕ౼ީิʹೖΕΔͱɺඞཁͳػೳͷߟྀ࿙Ε͕ݮΒͤΔ͔