Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Helmfile: Supercharge your deployment pipeline
Search
KUOKA Yusuke
May 27, 2020
Technology
4
2k
Helmfile: Supercharge your deployment pipeline
https://k8sjp.connpass.com/event/175030/
KUOKA Yusuke
May 27, 2020
Tweet
Share
More Decks by KUOKA Yusuke
See All by KUOKA Yusuke
Migrating to EKS
mumoshu
0
440
Kubernetes on AWS/EKSベストプラクティス2019.2 #jawsdays
mumoshu
34
16k
[5 min. LT] Kubernetes on AWS after EKS & Recommendations on production EKS clusters
mumoshu
4
6.5k
Zero to Anomaly Detection with Kubeflow
mumoshu
1
2.2k
Programming on Kubernetes - Do More With Less
mumoshu
6
1.1k
Sustainable Kubernetes
mumoshu
16
4.2k
Kubernetesへのデプロイメント 〜進化の過程と展望〜 後半パート
mumoshu
2
9.1k
Helmfile - A declarative way to deploy Helm charts -
mumoshu
5
9.6k
Rails on Kubernetes 2018 #railsdm
mumoshu
10
9.1k
Other Decks in Technology
See All in Technology
SREによる隣接領域への越境とその先の信頼性
shonansurvivors
2
510
100 名超が参加した日経グループ横断の競技型 AWS 学習イベント「Nikkei Group AWS GameDay」の紹介/mediajaws202411
nikkei_engineer_recruiting
1
170
IBC 2024 動画技術関連レポート / IBC 2024 Report
cyberagentdevelopers
PRO
0
110
Amazon CloudWatch Network Monitor のススメ
yuki_ink
1
200
SSMRunbook作成の勘所_20241120
koichiotomo
2
120
Exadata Database Service on Dedicated Infrastructure(ExaDB-D) UI スクリーン・キャプチャ集
oracle4engineer
PRO
2
3.2k
B2B SaaS × AI機能開発 〜テナント分離のパターン解説〜 / B2B SaaS x AI function development - Explanation of tenant separation pattern
oztick139
2
220
サイバーセキュリティと認知バイアス:対策の隙を埋める心理学的アプローチ
shumei_ito
0
380
オープンソースAIとは何か? --「オープンソースAIの定義 v1.0」詳細解説
shujisado
5
590
Terraform未経験の御様に対してどの ように導⼊を進めていったか
tkikuchi
2
430
【Pycon mini 東海 2024】Google Colaboratoryで試すVLM
kazuhitotakahashi
2
490
[CV勉強会@関東 ECCV2024 読み会] オンラインマッピング x トラッキング MapTracker: Tracking with Strided Memory Fusion for Consistent Vector HD Mapping (Chen+, ECCV24)
abemii
0
220
Featured
See All Featured
Six Lessons from altMBA
skipperchong
27
3.5k
Building Better People: How to give real-time feedback that sticks.
wjessup
364
19k
Adopting Sorbet at Scale
ufuk
73
9.1k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
280
13k
How STYLIGHT went responsive
nonsquared
95
5.2k
Designing for Performance
lara
604
68k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
93
16k
Building an army of robots
kneath
302
43k
The Art of Programming - Codeland 2020
erikaheidi
52
13k
Fireside Chat
paigeccino
34
3k
For a Future-Friendly Web
brad_frost
175
9.4k
4 Signs Your Business is Dying
shpigford
180
21k
Transcript
Helmfile Supercharge your deployment pipeline Yusuke Kuoka / @mumoshu, Z
Lab Corporation
“Deploying to K8s is unnecessarily hard”
“Deploying to K8s is unnecessarily hard” • ʮKubernetesͷσϓϩΠͳΜΘ͔ΒΜʯ • kubectl
apply -f dir/ ҰͰ? • ͍͍͑͑
Α͋͘Δύϥϝʔλ • ϚχϑΣετॻ͖͍ͨ vs Ͱ͖Δ͚ͩॻ͖ͨ͘ͳ͍ • DRYʹ͍ͨ͠ vs ͨ͘͠ͳ͍ •
ࣗͰCI/CDΈ͍ͨ vs ͍ͤͨ • (ηΩϡϦςΟ|ύϑΥʔϚϯε|etc) ʹͩ͜ΘΔ vs ͩ͜ΘΒͳ͍ • KubernetesͷॊೈੑΏ͑બࢶ͕ଟ͍
Α͋͘Δ՝ • ૿͑ଓ͚Δπʔϧ • kubectl, kustomize, helm, kpt, go(client-go +
whatever), etc. • ཚཱ͢ΔWrapper • make, bash, ruby, go, js, yaml(CircleCI config.yml, GitHub Actions Workflow, …) • ߏཧ • WrapperͲ͜ (ΞϓϦέʔγϣϯϨϙδτϦ?ConfigRepo? • OSSͷެࣜϚχϑΣετ/ChartΛͦͷ··ͬͯΔͷ͔ɺforkͯ͠Δͷ͔ • forkͯ͠ΔͳΒࠩͲ͔͜ • πʔϧͷظ͢Δόʔδϣϯ?
Α͋͘Δରࡦ • ૿͑ଓ͚Δπʔϧ ← ϕετϓϥΫςΟεͷυΩϡϝϯτԽ • ཚཱ͢ΔWrapper ← ڞ௨ԽɾࣾπʔϧԽ •
ߏཧ ← نΛͭ͘Δ
ΊͰͨ͠ΊͰͨ͠?
Α͋͘Δ՝ - Phase 2 • ૿͑ଓ͚ΔυΩϡϝϯτπʔϧͷϝϯςφϯε • ेʹςετ͞Εͳ͍ࣾπʔϧ • ૿͑ଓ͚Δن
“Deployment on K8s is unnecessarily hard” • <—ίετେ— πʔϧઐνʔϜ, WG,
ਆ(K8s͓͡͞Μ), ϘϥϯςΟΞ —খ—> • େίετ͔͚ͨ΄͏͕πʔϧͱ͍ͯ͘͢͠ͳΔ(ܦݧଇ • ͏·͍͘͘·ͰίετΛ͔͚ଓ͚Δ͔ʁˠجຊతʹYes • ʢͰ͖Εʣ࠷খݶͷίετͰΛղܾ͍ͨ͠ • ୭͔͕طʹૺ۰ͨ͠ճආ͍ͨ͠ • େ͖ͳϛεΛճආ͍ͨ͠ • طଘπʔϧͳ͍ͷ͔ʁ
Helmfile
Helmfile: HISTORY & NUMBERS HelmϕʔεͷએݴతσϓϩΠπʔϧ https://github.com/roboll/helmfile/ - Nov. 2016: First
Commit by @roboll (Datadog) - Feb. 2018: @mumoshu as maintainer - Apr. 2018: ϓϩμΫγϣϯͰΘΕ࢝ΊΔ - 200ίϛοτɾ100ϦϦʔε/ - 2.1K GitHubελʔ @ 2020/05
Helmfile Benefits • πʔϧཚཱ ← ϚχϑΣετɾHelm Chartɾkustomizeαϙʔτ • ཚཱ͢ΔWrapper ←
helmfile͕kubectl/kustomize/helmͷڞ௨ Wrapperʹ • ߏཧ ← نΛͭ͘ΔͷͰͳ͘ɺhelmfileͷنΛར༻
Helm
Helmfile (helmfile.yaml)
Helmfile + Kustomize (./deploy/prod/kustomization.yamlΛHelmͰΠϯετʔϧ)
Helmfile as a “Wrapper” (ར༻πʔϧʹؔΘΒͣ౷ҰతͳίϚϯυͰෳΞϓϦΛҰׅཧ)
ߏཧ - ϓϩδΣΫτϧʔτʹ helmfile.yaml Λஔ͘ - ϓϩδΣΫτΘͣɺͨͩhelmfileΛ ࣮ߦ͢Δ͚ͩͰσϓϩΠՄೳ - ༨ྗ͕͋ΕͦΕҎ֎ͷཁૉͷ໋໊ن
ଇϑΝΠϧͷஔ͖ͷϧʔϧΛܾΊ Δ
ศརػೳ • Diff • όʔδϣϯϩοΫ • ϚχϑΣετੜ • Secretཧ •
Values provider: AWS SecretsManager/Vault/SOPS/Terraform State • DAG • σόοάࢧԉ (helmfile build, helmfile —debug)
None
None
None
None
Alternatives • Terraform + Kubernetes/Helm provider • Pulumi + Kubernetes
provider • AWS CDK / cdk8s • KPT (https://github.com/GoogleContainerTools/kpt) • Terraform + terraform-provider-helmfile
terraform-provider-helmfile https://github.com/mumoshu/terraform-provider-helmfile
Also see… • helmfile.yamlαϯϓϧू https://github.com/cloudposse/helmfiles • Helmfileͷsecret refػೳͰ͑ΔόοΫΤϯυ https://github.com/variantdev/vals/
·ͱΊ • Kubernetes ͚ͷσϓϩΠҙ֎ͱ໘ʢબࢶ͕ଟ͍͕ނʣ • kubectl/helm/kustomizeΛϥοϓ͢Δπʔϧ͕ಠࣗ։ൃ͞Ε͕ͪ • υΩϡϝϯτπʔϧͷ࡞ɾϝϯςίετ࠷খݶʹ͍ͨ͠ • ಠࣗ։ൃ෦ΛݮΒ͢
/ ཁ݅ʹ͋͏طଘπʔϧ͕͋Εར༻ • Helmfile͕͓ͦΒ͘࠷ଟػೳ • ൺֱݕ౼ީิʹೖΕΔͱɺඞཁͳػೳͷߟྀ࿙Ε͕ݮΒͤΔ͔
mumoshu
shonansurvivors
nikkei_engineer_recruiting
cyberagentdevelopers
yuki_ink
koichiotomo
oracle4engineer
oztick139
shumei_ito
shujisado
tkikuchi
kazuhitotakahashi
abemii
skipperchong
wjessup
ufuk
stephaniewalter
nonsquared
lara
panda_program
kneath
erikaheidi
paigeccino
brad_frost
shpigford
