Skip to content
Kubee

kubee-helmet

NAME

Section titled “NAME”

kubee helmet is the kubee chart manager.

Features

Section titled “Features”

New

Section titled “New”

kubee helmet is a Helm cli that adds support for:

  • Jsonnet - to add Prometheus Mixin support
  • kustomize - to add support for application without Helm Chart such as ArgoCd.
  • a cluster values file - to share cluster wide configuration between charts

Familiar

Section titled “Familiar”

kubee helmet is based on well-supported Kubernetes tools:

It just executes Helm commands and therefore installs Helm Charts

All new installations:

There is no magic. All commands are:

  • bash command,
  • printed to the shell (visible)
  • and can be re-executed at wil

FAQ

Section titled “FAQ”

What is a Kubee Helmet hart?

Section titled “What is a Kubee Helmet hart?”

What is a Kubee Helmet Chart

What is a Jsonnet Helmet Chart?

Section titled “What is a Jsonnet Helmet Chart?”

What is a Jsonnet Kubee Chart

What is the format of a Cluster Values file?

Section titled “What is the format of a Cluster Values file?”

Rules:

  • Hard: Every root property in a cluster values file is the alias name of the chart in snake_case.
  • Soft: Every property name should be written in snake_case
    • Why? hyphen-case is not supported by Helm Template (ie Go template)
    • Why Not in CamelCase? So that we get used to the fact that we don’t use - as a separator

Example:

chart_1:
  hostname: foo.bar
  issuer_name: julia
chart_2:
  hostname: bar.foo
  dns_zones: [ ]

kubee helmet will transform it in a compliant Helm values.

You can see the Helm values:

  • to be applied with:
Terminal window
kubee helmet --cluster clusterName values chartName
  • applied with:
Terminal window
helm get -n namespace values chartName

Note

Section titled “Note”

Secret Security

Section titled “Secret Security”

With Helm, you retrieve the applied data (manifests, values) from a storage backend.

The default storage backend for Helm is a Kubernetes secret, therefore the security is by default managed by Kubernetes RBAC.

Example: With this command, if you have access to the Kubernetes secret, you should be able to see the applied values files with eventually your secrets.

Terminal window
helm get -n namespace values chartReleaseName

More information can be found in the storage backend section