29. March 2025

Some pieces of the puzzle

/images/kubernetes.helm.webp

Private helm repo

First question would be … why ? An answer could be: control. Control where you download from and expecially control what exactly in there. And having everything local makes it easier see exactly what you need, you can tailor the solution but most important is that in the case that a helm disappers over night ( and it did happen ) you will still have a copy of it. Of course there is a catch and a cost associated to this . You need maintain your own charts or sync them locally from official repos and there is the maintenance of the private repo.

Instalation

At the time of writing this post lastest version of ChartMuseum is 0.16.2. Still young but gets the job done. I prefer to have the binaries in /usr/local/bin so here we go:

 wget https://get.helm.sh/chartmuseum-v0.16.2-linux-amd64.tar.gz
 tar xf chartmuseum-v0.16.2-linux-amd64.tar.gz
 sudo mv linux-amd64/chartmuseum /usr/local/bin
 rm -fr linux-amd64

Next was to setup a storage for it. I prefer Minio for multiple reason that will be added in the minio puzzle piece. You can setup the bucket from web UI and also create a service account and get the SA and the key. Dont forget to get the minio service IP.

export AWS_ACCESS_KEY_ID="qqnMMwwrrwqweqwe11"
export AWS_SECRET_ACCESS_KEY="replacemewitharealkey2"
export MINIO_IP="192.168.x.y"
chartmuseum --debug --port=8080 \
  --storage="amazon" \
  --storage-amazon-bucket="chartmuseum" \
  --storage-amazon-prefix="" \
  --storage-amazon-region="us-east-1" \
  --storage-amazon-endpoint="http://$MINIO_IP:9000/"

At this point everything should look ok and be ready for a test. So open a new terminal and let’s do some testing

$ helm create tfm-test
Creating tfm-test
cd tfm-test/
$ ls
charts  Chart.yaml  templates  values.yaml
$ helm package .
Successfully packaged chart and saved it to: tfm-test-0.1.0.tgz
$curl --data-binary "@tfm-test-0.1.0.tgz" http://$MINIO_IP:8080/api/charts
{"saved":true}
$ helm repo add chartmuseum http://localhost:8080
"chartmuseum" has been added to your repositories
$ helm search repo chartmuseum/
NAME                	CHART VERSION	APP VERSION	DESCRIPTION                
chartmuseum/tfm-test	0.1.0        	1.16.0     	A Helm chart for Kubernetes

So … we created a new helm package, uploaded it to chartmuseum and verified that was there.

In the next one I’ll explore vault setup. Vault chart push to chartmuseum , vault chart update , deploy to cluster etc

Latest Posts