DevOps & CI/CD Deep Dive · 11 of 18

Helm — apt-get for Kubernetes

A chart is a folder of templated YAML; values parameterize it per environment; a release tracks one install of a chart in a namespace. Helm is how almost every off-the-shelf Kubernetes app ships — Postgres, Prometheus, ingress controllers, you name it.

Chartsvalues.yamlTemplatesReleasesHooks

← Back to DevOps & CI/CD

Anatomy

What's in a Chart

Basic Concepts

Chart.yaml — name, version, app version, dependencies.
values.yaml — default config; users override per environment.
templates/ — Go-template'd YAML rendered with values.
_helpers.tpl — named template snippets (labels, fullname).
Subcharts — depend on other charts (e.g., bundle Postgres with your app).
Releases — Helm tracks history per release; helm rollback goes back to revision N.

Lifecycle

Install → Upgrade → Rollback

helm pull / repo add

→

values.yaml override

→

helm template (render)

→

helm install / upgrade

→

Release stored in cluster

→

helm rollback if needed

Helm vs Kustomize

Templating vs Patching

Helm templates strings — flexible but you can produce arbitrary YAML, valid or not, until rendered.
Kustomize overlays patch real K8s YAML — strongly typed, no Go template syntax. Built into kubectl.
Common pattern: ship apps as Helm charts; pin/override per cluster with Kustomize helmCharts:, or use Argo's chart + values pattern.

Tradeoffs

What to Watch Out For

Go templates inside YAML are awful to debug — invisible whitespace bugs, mis-indented blocks.
Charts you don't control can lag K8s API deprecations; pin versions and watch upstream.
Secrets management isn't built in — pair with SOPS, Sealed Secrets, or External Secrets.
Helm 2's Tiller is dead; if you ever see Tiller in a doc, the doc is from 2018.
Chart versions vs app versions confuse newcomers — bump both intentionally.

Continue

Other DevOps & CI/CD Tools

← ECS / Swarm / Nomad Service Mesh → Terraform → CloudFormation → ↑ Back to DevOps & CI/CD