Helm Operator is designed to managed the full lifecycle of Helm charts with Kubernetes CRD resource.

Helm Operator

Helm Operator is designed to install and manage Helm charts with Kubernetes CRD resource.

Helm Operator does not create the Helm releases, it only uses Helm as the template engine to generate the Kubernetes resources.

Helm Operator enables Server Side Apply and enforces the fields ownership.

More features are on the way!

How to install

kubectl apply -f https://github.com/chenzhiwei/helm-operator/raw/master/config/allinone.yaml

By default, it will create following resources:

  • helm-operator Namespace, which the operator deployment runs in
  • cluster-admin-helm-operator ClusterRoleBinding, which gives cluster-admin permission to the operator
  • helm-operator Deployment, the operator deployment
  • helmcharts.app.siji.io CRD, defines the chart resource
  • helmdogs.app.siji.io CRD, used by HelmChart to clean up cluster scoped and non-cr namespace resources

Run following commands to uninstall:

kubectl delete helmchart --all --all-namespaces
kubectl delete helmdog --all --all-namespaces
kubectl delete namespace helm-operator
kubectl delete crd helmcharts.app.siji.io helmdogs.app.siji.io

How to install with webhook enabled

kubectl apply -f https://github.com/chenzhiwei/helm-operator/raw/master/config/allinone-webhook.yaml

By default, it will create the normal resources and plus following:

  • helm-operator-webhook-service, which is used for validating webhook
  • helm-operator-validating-webhook, a ValidatingWebhookConfiguration to validate the permissions

Run following commands to uninstall:

kubectl delete validatingwebhookconfiguration helm-operator-validating-webhook
kubectl delete helmchart --all --all-namespaces
kubectl delete helmdog --all --all-namespaces
kubectl delete namespace helm-operator
kubectl delete crd helmcharts.app.siji.io helmdogs.app.siji.io

How to use

Create a HelmChart CR, and this operator will install the resources inside the Helm chart.

apiVersion: app.siji.io/v1
kind: HelmChart
metadata:
  name: helmchart-sample
spec:
  chart:
    path: https://gitlab.com/chenzhiwei/charts/-/raw/master/release/nginx-0.1.0.tgz
  values:
    replicaCount: 2
    image:
      repository: docker.io/library/nginx
      tag: alpine

Design Idea

Helm is a very popular package tool for Kubernetes, but it also has some limitations, especially handling CRDs.

This Helm Operator leverages the Kubernetes CustomResourceDefinition to manage the full lifecycle of a Helm chart.

Users can create a HelmChart CR with Helm chart path and values, the operator will use Helm library to generate the final manifests and then call the Kubernetes API to CRUD on these manifests.

For Helm chart manifests have same namespace with the HelmChart CR, the operator will add an ownerreference to these manifests; for those manifests who are cluster scoped or in different namespaces, the operator will create another HelmDog CR to store them for later update or delete.

When a Helm chart is updated, there may have newly added and removed manifests, the operator will find the diff and perform creating or removing actions on them.

Features

  1. Share same resource in multiple charts

    This can be achieved by setting an annotation app.siji.io/keep=anything.

    A use case is a ConfigMap contains some metadata, and multiple charts share this single ConfigMap.

  2. Force clean up the CRDs in a chart when uninstalling

    This can be achieved by setting an annotation app.siji.io/force-crd-delete=anything.

  3. Runtime control on installed Helm charts

    When users update the Helm chart objects, the operator will rollback them. Users should update the HelmChart CR to update the objects.

  4. Fine-grained permission control

    This is used to ensure the user who create the HelmChart has the permission to create the resources inside the Helm chart.

    Users can enable the ValidatingWebhookConfiguration and each Create or Update operation will be validated to ensure the user has right permission.

  5. Helm chart in standard OCI/Docker image(WIP)

    In Kubernetes, all workloads are image based, setting up a Helm registry or HTTP server is a little annoying.

    We can put the Helm chart directory or .tgz package into a standard OCI/Docker image, the only rule is we have an agreement to put it into last layer.

    This operator can call image registry API to fetch the last layer and get the helm chart package.

    An example is: docker://docker.io/siji/helm-chart:latest#file=nginx-0.2.0.tgz, the Helm chart package nginx-0.2.0.tgz is in the last layer of this image.

Limitations

Do not support hooks and dependencies.

Owner
Chen Zhiwei
Chen Zhiwei
https://github.com/chenzhiwei/helm-operator
Similar Resources

OpenDILab RL Kubernetes Custom Resource and Operator Lib

DI Orchestrator DI Orchestrator is designed to manage DI (Decision Intelligence) jobs using Kubernetes Custom Resource and Operator. Prerequisites A w

Jan 5, 2023

Kubernetes Operator to automate Helm, DaemonSet, StatefulSet & Deployment updates

Kubernetes Operator to automate Helm, DaemonSet, StatefulSet & Deployment updates

Keel - automated Kubernetes deployments for the rest of us Website https://keel.sh Slack - kubernetes.slack.com look for channel #keel Keel is a tool

Dec 28, 2022

Terraform Provider for Azure (Resource Manager)Terraform Provider for Azure (Resource Manager)

Terraform Provider for Azure (Resource Manager)Terraform Provider for Azure (Resource Manager)

Terraform Provider for Azure (Resource Manager) Version 2.x of the AzureRM Provider requires Terraform 0.12.x and later, but 1.0 is recommended. Terra

Oct 16, 2021

Apachedist-resource - A concourse resource to track updates of an apache distribution, e.g. tomcat

Apache Distribution Resource A concourse resource that can track information abo

Feb 2, 2022

The Elastalert Operator is an implementation of a Kubernetes Operator, to easily integrate elastalert with gitops.

Elastalert Operator for Kubernetes The Elastalert Operator is an implementation of a Kubernetes Operator. Getting started Firstly, learn How to use el

Jun 28, 2022

Minecraft-operator - A Kubernetes operator for Minecraft Java Edition servers

Minecraft Operator A Kubernetes operator for dedicated servers of the video game

Dec 15, 2022

K8s-network-config-operator - Kubernetes network config operator to push network config to switches

Kubernetes Network operator Will add more to the readme later :D Operations The

May 16, 2022

Pulumi-k8s-operator-example - OpenGitOps Compliant Pulumi Kubernetes Operator Example

Pulumi GitOps Example OpenGitOps Compliant Pulumi Kubernetes Operator Example Pr

May 6, 2022

Kubernetes Operator Samples using Go, the Operator SDK and OLM

Kubernetes Operator Samples using Go, the Operator SDK and OLM

Kubernetes Operator Patterns and Best Practises This project contains Kubernetes operator samples that demonstrate best practices how to develop opera

Nov 24, 2022
Related tags
DevOps Tools kubernetes helm helm-charts helm-chart helm-operator
Addon Operator coordinates the lifecycle of Add-ons in managed OpenShift
 Addon Operator coordinates the lifecycle of Add-ons in managed OpenShift

Addon Operator Addon Operator coordinates the lifecycle of Addons in managed OpenShift. dev tools setup pre-commit hooks: make pre-commit-install glob

Dec 29, 2022
Dredger is a utility to help convert helm charts to Terraform modules using kubernetes provider.

dredger Dredger is a utility to help convert helm charts to Terraform modules using kubernetes provider. Dredger is made of dark magic and cannot full

Aug 25, 2022
Helm : a tool for managing Kubernetes charts

Helm Helm is a tool for managing Kubernetes charts. Charts are packages of pre-configured Kubernetes resources. Use Helm to: Find and use popular soft

Nov 30, 2021
Modular Kubernetes operator to manage the lifecycle of databases

Ensemble Ensemble is a simple and modular Kubernetes Operator to manage the lifecycle of a wide range of databases. Infrastructure as code with Kubern

Aug 12, 2022
The cortex-operator is a project to manage the lifecycle of Cortex in Kubernetes.

cortex-operator The cortex-operator is a project to manage the lifecycle of Cortex in Kubernetes. Project status: alpha Not all planned features are c

Dec 14, 2022
An operator which complements grafana-operator for custom features which are not feasible to be merged into core operator

Grafana Complementary Operator A grafana which complements grafana-operator for custom features which are not feasible to be merged into core operator

Aug 16, 2022
Fadvisor(FinOps Advisor) is a collection of exporters which collect cloud resource pricing and billing data guided by FinOps, insight cost allocation for containers and kubernetes resource
 Fadvisor(FinOps Advisor) is a collection of exporters which collect cloud resource pricing and billing data guided by FinOps, insight cost allocation for containers and kubernetes resource

[TOC] Fadvisor: FinOps Advisor fadvisor(finops advisor) is used to solve the FinOps Observalibility, it can be integrated with Crane to help users to

Jan 3, 2023
Terraform-operator - The Terraform Operator provides support to run Terraform modules in Kubernetes in a declaritive way as a Kubernetes manifest

Terraform Operator The Terraform Operator provides support to run Terraform modu

Oct 19, 2022
Create changelogs for Helm Charts, based on git history

helm-changelog Create changelogs for Helm Charts, based on git history. The application depends on the assumption that the helm chart is released on t

Nov 27, 2022
Lightweight, CRD based envoy control plane for kubernetes

Lighweight, CRD based Envoy control plane for Kubernetes: Implemented as a Kubernetes Operator Deploy and manage an Envoy xDS server using the Discove

Nov 3, 2022