Helm Skill
Helm chart management with safety and minimal footprint.
Chart Repo Policy
Critical: Bitnami Retired
DO NOT use bitnami/* - the public repo was retired. Use bitnamilegacy/* instead.
bash
# WRONG helm repo add bitnami https://charts.bitnami.com/bitnami # DEAD REPO # CORRECT helm repo add bitnamilegacy https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami
Bitnami Image Registry Override
Bitnami charts still work, but their Docker images moved registries. Always override the image registry in values:
yaml
# Global override (most charts) global: imageRegistry: docker.io/bitnami # Or use the legacy images explicitly image: registry: docker.io repository: bitnami/mysql # or bitnamilegacy/mysql for older versions
Common patterns:
yaml
# mysql chart image: registry: docker.io repository: bitnami/mysql # redis chart image: registry: docker.io repository: bitnami/redis # For charts that need legacy images (check if current bitnami/* works first) image: registry: docker.io repository: bitnamilegacy/mysql
Note: Test with current bitnami/* images first; only fall back to bitnamilegacy/* if the image is unavailable.
Preferred Chart Sources
| Application | Source |
|---|---|
| Airflow | apache-airflow/airflow |
| MinIO | minio/operator or official MinIO chart |
| MySQL | Official mysql chart or bitnamilegacy/mysql |
| Redis | bitnamilegacy/redis |
| PostgreSQL | bitnamilegacy/postgresql |
| Ingress | ingress-nginx/ingress-nginx |
Command Safety
Safe (Read-only)
bash
helm template <chart> # Render locally helm lint <chart> # Validate helm show values <chart> # View defaults helm list -A # List releases helm status <release> # Check status helm get values <rel> # Current values helm get manifest <rel> # Deployed manifests helm history <release> # Release history
Destructive (Require Approval)
bash
helm install ... # Creates resources helm upgrade ... # Modifies resources helm uninstall ... # Deletes resources helm rollback ... # Reverts release
Workflow
1. Validate Before Install
bash
helm lint ./chart # Check syntax helm template ./chart -f values.yaml # Render and review helm template ./chart -f values.yaml | kubectl apply --dry-run=client -f -
2. Install/Upgrade
bash
helm upgrade --install <release> <chart> \ -n <namespace> --create-namespace \ -f values.yaml \ --wait --timeout 5m
3. Verify
bash
helm list -n <namespace> helm status <release> -n <namespace> kubectl get pods -n <namespace>
Values Management
Override Hierarchy
- •Chart defaults (
helm show values) - •Base values file (
values.yaml) - •Environment overlay (
values-dev.yaml,values-prod.yaml) - •CLI
--setflags (avoid for secrets)
Values Pattern
yaml
# values-dev.yaml
replicaCount: 1
resources:
requests:
memory: 256Mi
cpu: 100m
# values-prod.yaml
replicaCount: 3
resources:
requests:
memory: 1Gi
cpu: 500m
Secrets Pattern
- •Use External Secrets Operator or Sealed Secrets
- •Never commit plaintext secrets in values files
- •Reference K8s secrets, don't inline values
Debugging
Release Issues
bash
helm history <release> # See revisions helm get values <release> # Current values helm get manifest <release> # What's deployed helm rollback <release> <rev> # Revert if needed
Pod Issues
bash
kubectl get pods -l app.kubernetes.io/instance=<release> kubectl describe pod <pod> kubectl logs <pod>
Helm vs Kustomize
| Use Helm When | Use Kustomize When |
|---|---|
| Complex app with many options | < 5 manifests |
| Upstream chart exists | Custom resources |
| Need templating/conditionals | Simple overlays |
| Want release management | GitOps with ArgoCD |
ArgoCD Integration
yaml
# ArgoCD Application for Helm
apiVersion: argoproj.io/v1alpha1
kind: Application
spec:
source:
repoURL: https://charts.example.com
chart: myapp
targetRevision: 1.2.3
helm:
valueFiles:
- values.yaml
- values-prod.yaml
Quick Reference
bash
# Add repos helm repo add apache-airflow https://airflow.apache.org helm repo add minio https://operator.min.io helm repo add bitnamilegacy https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami helm repo update # Search helm search repo <keyword> helm search hub <keyword> # Install from repo helm upgrade --install myapp repo/chart -f values.yaml -n ns --create-namespace # Install from local helm upgrade --install myapp ./chart -f values.yaml -n ns