Install and Use Helm 2 on Kubernetes Cluster

By Posted on 259 views

In today’s guide, we will look at how you can install and use Helm 2 to deploy and manage applications (Helm charts) on your Kubernetes cluster. Helm is a tool created to streamline the installation and management of Kubernetes applications. You can think of Helm like the YUM / APT or Homebrew package managers for Kubernetes.

There are few prerequisites required for a successful installation and operation of Helm.

  • A Kubernetes cluster
  • Admin access to install Tiller
  • Locally configured kubectl.

Check our guides on installation of Kubernetes:

For Kubectl configuration to manage kubernetes , check: Easily Manage Multiple Kubernetes Clusters with kubectl & kubectx

Step 1: Installing Helm client

Helm client runs on your laptop, CI/CD pipelines, etc. The installation of helm client is simplified for you through bash script.

curl -L https://git.io/get_helm.sh | bash

Here is the expected installation output:

Helm v2.17.0 is available. Changing from version .
Downloading https://get.helm.sh/helm-v2.17.0-linux-amd64.tar.gz
Preparing to install helm and tiller into /usr/local/bin
helm installed into /usr/local/bin/helm
tiller installed into /usr/local/bin/tiller
Run 'helm init' to configure helm.

The helm binary package will be installed to /usr/local/bin/ directory.

$ helm version
Client: &version.VersionSemVer:"v2.17.0", GitCommit:"a690bad98af45b015bd3da1a41f6218b1a451dbe", GitTreeState:"clean"

Step 2: Create Tiller service account & Role binding

Helm2 has a server component called Tiller. This changed in Helm 3 as there is no tiller. The tiller service will run in our Kubernetes cluster and the helm client talks to it when managing helm applications in the cluster.

We need to create service account for Tiller with admin access to the cluster. Create a new file called tiller-serivice-account.yaml.

vim tiller-account-rbac.yaml

Paste below data to the file.

apiVersion: v1
kind: ServiceAccount
metadata:
  name: tiller
  namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: tiller
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
  - kind: ServiceAccount
    name: tiller
    namespace: kube-system

From the manifest definition, we have created a ClusterRoleBinding with cluster-admin permissions to the tiller service account.

Create the resources in Kubernetes using the kubectl command:

$ kubectl apply -f tiller-account-rbac.yaml
serviceaccount/tiller created
clusterrolebinding.rbac.authorization.k8s.io/tiller created

Confirm creation of these objects:

$ kubectl get serviceaccount tiller -n kube-system        
NAME     SECRETS   AGE
tiller   1         64s

$ kubectl get clusterrolebinding tiller -n kube-system
NAME     AGE
tiller   100s

Step 3: Deploy Tiller and Initialize Helm

The helm init command is used to install Tiller (the Helm server-side component) onto your
Kubernetes Cluster. Note that this command discovers Kubernetes clusters
by reading $KUBECONFIG (default ‘~/.kube/config‘) and using the default context.

If you have multiple clusters, ensure you switch to desired cluster, ref:

Now initialize Helm using the command below.

helm init --service-account=tiller \
   --stable-repo-url=https://charts.helm.sh/stable \
   --upgrade \
   --automount-service-account-token=true \
   --replicas=1 \
   --history-max=100 \
   --wait

Below is the output from the helm init command.

Creating /home/jkmutai/.helm/repository/repositories.yaml
Adding stable repo with URL: https://charts.helm.sh/stable
Adding local repo with URL: http://127.0.0.1:8879/charts
$HELM_HOME has been configured at /home/jkmutai/.helm.

Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.

Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.
To prevent this, run `helm init` with the --tiller-tls-verify flag.
For more information on securing your installation see: https://v2.helm.sh/docs/securing_installation/

The initialization will also set up local configuration in $HELM_HOME (default ~/.helm/)

$ ls ~/.helm 
cache  plugins  repository  starters

On the kubernetes end, you should see a new deployment called tiller-deploy.

$ kubectl get deployment  -n kube-system       
NAME                     READY   UP-TO-DATE   AVAILABLE   AGE
metrics-server           1/1     1            1           20d
local-path-provisioner   1/1     1            1           20d
coredns                  1/1     1            1           20d
traefik                  1/1     1            1           20d
tiller-deploy            1/1     1            1           63m

$ kubectl get deployment tiller-deploy -n kube-system -o wide
NAME            READY   UP-TO-DATE   AVAILABLE   AGE   CONTAINERS   IMAGES                                  SELECTOR
tiller-deploy   1/1     1            1           64m   tiller       gcr.io/kubernetes-helm/tiller:v2.16.1   app=helm,name=tiller

Now visit Helm 2 documentation page to get started. Since Helm 2 is now legacy, we’ll cover the installation and usage of Helm 3 in our next guide.

Gravatar Image
Ben Bennett - https://www.thetodaypost.net
A systems engineer with excellent skills in systems administration, cloud computing, systems deployment, virtualization, containers, and a certified ethical hacker.