helm

package

v2.16.3 Latest Latest Go to latest Published: Apr 11, 2024 License: AGPL-3.0 Imports: 40 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/edgelesssys/constellation

Links

Open Source Insights

README ¶

Helm

Constellation uses helm to install and upgrade deployments to the Kubernetes cluster. Helm wraps deployments into charts. One chart should contain all the configuration needed to run a deployment.

Charts used by Constellation

To make installation and lifecycle management easier, Constellation groups multiple related charts into sub-charts. The following "parent" charts are used by Constellation:

cert-manager
Cilium
constellation-services

Cluster services (mostly) written by us, providing basic functionality of the cluster
csi

Our modified Kubernetes CSI drivers and Snapshot controller/CRDs
operators

Kubernetes operators we use to control and manage the lifecycle of a Constellation cluster

Chart upgrades

All services that are installed via helm-install are upgraded via helm-upgrade. Two aspects are not full covered by running helm-upgrade: CRDs and values. While helm-install can install CRDs if they are contained in a chart's crds folder, upgrade won't change any installed CRDs. Furthermore, new values introduced with a new version of a chart will not be installed into the cluster if the --reuse-values flag is set. Nevertheless, we have to rely on the values already present in the cluster because some of the values are set by the bootstrapper during installation. Because upgrades should be a CLI-only operation and we want to avoid the behaviour of --reuse-values, we fetch the cluster values and merge them with any new values.

Here is how we manage CRD upgrades for each chart.

Cilium

CRDs are updated by cilium-operator.

cert-manager

installCRDs flag is set during upgrade. This flag is managed by cert-manager. cert-manager is in charge of correctly upgrading the CRDs.
WARNING: upgrading cert-manager might break other installations of cert-manager in the cluster, if those other installation are not on the same version as the Constellation-manager installation. This is due to the cluster-wide CRDs.

Operators

Manually update CRDs before upgrading the chart. Update by applying the CRDs found in the operators/crds/ folder.

Constellation-services

There currently are no CRDs in this chart.

CSI

CRDs are required for enabling snapshot support
CRDs are provided as their own helm chart and may be updated using helm

Documentation ¶

Overview ¶

Package helm provides a higher level interface to the Helm Go SDK.

It is used by the CLI to:

load embedded charts
install charts
update helm releases
get versions for installed helm releases
create local backups before running service upgrades

The charts themselves are embedded in the CLI binary, and values are dynamically updated depending on configuration. The charts can be found in “./charts/“. Values should be added in the chart's "values.yaml“ file if they are static i.e. don't depend on user input, otherwise they need to be dynamically created depending on a user's configuration.

Helm logic should not be implemented outside this package. All values loading, parsing, installing, uninstalling, and updating of charts should be implemented here. As such, the helm package requires to implement some CSP specific logic. However, exported functions should be CSP agnostic and take a cloudprovider.Provider as argument. As such, the number of exported functions should be kept minimal.

Copyright (c) Edgeless Systems GmbH ¶

SPDX-License-Identifier: AGPL-3.0-only

Overrides contains helm values that are dynamically injected into the helm charts.

Package helm provides types and functions shared across services.

Index ¶

Constants
Variables
type Applier
type ChartApplyExecutor
- func (c ChartApplyExecutor) Apply(ctx context.Context) error
- func (c ChartApplyExecutor) SaveCharts(chartsDir string, fileHandler file.Handler) error
type Client
- func NewClient(kubeConfig []byte, log debugLog) (*Client, error)
- func (h Client) PrepareApply(flags Options, stateFile *state.State, serviceAccURI string, ...) (Applier, bool, error)
type OpenStackValues
type Options
type ReleaseVersionClient
- func NewReleaseVersionClient(kubeConfig []byte, log debugLog) (*ReleaseVersionClient, error)
- func (c ReleaseVersionClient) Versions() (ServiceVersions, error)
type ServiceVersions
- func (s ServiceVersions) ConstellationServices() semver.Semver
- func (s ServiceVersions) String() string
type WaitMode

Constants ¶

View Source

const (
	// AllowDestructive is a named bool to signal that destructive actions have been confirmed by the user.
	AllowDestructive = true
	// DenyDestructive is a named bool to signal that destructive actions have not been confirmed by the user yet.
	DenyDestructive = false
)

Variables ¶

View Source

var ErrConfirmationMissing = errors.New("action requires user confirmation")

ErrConfirmationMissing signals that an action requires user confirmation.

Functions ¶

This section is empty.

Types ¶

type Applier ¶

type Applier interface {
	Apply(ctx context.Context) error
	SaveCharts(chartsDir string, fileHandler file.Handler) error
}

Applier runs the Helm actions.

type ChartApplyExecutor ¶

type ChartApplyExecutor struct {
	// contains filtered or unexported fields
}

ChartApplyExecutor is a Helm action executor that applies all actions.

func (ChartApplyExecutor) Apply ¶

func (c ChartApplyExecutor) Apply(ctx context.Context) error

Apply applies the charts in order.

func (ChartApplyExecutor) SaveCharts ¶

func (c ChartApplyExecutor) SaveCharts(chartsDir string, fileHandler file.Handler) error

SaveCharts saves all Helm charts and their values to the given directory.

type Client ¶

type Client struct {
	// contains filtered or unexported fields
}

Client is a Helm client to apply charts.

func NewClient ¶

func NewClient(kubeConfig []byte, log debugLog) (*Client, error)

NewClient returns a new Helm client.

func (Client) PrepareApply ¶

func (h Client) PrepareApply(
	flags Options, stateFile *state.State, serviceAccURI string, masterSecret uri.MasterSecret,
) (Applier, bool, error)

PrepareApply loads the charts and returns the executor to apply them.

type OpenStackValues ¶ added in v2.16.1

type OpenStackValues struct {
	DeployYawolLoadBalancer bool
	FloatingIPPoolID        string
	YawolFlavorID           string
	YawolImageID            string
}

OpenStackValues are helm values for OpenStack.

type Options ¶

type Options struct {
	CSP                 cloudprovider.Provider
	AttestationVariant  variant.Variant
	Conformance         bool
	DeployCSIDriver     bool
	AllowDestructive    bool
	Force               bool
	K8sVersion          versions.ValidK8sVersion
	MicroserviceVersion semver.Semver
	HelmWaitMode        WaitMode
	ApplyTimeout        time.Duration
	OpenStackValues     *OpenStackValues
}

Options are options for loading charts.

type ReleaseVersionClient ¶

type ReleaseVersionClient struct {
	// contains filtered or unexported fields
}

ReleaseVersionClient is a client that can retrieve the version of a helm release.

func NewReleaseVersionClient ¶

func NewReleaseVersionClient(kubeConfig []byte, log debugLog) (*ReleaseVersionClient, error)

NewReleaseVersionClient creates a new ReleaseVersionClient.

func (ReleaseVersionClient) Versions ¶

func (c ReleaseVersionClient) Versions() (ServiceVersions, error)

Versions queries the cluster for running versions and returns a map of releaseName -> version.

type ServiceVersions ¶

type ServiceVersions struct {
	// contains filtered or unexported fields
}

ServiceVersions bundles the versions of all services that are part of Constellation.

func (ServiceVersions) ConstellationServices ¶

func (s ServiceVersions) ConstellationServices() semver.Semver

ConstellationServices returns the version of the constellation-services release.

func (ServiceVersions) String ¶

func (s ServiceVersions) String() string

String returns a string representation of the ServiceVersions struct.

type WaitMode ¶

type WaitMode string

WaitMode specifies the wait mode for a helm release.

const (
	// WaitModeNone specifies that the helm release should not wait for the resources to be ready.
	WaitModeNone WaitMode = ""
	// WaitModeWait specifies that the helm release should wait for the resources to be ready.
	WaitModeWait WaitMode = "wait"
	// WaitModeAtomic specifies that the helm release should
	// wait for the resources to be ready and roll back atomically on failure.
	WaitModeAtomic WaitMode = "atomic"
)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
imageversion Package imageversion contains the pinned container images for the helm charts.	Package imageversion contains the pinned container images for the helm charts.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL