4.9 KiB
App Template
Background
Since Helm library charts cannot be installed directly I have created a companion chart for the common library.
Usage
This Helm chart can be used to deploy any application. Knowing the specifics of the application you want to deploy like the image, ports, env vars, args, and/or any config volumes will be required. You can also use Kubesearch to search for applications people have deployed with this Helm chart.
In order to use this template chart, you would deploy it as you would any other Helm chart. By setting the desired values, the common library chart will render the desired resources.
Be sure to check out the common library docs
and its values.yaml for
more information about the available configuration options.
Examples
This is an example values.yaml file that would deploy the vaultwarden
application. For more deployment examples, check out the examples folder.
--8<--
examples/helm/vaultwarden/values.yaml
--8<--
Upgrade instructions
From 1.x.x to 2.0.x
!!! warning
**IMPORTANT** Because a new label has been introduced in the controller labelSelector (which is an immutable field), Deployments cannot be upgraded in place!
[More details](https://www.datree.io/resources/kubernetes-error-codes-field-is-immutable)
!!! info
Some items (Ingress, ports, persistence items, etc) now default to being enabled by default. However, this is not always the case for some of the `items due to overrides in the default `values.yaml`.
[More background](https://github.com/bjw-s/helm-charts/issues/205)
Given the following real-life example values.yaml for app-template v1:
Expand
image:
repository: ghcr.io/onedr0p/sabnzbd
tag: latest
pullPolicy: IfNotPresent
podSecurityContext:
runAsUser: 568
runAsGroup: 568
fsGroup: 568
fsGroupChangePolicy: "OnRootMismatch"
supplementalGroups:
- 65539
service:
main:
ports:
http:
port: 8080
ingress:
media:
enabled: true
ingressClassName: "ingress-nginx"
hosts:
- host: sabnzbd.bjw-s.dev
paths:
- path: /
persistence:
media:
enabled: true
existingClaim: nas-media
mountPath: /data/nas-media
probes:
liveness:
enabled: false
readiness:
enabled: false
startup:
enabled: false
The values for app-template v2.x would become this:
defaultPodOptions:
securityContext:
runAsUser: 568
runAsGroup: 568
fsGroup: 568
fsGroupChangePolicy: "OnRootMismatch"
supplementalGroups:
- 65539
controllers:
main:
containers:
main:
image:
repository: ghcr.io/onedr0p/sabnzbd
tag: latest
pullPolicy: IfNotPresent
probes:
liveness:
enabled: false
readiness:
enabled: false
startup:
enabled: false
service:
main:
ports:
http:
port: 8080
ingress:
media:
enabled: true
className: "ingress-nginx"
hosts:
- host: sabnzbd.bjw-s.dev
paths:
- path: /
service:
name: main
port: http
persistence:
media:
existingClaim: nas-media
globalMounts:
- path: /data/nas-media
Changes in this example
This is not meant as an exhaustive list of changes, but rather a "most common" example.
podSecurityContexthas been moved todefaultPodOptions.securityContext. It is also possible to configure this on a controller-specific basis by moving it tocontrollers.main.pod.securityContextinstead.imagehas been moved tocontrollers.main.containers.main.imageso that multiple containers can be configured.ingress.media.ingressClassNamehas been renamed toingress.main.className.ingress.media.enabledcan be removed, since items are considered enabled by default (they can still be disabled by addingenabled: false).ingress.media.hosts.*.paths.*.serviceis now required since there is no more concept of a default "primary" service.persistence.media.mountPathhas been moved topersistence.media.globalMounts.*.pathto allow multiple mountPaths for the same persistence item.persistence.media.enabledcan be removed, since items are considered enabled by default (they can still be disabled by addingenabled: false).probeshas been moved tocontrollers.main.containers.main.probesso that multiple containers can be configured.
Source code
The source code for the app template chart can be found here.