What’s GitOps? Nice query! As this useful, introductory article summarize, it’s Infrastructure as Code, plus Merge Requests, plus Steady Integration. Comply with the hyperlink to discover additional the idea.
Nonetheless, Helm has a limitation: it doesn’t handle the lifecycle of Customized Useful resource Definitions (CRDs), which means it would solely set up the CRD throughout the first set up of a chart. Subsequent chart upgrades won’t add or take away CRDs, even when the CRDs have modified.
This generally is a large downside for a GitOps strategy: having to replace CRDs manually isn’t an amazing technique, and makes it very onerous to maintain in sync with deployments and rollbacks.
For this very cause, I created a small Terraform module that may learn from some on-line manifests of CRDs, and apply them. When parametrizing the model of the chart, it’s easy to maintain Helm Charts and CRDs in sync, with out having to do something manually.
Instance
Karpenter is an unimaginable open-source Kubernetes node provisioner constructed by AWS. For those who haven’t tried it but, take some minutes to examine it.
Let’s use Karpenter for example on learn how to use the module. We wish to deploy the chart with the Helm supplier, and we use this new Terraform module to handle its CRDs as effectively:
useful resource "helm_release" "karpenter" {
identify = "karpenter"
namespace = "karpenter"
repository = "https://charts.karpenter.sh"
chart = "karpenter"
model = var.chart_version
// ... All the opposite parameters crucial, skipping them right here ...
}
module "karpenter-crds" {
supply = "rpadovani/helm-crds/kubectl"
model = "0.1.0"
crds_urls = [
"https://raw.githubusercontent.com/aws/karpenter/v${var.chart_version}/charts/karpenter/crds/karpenter.sh_provisioners.yaml",
"https://raw.githubusercontent.com/aws/karpenter/v${var.chart_version}/charts/karpenter/crds/karpenter.k8s.aws_awsnodetemplates.yaml"
]
}
As you may see, we parametrize the model of the chart, so we will you should definitely have the identical model for CRDs because the Helm chart. Behind the curtains, Terraform will obtain the uncooked file, and apply it with kubectl
. In fact, the operator operating Terraform must have sufficient permissions to launch such scripts, so it’s essential configure the kubectl supplier.
The URLs should level to simply the Kubernetes manifests, and because of this we use the uncooked model of the GitHub URL.
The supply code of the module is out there on GitHub, so you’re welcome to chime in and open any situation: I’ll do my greatest to deal with issues and implement strategies.
Conclusion
I exploit this module in manufacturing, and I’m very glad with it: it brings below GitOps the final half I missed: the CRDs. Now, my solely job after I set up a brand new chart is discovering all of the CRDs, and construct a URL that comprises the chart model. Terraform will care for the remaining.
I hope this module will be helpful to you as it’s to me. You probably have any query, or suggestions, or if you want some assist, please go away a remark beneath, tweet me @rpadovani93 or write me an e-mail at [email protected].
Ciao,
R.