charts/README.org

140 lines
5.8 KiB
Org Mode
Raw Normal View History

#+DATE: 2024-04-03
2023-10-20 11:29:42 +00:00
2024-04-01 08:15:03 +00:00
#+BEGIN_QUOTE
⚠️ There are no guarantees with these Helm Charts. I provide basic patching and they are maintained in the sense that I use most of them myself. If charts are unused they may be removed.
2024-04-01 08:15:03 +00:00
#+END_QUOTE
2023-12-23 09:12:35 +00:00
#+BEGIN_HTML
2023-12-23 09:18:56 +00:00
<p>
2023-12-23 09:14:10 +00:00
<div align="center">
<img src="https://helm.sh/img/helm.svg" align="center" width="144px" height="144px"/>
2023-12-23 09:20:19 +00:00
<h3>Minimal and Opinionated Helm Charts</h3>
<p><i>... powered by a Norwegian bear 🐻</i></p>
2023-12-23 09:14:10 +00:00
</div>
2023-12-23 10:06:35 +00:00
<p>&nbsp;</p>
2023-12-23 10:05:46 +00:00
<div align="center">
<a href="https://github.com/tommy-skaug/charts/actions/workflows/build-and-publish.yml" class="badge">
<img src="https://github.com/tommy-skaug/charts/actions/workflows/build-and-publish.yml/badge.svg" alt="Relases building" /></a>
&nbsp;&nbsp;
2023-12-23 09:14:10 +00:00
2023-12-23 10:05:46 +00:00
<a href="https://github.com/tommy-skaug/charts/actions/workflows/pages/pages-build-deployment" class="badge">
<img src="https://github.com/tommy-skaug/charts/actions/workflows/pages/pages-build-deployment/badge.svg" alt="Index Updates" />
</a>
</div>
2023-12-23 09:18:56 +00:00
</p>
2023-12-23 10:06:42 +00:00
<p>&nbsp;</p>
2023-12-23 09:12:35 +00:00
#+END_HTML
2023-10-20 11:29:42 +00:00
Backend-focused and UX optimized minmal charts built for use with deployments based on Flux. Generally contains Helm charts for infrastructure and some related to security operations.
2023-10-29 08:43:04 +00:00
This is a Helm Chart repository that provides packages for [[https://helm.sh/][Helm]], the Kubernetes package manager. The builds are made available on GitHub Releases and on GitHub Pages.
2023-10-29 08:43:04 +00:00
Some charts have images made available somewhere else or by me, while others were in such a bad state that I chose to simplify them according to the key principle in here: opinionated and minimal. Opinionated means that they're adapted to [[https://fluxcd.io/][FluxCD]] and uses best practices such as [[https://external-secrets.io/latest/][external-secrets]].
2023-12-15 17:54:46 +00:00
As with everything Kubernetes this is a learning journey, so feel free to open an issue.
2023-12-15 17:54:46 +00:00
Below you'll find an overview of the charts and an intro to get you started.
2023-12-23 09:06:28 +00:00
*** 📖 Overview
2023-10-20 11:29:42 +00:00
⚠️ [[charts/conduit][Conduit]]: An efficient and self-contained Matrix server using an embedded RocksDB database. Currently I use Synapse instead.
2023-10-20 11:29:42 +00:00
🚧 [[charts/attic][Attic]]: Nix Binary Cache server that reduces the time to compile and distribute builds ([[https://discourse.nixos.org/t/introducing-attic-a-self-hostable-nix-binary-cache-server/24343][intro post]])
2023-10-20 11:29:42 +00:00
🟢 [[charts/][Dispatch]]: A incident management and coordination system developed by Netflix.
2023-10-20 11:29:42 +00:00
⚠️ [[charts/foundationdb][FoundationDB]] (=fdb-operator=): Distributed database with ACID transactions developed by Apple. This buils and deploys, but I don't actively use it at the moment.
2023-10-28 06:28:23 +00:00
⚠️ [[charts/hasura-engine][Hasura]]: Connects to databases and services to provide a realtime GraphQL API. I'm a little skeptical of their licensing model, but I have tested it and it deploys well. Currently I use Postgraphile instead for a dev project.
2023-10-28 06:28:23 +00:00
⚠️ [[charts/netbox][Netbox]]: Modeling and docs for IP address management (IPAM) and datacenter infrastructure management (DCIM). This deploys ok but has a few moving parts.
2023-10-20 11:29:42 +00:00
⚠️ [[charts/penpot][Penpot]]: Design and prototyping tool. For visual collaboration on visuals, prototypes, UX and more. Don't use atm.
*** Requirements
You may need to bring your own:
- S3 compatible object storage
- Block storage
- PostgreSQL, such as Cloudnative-PG
- Redis-compatible server, such as Dragonfly
All tests are run on the latest version of Kubernetes and Helm and no consideration is taken to vendor-specific implementations.
*** Principles
So what makes this repo different from others? It is KISS and Safe of course.
2023-12-25 19:27:36 +00:00
- Secrets and ingresses are defined external from the chart
- Expect that an ingress terminates external connection and TLS
- Object storage over block storage when possible
- Never rely on vendor-specific components
2023-12-25 19:27:36 +00:00
- Prefer open source
- No plaintext secrets - be sane
- Leave room for initContainers
- Use as few values as possible in values.yaml
- Use external databases and transports
- Configure for OIDC when possible
- The values file should be possible to read up on in minutes
- Only support the current major version of Kubernetes and application
- Enable service accounts
- Use semver for versioning
2023-12-25 19:27:36 +00:00
- Chart should install on a small scale with default values
- Charts are validated for structure, security and syntax before compilation
- Regardless of journey level everyone should be able to read or learn the chart
2023-12-25 19:27:36 +00:00
Some of these principles are implicit and means you'll have to deploy with e.g. kustomize to get going.
2023-12-25 19:27:36 +00:00
If you see a chart that does not comply with these principles, please open an issue.
2023-12-23 10:14:52 +00:00
*** 🧑‍💻 Usage
2023-10-20 11:29:42 +00:00
2023-12-23 10:08:23 +00:00
**** Exploration
2023-10-20 11:29:42 +00:00
You can explore this repo by using the following commands if you have the Kubernetes package manager installed:
2023-10-20 11:29:42 +00:00
#+BEGIN_SRC shell
2023-12-23 09:06:28 +00:00
# add the package source
helm repo add 252 https://charts.252.no
2023-12-23 10:47:36 +00:00
# or update the repo
helm repo update 252
2023-12-23 09:06:28 +00:00
# search for a specific chart
helm search repo dispatch
2023-12-23 09:06:28 +00:00
# or list all available charts
helm search repo 252 -l
2023-10-20 11:29:42 +00:00
2023-12-23 09:06:28 +00:00
# show configuration options
helm show values 252/dispatch
2023-10-20 11:42:46 +00:00
2023-12-23 09:06:28 +00:00
# install a chart
helm install dispatch helm-charts/charts/dispatch --namespace=toolbox
#+END_SRC
**** As-code with FluxCD
2023-12-15 17:54:46 +00:00
First take care to setup the chart:
2023-12-15 17:54:46 +00:00
#+BEGIN_SRC yaml
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: 252-charts
namespace: flux-system
spec:
interval: 15m
url: https://charts.252.no
#+END_SRC
2023-12-15 17:54:46 +00:00
2023-12-26 08:47:17 +00:00
A reference kustomization directory is shown in [[./kustomization-components][./kustomization-components]].
2023-12-15 17:54:46 +00:00
2023-12-23 10:14:52 +00:00
** 🤩 Licenses and Gratitude
2023-12-15 17:54:46 +00:00
Parts of the repo was inspired by [[https://gitlab.com/ananace/charts][ananace]] (some parts imported and rewritten).
2023-12-15 17:54:46 +00:00
The general license of this repo is DWTFYWTPB, but respect Apache v2 in some of the repos which were built on other's work. See the individual chart directory for details and these applies.