Charts: [stable/*] Helm 3 backwards-compatibility for community charts

Created on 19 Nov 2019  路  11Comments  路  Source: helm/charts

Helm 3.0.0 has been released, with a 6 mo bug / 1 yr security deprecation timeline for helm v2.

This repo is intended for charts apiVersion v1 (not v2 charts), because of the helm/charts deprecation timeilne. This git repo - the source for Helm 2 stable and incubator repos - has a similar deprecation timeline as helm (follow details here: https://github.com/helm/charts/issues/16720).

However, since Helm v3 is the default version of helm now, the stable/incubator apiVersion v1 charts should run with Helm 3 as well as Helm 2.

CRDs

We'll need to support both crd-install helm hook for helm 2, as well as crds directory for helm 3 (https://helm.sh/docs/topics/charts/#custom-resource-definitions-crds). A quick grep for crd- turned up these charts. Let's look closer and refine this.

  • [x] incubator/cassandra-operator (https://github.com/helm/charts/pull/19207)
  • [x] incubator/spark-operator (https://github.com/helm/charts/pull/19236)
  • [x] stable/ambassador (https://github.com/helm/charts/pull/19225)
  • [x] stable/contour (https://github.com/helm/charts/pull/19287)
  • [x] stable/etcd-operator (https://github.com/helm/charts/pull/19209)
  • [x] stable/jaeger-operator (https://github.com/helm/charts/pull/19212 https://github.com/helm/charts/pull/19402)
  • [x] stable/prometheus-operator (https://github.com/helm/charts/pull/18721)
  • [x] stable/velero (https://github.com/helm/charts/pull/19042)

Note https://github.com/helm/charts/pull/18721 uses a neat glob trick I'd like to see the other charts emulate 馃憤

Namespace creation

~Quick grep for kind: Namespace. Please comment to help revise (mitigate/add to) this list and I'll keep it updated~ redacted several. See comments below:

  • [x] stable/magic-namespace (https://github.com/helm/charts/pull/19643)

Horizontal Pod Autoscaler requires condition

Helm 3's 3-way strategic merge strategy is a huge improvement, and is the correct way to go. However it uncovered that one use case for the incorrect behavior in Helm 2 actually had a nice outcome: HPA-scaled replicas were untouched on helm upgrade, whereas Helm 3 now sets the replicas back to the values/template-defined number of replicas.

The problem was found by @naseemkullah and discussed with Helm maintainers in https://github.com/helm/helm/issues/7090. The solution is:

All charts that offer an HPA, need to add a condition in the HPA managed deployment to omit the replica count of the deployment when rendering the deployment template, if the HPA is enabled.

Quick grep for kind: HorizontalPodAutoscaler. Please comment to help revise (mitigate/add to) this list and I'll keep it updated:

  • [x] incubator/haproxy-ingress (https://github.com/helm/charts/pull/19196)
  • [x] stable/ambassador (https://github.com/helm/charts/pull/19204)
  • [x] stable/cloudserver (https://github.com/helm/charts/pull/19203)
  • [x] stable/contour (https://github.com/helm/charts/pull/19202)
  • [x] stable/fluentd (https://github.com/helm/charts/pull/19195)
  • [x] stable/neo4j (https://github.com/helm/charts/pull/19200)
  • [x] stable/nginx-ingress (https://github.com/helm/charts/pull/19189)
  • [x] stable/spark (https://github.com/helm/charts/pull/19199)
  • [x] stable/traefik (https://github.com/helm/charts/pull/19198)
picture scottrigby
🚀7

All 11 comments

The chart maintainers for stable/concourse have moved development to their own repo and chart repository: https://github.com/helm/charts/issues/18781

taylorsilva picture taylorsilva on 22 Nov 2019
👍1

@scottrigby what is the namespace issue?

daixiang0 picture daixiang0 on 28 Nov 2019

@scottrigby RE stable/kiam, the reference to kind: Namespace was in NOTES.txt, not in any actual templates.
Also, that chart has now been deprecated in this repo and moved to https://github.com/uswitch/kiam/tree/master/helm/kiam.
Thanks.

ewbankkit picture ewbankkit on 29 Nov 2019
👍1

@taylorsilva thanks, removed stable/concourse from the list :+1:

@ewbankkit Thanks, removed stable/kiam from the list :+1:

@daixiang0 Thanks for the question. There isn't a specific issue with charts creating namespaces to accomplish application-speciifc goals. I grepped/listed these initially because namespace creation has changed in Helm 3 and I wanted to review charts that created their own. I removed the two above, and checked stable/drone (which seems fine). The only remaining chart in that list is stable/magic-namespace, which appears to be very Helm 2/Tiller-specific, so am unclear how we could update that chart for Helm 3.

We really need to look over these individually and more closely after the holidays 馃槃

scottrigby picture scottrigby on 1 Dec 2019
👍1

Removed stable/ark as it's deprecated (thanks @davidkarlsen for checking - I didn't have time when I initially grepped for the potential problem charts 馃槄 )

scottrigby picture scottrigby on 1 Dec 2019

19212 resolved this issue for stable/jaeger-operator

kimxogus picture kimxogus on 5 Dec 2019

@scottrigby is there any action for those deprecated charts? Mark as deprecated?

For stable/magic-namespace, do not think it need to work in helm3 since it slove helm2 tiller issue indeed.

daixiang0 picture daixiang0 on 6 Dec 2019

@kimxogus re stable/jaeger-operator thanks and yes looks like an issue from that PR was fixed in #19402 馃憤

scottrigby picture scottrigby on 13 Dec 2019

@daixiang0 there is not an action for this yet. I have reached out to @krancour about stable/magic-namespace, and would like to give them time to reply before deprecating.

scottrigby picture scottrigby on 13 Dec 2019

@scottrigby I responded to you in slack, but I'm putting my response here for the public record as well:

the main point behind magic namespace was to make the tiller-per-namespace pattern easy to implement, to in turn make namespace-per-team easy to implement securely. since tiller is gone now in v3 (and took its vulnerabilities with it), i see this chart as being helm 2 specific and feel it should be deprecated on the same schedule as helm 2 itself, as it will then have outlived its usefulness.

krancour picture krancour on 13 Dec 2019
👍1

All of the Helm 3 issues with community charts identified so far have been resolved. If more issue categories, or individual chart issues, are identified please ping us on Slack and we'll re-open this. Closing for now. Thanks everyone 馃挴 馃帀

scottrigby picture scottrigby on 10 Jan 2020
🎉1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

richardalberto picture richardalberto  路  3Comments
out-of-band picture out-of-band  路  3Comments
paskal picture paskal  路  3Comments
kminehart picture kminehart  路  3Comments
tklovett picture tklovett  路  3Comments