ohMyHelm Beispiele¶
Praktische Beispiele für häufige Anwendungsfälle mit ohMyHelm.
Webapplikation mit Ingress¶
Node-RED als Beispiel-Webapplikation mit Ingress und TLS:
# Chart.yaml
apiVersion: v2
name: nodered-app
version: 1.0.0
dependencies:
- name: ohmyhelm
alias: nodered
repository: https://gitlab.com/ayedocloudsolutions/ohmyhelm
version: 1.13.0
# values.yaml
nodered:
chart:
enabled: true
fullnameOverride: "nodered"
container:
image: nodered/node-red:latest
ports:
- name: http
containerPort: 1880
protocol: TCP
service:
type: ClusterIP
ports:
- port: 80
targetPort: http
name: http
ingressSimple:
enabled: true
host: nodered.example.com
path: /
tlsSecretName: nodered-tls
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
Datenbank mit StatefulSet¶
PostgreSQL mit persistentem Storage:
# Chart.yaml
apiVersion: v2
name: database
version: 1.0.0
dependencies:
- name: ohmyhelm
alias: postgres
repository: https://gitlab.com/ayedocloudsolutions/ohmyhelm
version: 1.13.0
# values.yaml
postgres:
secrets:
- name: postgres-credentials
namespace: default
values:
POSTGRES_USER: "admin"
POSTGRES_PASSWORD: "" # Auto-generiert
chart:
enabled: true
statefulset: true
fullnameOverride: "postgres"
container:
image: postgres:14-alpine
ports:
- name: postgres
containerPort: 5432
protocol: TCP
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: postgres-credentials
key: POSTGRES_USER
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-credentials
key: POSTGRES_PASSWORD
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
statefulsetVolume:
volumeMounts:
- name: data
mountPath: /var/lib/postgresql/data
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi
service:
type: ClusterIP
ports:
- port: 5432
targetPort: postgres
name: postgres
resources:
limits:
cpu: 2000m
memory: 2Gi
requests:
cpu: 500m
memory: 512Mi
Microservice mit Job für Migrationen¶
Backend-Service mit Pre-Install Datenbank-Migration:
# Chart.yaml
apiVersion: v2
name: backend-service
version: 1.0.0
dependencies:
- name: ohmyhelm
alias: backend
repository: https://gitlab.com/ayedocloudsolutions/ohmyhelm
version: 1.13.0
# values.yaml
backend:
secrets:
- name: app-secrets
namespace: default
values:
DB_HOST: "postgres.default.svc.cluster.local"
DB_USER: "app"
DB_PASS: ""
chart:
enabled: true
fullnameOverride: "backend"
# Migration Job
job:
enabled: true
name: backend-migration
annotations:
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-weight": "0"
"helm.sh/hook-delete-policy": before-hook-creation
command:
- npm
args:
- run
- migrate
env:
- name: DB_HOST
valueFrom:
secretKeyRef:
name: app-secrets
key: DB_HOST
- name: DB_USER
valueFrom:
secretKeyRef:
name: app-secrets
key: DB_USER
- name: DB_PASS
valueFrom:
secretKeyRef:
name: app-secrets
key: DB_PASS
removejob:
enabled: true
ttlSecondsAfterFinished: 300
# Haupt-Container
container:
image: myregistry.com/backend:latest
ports:
- name: http
containerPort: 3000
env:
- name: DB_HOST
valueFrom:
secretKeyRef:
name: app-secrets
key: DB_HOST
- name: DB_USER
valueFrom:
secretKeyRef:
name: app-secrets
key: DB_USER
- name: DB_PASS
valueFrom:
secretKeyRef:
name: app-secrets
key: DB_PASS
livenessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 30
readinessProbe:
httpGet:
path: /ready
port: http
initialDelaySeconds: 10
service:
type: ClusterIP
ports:
- port: 80
targetPort: http
autoscaling:
enabled: true
minReplicas: 2
maxReplicas: 10
targetCPUUtilizationPercentage: 80
resources:
limits:
cpu: 1000m
memory: 1Gi
requests:
cpu: 100m
memory: 256Mi
Multi-Container Pod mit Sidecar¶
Applikation mit Logging-Sidecar:
apiVersion: v2
name: app-with-sidecar
version: 1.0.0
dependencies:
- name: ohmyhelm
alias: app
repository: https://gitlab.com/ayedocloudsolutions/ohmyhelm
version: 1.13.0
# values.yaml
app:
chart:
enabled: true
fullnameOverride: "myapp"
container:
image: myapp:latest
ports:
- name: http
containerPort: 8080
sidecar:
enabled: true
image: fluent/fluent-bit:latest
command:
- /fluent-bit/bin/fluent-bit
args:
- -c
- /fluent-bit/etc/fluent-bit.conf
configs:
- name: fluent-bit-config
values:
fluent-bit.conf: |
[SERVICE]
Flush 5
Daemon Off
Log_Level info
[INPUT]
Name tail
Path /var/log/app/*.log
Tag app
[OUTPUT]
Name es
Match *
Host elasticsearch.logging.svc
Port 9200
deploymentVolume:
volumeMounts:
- name: logs
mountPath: /var/log/app
- name: fluent-config
mountPath: /fluent-bit/etc
volumes:
- name: logs
emptyDir: {}
- name: fluent-config
configMap:
name: fluent-bit-config
Helper: Namespaces und Secrets vorbereiten¶
Nur Helper-Funktionen ohne Chart:
# Chart.yaml
apiVersion: v2
name: infrastructure-setup
version: 1.0.0
dependencies:
- name: ohmyhelm
alias: infra
repository: https://gitlab.com/ayedocloudsolutions/ohmyhelm
version: 1.13.0
# values.yaml
infra:
# Kein chart.enabled - nur Helper
namespaces:
setPreInstallHook: true
spaces:
- name: development
- name: staging
- name: production
- name: monitoring
imageCredentials:
- name: docker-registry
namespace: development
registry: https://registry.example.com
username: "ci-user"
accessToken: "token123"
- name: docker-registry
namespace: staging
registry: https://registry.example.com
username: "ci-user"
accessToken: "token123"
- name: docker-registry
namespace: production
registry: https://registry.example.com
username: "ci-user"
accessToken: "token123"
secrets:
- name: common-secrets
namespace: development
values:
API_URL: "https://api.dev.example.com"
API_KEY: ""
- name: common-secrets
namespace: staging
values:
API_URL: "https://api.staging.example.com"
API_KEY: ""
- name: common-secrets
namespace: production
values:
API_URL: "https://api.example.com"
API_KEY: ""
Multi-App Deployment¶
Mehrere Apps in einem Chart:
# Chart.yaml
apiVersion: v2
name: full-stack-app
version: 1.0.0
dependencies:
- name: ohmyhelm
alias: frontend
repository: https://gitlab.com/ayedocloudsolutions/ohmyhelm
version: 1.13.0
- name: ohmyhelm
alias: backend
repository: https://gitlab.com/ayedocloudsolutions/ohmyhelm
version: 1.13.0
- name: ohmyhelm
alias: database
repository: https://gitlab.com/ayedocloudsolutions/ohmyhelm
version: 1.13.0
# values.yaml
frontend:
chart:
enabled: true
fullnameOverride: "frontend"
container:
image: nginx:alpine
ports:
- name: http
containerPort: 80
service:
type: ClusterIP
ports:
- port: 80
targetPort: http
ingressSimple:
enabled: true
host: app.example.com
path: /
backend:
chart:
enabled: true
fullnameOverride: "backend"
container:
image: node:18-alpine
command: ["node"]
args: ["server.js"]
ports:
- name: http
containerPort: 3000
service:
type: ClusterIP
ports:
- port: 80
targetPort: http
database:
chart:
enabled: true
statefulset: true
fullnameOverride: "database"
container:
image: postgres:14-alpine
ports:
- name: postgres
containerPort: 5432
env:
- name: POSTGRES_PASSWORD
value: "changeme"
statefulsetVolume:
volumeMounts:
- name: data
mountPath: /var/lib/postgresql/data
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
Prometheus Monitoring¶
App mit ServiceMonitor für Prometheus Operator:
myapp:
chart:
enabled: true
fullnameOverride: "myapp"
container:
image: myapp:latest
ports:
- name: http
containerPort: 8080
- name: metrics
containerPort: 9090
service:
type: ClusterIP
ports:
- port: 80
targetPort: http
name: http
- port: 9090
targetPort: metrics
name: metrics
monitoring:
- enabled: true
name: myapp-metrics
namespace: monitoring
release: prometheus
endpoints:
- port: metrics
interval: 30s
path: /metrics
scheme: http
podAnnotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9090"
prometheus.io/path: "/metrics"
Weitere Beispiele¶
Im ohMyHelm Repository finden Sie weitere Beispiele:
- ArgoCD Job Integration
- Docker-in-Docker Deployment
- ConfigMap-Management
- TLS Secret-Konfiguration
- Custom Commands und Args
Repository: https://gitlab.com/ayedocloudsolutions/ohmyhelm/tree/master/examples