☁️ Cloud IoT Helm Chart

Idea and extension of cloud-iot-microservices-deployment.

📜 Table of Contents

Overview
Prerequisites
Installation
Configuration
Running Tests
- Viewing Test Results
Uninstallation
Values
Secrets
- Injecting Secrets Securely
- Example Deployment Command with Secure Secrets
Testing Your Chart
References

📑 Overview

This Helm chart deploys a set of microservices for a Cloud IoT platform. It includes services like goApi, loki, and grafana, along with their corresponding configuration, deployment, and service resources.

This Helm chart is an extension of the Cloud IoT microservices deployment found in the cloud-iot-microservices-deployment repository. It builds on the Kubernetes manifests provided in the kubernetes directory of that project, offering a more streamlined, configurable, and reusable solution for deploying the platform's services.

Main Chart and Dependencies

The cloud-iot-chart serves as the main Helm chart for deploying the Cloud IoT platform. It manages the deployment of multiple dependencies, which include:

Application: Manages the core microservices and applications required for the platform.
Database: Handles the deployment of database services such as PostgreSQL and Redis.
Monitoring: Deploys monitoring tools like Prometheus and Grafana.

These dependencies are configured in the Chart.yaml file as follows:

apiVersion: v2
name: cloud-iot-chart
description: A Helm chart for the Cloud IoT project
version: 0.1.0
dependencies:
  - name: application
    version: 0.1.0
    repository: file://charts/applications
  - name: monitoring
    version: 0.1.0
    repository: file://charts/monitoring
  - name: database
    version: 0.1.0
    repository: file://charts/database
    condition: database.enabled

Database Dependency and Deployment

The deployment of the database dependency is conditional, controlled by the database.enabled flag in the values.yaml file. If enabled, the database services (e.g., PostgreSQL, Redis) will be deployed alongside the application services.

Important Note:

The applcation deployment can have database dependency (env.TEST_PROPUSE=true on configmap). So the database.enabled flag must set to true, it's essential to deploy both the application and the database services together to avoid any runtime issues. Ensure that the dependent applications are also deployed to utilize the database services appropriately.

To deploy the chart with the database enabled, use the following command:

helm upgrade --install cloud-iot . \
  --set database.enabled=true

📋 Prerequisites

Kubernetes cluster (v1.14 or later)
Helm v3.0 or later
kubectl CLI configured to communicate with your cluster

🚀 Installation

Install all Helm chart project:

helm install cloud-iot .

Install the specific Helm chart with the following command:

helm install cloud-iot ./charts/applications

Or, to upgrade an existing release:

helm upgrade --install cloud-iot ./charts/applications

You can pass in custom values using the --set flag or by specifying additional values files with -f.

For example:

helm upgrade --install cloud-iot ./charts/applications \
  --set secrets.postgres.user=$POSTGRES_USER \
  --set secrets.postgres.password=$POSTGRES_PASSWORD \
  --set secrets.postgres.database=$POSTGRES_DB

Environment-Specific Installation

For deploying in different environments like dev, staging, or prod, you should organize your values files within the environments/ directory as follows:

helm upgrade --install cloud-iot ./charts/applications -f environments/dev/values.yaml

This allows you to maintain environment-specific configurations separately, ensuring cleaner and more manageable deployments.

⚙️ Configuration

🌐 Global Settings

Key	Description	Default
`global.imagePullPolicy`	Image pull policy for all containers	`IfNotPresent`
`global.labels.project`	Project label applied to all resources	`cloud-iot`
`global.labels.version`	Version label applied to all resources	`1.0.0`

Note: Environment-specific values are stored in separate files under the environments/ directory. This structure allows you to maintain configurations for dev, staging, and prod environments separately, ensuring that sensitive or environment-specific configurations do not overlap.

📦 Deployments

This section allows you to configure the deployments of various services within the platform.

Key	Description	Default
`deployments.defaultReplicas`	Default number of replicas for all deployments	`1`
`deployments.imagePullPolicy`	Image pull policy for all deployments	`IfNotPresent`
`deployments.goApi.enabled`	Enable the `goApi` service	`true`
`deployments.goApi.replicas`	Number of replicas for `goApi`	`1`
`deployments.goApi.resources`	Resource requests and limits for `goApi`	`{}`
`deployments.goSimulator.enabled`	Enable the `goSimulator` service	`true`
`deployments.goSimulator.replicas`	Number of replicas for `goSimulator`	`1`
`deployments.goSimulator.resources`	Resource requests and limits for `goSimulator`	`{}`
`deployments.iotK8sOperator.enabled`	Enable the `iotK8sOperator` service	`false`
`deployments.iotK8sOperator.resources`	Resource requests and limits for `iotK8sOperator`	`{}`

⚙️ Services

This section allows you to configure Kubernetes services for the deployed applications.

Key	Description	Default
`services.goApi.enabled`	Enable the `goApi` service	`true`
`services.goApi.name`	Name of the `goApi` service	`go-api-service`
`services.goApi.type`	Type of the `goApi` service (e.g., ClusterIP, NodePort)	`ClusterIP`
`services.goApi.port`	Port for the `goApi` service	`80`
`services.loki.enabled`	Enable the `loki` service	`true`
`services.loki.name`	Name of the `loki` service	`loki-service`
`services.loki.type`	Type of the `loki` service	`ClusterIP`
`services.loki.port`	Port for the `loki` service	`3100`
`services.loki.targetPort`	Target port for the `loki` service	`3100`
`services.grafana.enabled`	Enable the `grafana` service	`false`
`services.grafana.name`	Name of the `grafana` service	`grafana-service`
`services.grafana.type`	Type of the `grafana` service	`ClusterIP`
`services.grafana.port`	Port for the `grafana` service	`3000`

🗺️ Ingress

This section allows you to configure ingress resources for the deployed services.

Key	Description	Default
`ingress.enabled`	Enable Ingress	`true`
`ingress.className`	Ingress class name	`nginx`
`ingress.annotations`	Annotations for the ingress	`{}`
`ingress.hosts`	List of ingress host configurations	`[]`

💾 Databases

This section allows you to configure database-related settings.

Key	Description	Default
`databases.enabled`	Enable database-related deployments	`false`
`databases.postgres.enabled`	Enable the PostgreSQL deployment	`true`
`databases.postgres.image`	Image for the PostgreSQL deployment	`mamarbao/postgres:2.0`
`databases.postgres.replicas`	Number of replicas for the PostgreSQL deployment	`1`
`databases.postgres.configMap.DB_HOST`	Hostname for the PostgreSQL service	`postgres-service`
`databases.postgres.configMap.DB_PORT`	Port number for the PostgreSQL service	`"5432"`
`databases.postgres.configMap.DB_TIMEZONE`	Timezone for the PostgreSQL deployment	`"Europe/Madrid"`
`databases.redis.enabled`	Enable the Redis deployment	`true`
`databases.redis.image`	Image for the Redis deployment	`redis`
`databases.redis.replicas`	Number of replicas for the Redis deployment	`1`
`databases.redis.configMap.REDIS_HOST`	Hostname for the Redis service	`redis-service`
`databases.redis.configMap.REDIS_PORT`	Port number for the Redis service	`"6379"`

🌐 Global Configuration Databse

This section covers global settings that are checked and used across different parts of the chart, particularly in the label generation logic.

Key	Description	Default
`global.labels.project`	Project label to be applied to all resources	Not set (optional)
`global.labels.version`	Version label to be applied to all resources	Not set (required if `project` is set)

🔑 Service Account

This section allows you to configure service account settings.

Key	Description	Default
`serviceAccount.create`

Create a service account for the deployment | false |

📓 ConfigMaps

This section allows you to configure ConfigMaps used by the deployed services.

Key	Description	Default
`configmaps.goApi.enabled`	Enable the ConfigMap for `goApi`	`true`
`configmaps.goApi.data`	Key-value pairs for the `goApi` ConfigMap	`{}`
`configmaps.fluentBit.enabled`	Enable the ConfigMap for `fluentBit`	`true`
`configmaps.goSimulator.enabled`	Enable the ConfigMap for `goSimulator`	`false`
`configmaps.goSimulator.data`	Key-value pairs for the `goSimulator` ConfigMap	`{}`
`configmaps.fluentBitSimulator.enabled`	Enable the ConfigMap for `fluentBitSimulator`	`true`

🧪 Running Tests

The chart includes a set of test connection Pods that are automatically created for each enabled service to verify connectivity.

To manually trigger the tests after deployment, use the following command:

helm test cloud-iot

This command will run the tests for all services that are enabled in the values.yaml file.

🔎 Viewing Test Results

You can check the status of the test Pods using:

kubectl get pods -l "helm.sh/hook=test"

To view the logs of a specific test Pod:

kubectl logs <test-pod-name>

🗑️ Uninstallation

To uninstall the Helm chart, use the following command:

helm uninstall cloud-iot

This command will remove all Kubernetes resources associated with the Helm release.

📄 Full Values Table

Here is a comprehensive table of all possible values and their descriptions.

(Include the detailed values table as previously)

🔒 Secrets

🔐 Injecting Secrets Securely

CI/CD Environment Variables: You can set environment variables in your CI/CD system and inject them during deployment using --set or by passing a separate secret values file.
Values File Encryption: Consider using Helm plugins like Helm Secrets to encrypt your values files, providing an additional layer of security for sensitive data.

🔐 Example Deployment Command with Secure Secrets

helm upgrade --install cloud-iot ./charts/applications \
  --values environments/prod/values.yaml \
  --set secrets.postgres.user=$POSTGRES_USER \
  --set secrets.postgres.password=$POSTGRES_PASSWORD \
  --set secrets.postgres.database=$POSTGRES_DB

🔬 Testing Your Chart

📃 Linting the Chart

Helm provides a built-in linting tool to check your chart for common issues:

helm lint ./charts/applications

📜 Template Rendering

You can render your Helm templates locally to see what the final Kubernetes YAML manifests will look like:

helm template cloud-iot ./charts/applications
helm template charts/database --debug
# Spec. Env
helm template cloud-iot --values environments/dev/values.yaml

⏳ Dry Run

Perform a dry run to simulate an installation:

helm install cloud-iot ./charts/applications --values environments/dev/values.yaml --dry-run --debug

📋 Validate Kubernetes Manifests

After rendering the templates with helm template or helm install --dry-run, you can pipe the output to kubectl to validate the resulting Kubernetes manifests:

helm template cloud-iot ./charts/applications --values environments/dev/values.yaml | kubectl apply --dry-run=client -f -

🔗 Verify Dependencies

Ensure that your chart's dependencies are up to date:

helm dependency update ./charts/applications

✅ Check YAML Syntax

Use tools like yamllint to ensure that your YAML files are properly formatted:

yamllint ./charts/applications

✔️ Unit Testing

Consider using tools like helm-unittest to write unit tests for your Helm charts.

manujose94 / cloud-iot-helm-chart Goto Github PK