Streamlining Kubernetes EKS Deployments

Kubernetes EKS Helm charts

Kubernetes has emerged as the de facto standard for container orchestration. Amazon Elastic Kubernetes Service (EKS) further simplifies Kubernetes adoption by providing a managed Kubernetes environment on AWS, relieving you of the burden of managing infrastructure. But to truly harness the power of Kubernetes and EKS, you need a tool that streamlines application deployment, configuration, and management. Enter Helm, the package manager for Kubernetes.

Helm, with its powerful templating engine and chart-based approach, revolutionizes how you deploy and manage applications on Kubernetes. Helm charts encapsulate your application’s entire configuration, including Kubernetes resources like Deployments, Services, and Ingresses, as well as customizable values. This makes it easy to version your applications, share them across teams and environments, and manage complex deployments with a single command.

We’ll explore the world of Kubernetes EKS and Helm charts, exploring how they work together to simplify and accelerate your application deployment process. We’ll cover everything from crafting your own Helm charts and defining services to leveraging advanced load balancing with ALB Ingress and fine-tuning traffic routing with Ingress configurations. We’ll also dive into Helm’s deployment process, scaling capabilities, and troubleshooting tips, providing you with the knowledge and tools you need to build robust, scalable, and highly available applications on Kubernetes EKS.

Kubernetes EKS & Helm Charts

When it comes to deploying containerized applications on AWS, Amazon Elastic Kubernetes Service (EKS) and Helm charts are your dynamic duo. EKS takes the hassle out of managing Kubernetes infrastructure, while Helm streamlines application deployment, upgrades, and sharing.

Why Helm Charts Are a Game-Changer

Helm charts are like blueprints for your Kubernetes applications. They neatly package all the necessary Kubernetes resources (deployments, services, ingresses) along with customizable configuration values. This makes it a breeze to:

  • Version your applications: Easily roll back if needed.
  • Share your applications: Publish your charts for others to use.
  • Simplify complex deployments: Manage multiple resources with a single command.

Example: Deploying NGINX with Helm

Imagine you want to deploy a simple NGINX web server. With Helm, it’s as easy as:

  1. helm create my-nginx: Creates a basic chart structure.
  2. Customize templates: Define your NGINX deployment in templates/deployment.yaml.
  3. Set values: Configure replicas, image version, etc. in values.yaml.
  4. helm install my-nginx my-nginx: Helm does the rest!

EKS and Helm: A Match Made in Cloud Heaven

Amazon EKS provides a managed Kubernetes control plane, so you can skip the infrastructure headaches. EKS integrates seamlessly with Helm, letting you deploy your charts directly to your EKS clusters. It’s a powerful combination that simplifies your workflow and lets you focus on what really matters: building great applications.

Pro Tips for EKS and Helm Success

  • Embrace Helm charts: Use them for all your Kubernetes deployments.
  • Secure your charts: Store them in a private repository.
  • Leverage EKS add-ons: Use VPC CNI and CoreDNS for networking and DNS.
  • Monitor your deployments: Track health and performance with logging and monitoring tools.

EKS and Helm are a winning combination for Kubernetes on AWS. Helm charts make your deployments more efficient, scalable, and reliable, while EKS takes care of the underlying infrastructure. This leaves you free to focus on developing your applications and delivering value to your users.

Crafting Your Helm Chart

Helm charts are the secret sauce that makes Kubernetes deployments with EKS so smooth. But what exactly goes into crafting one of these powerful blueprints? Let’s break it down.

Anatomy of a Helm Chart

A Helm chart is essentially a collection of files that describe a related set of Kubernetes resources. Think of it like a recipe for your application. Here’s what you’ll typically find inside:

  • Chart.yaml: The metadata file containing the chart’s name, version, description, and dependencies.
  • values.yaml: The default configuration values for your chart. You can easily override these when deploying.
  • templates/: This directory houses the templated YAML manifests for your Kubernetes objects (deployments, services, ingresses, etc.). Helm uses these templates to generate the actual manifests that get deployed to your cluster.

Creating Your First Chart

The easiest way to get started is with the helm create command:

Bash

helm create my-chart

This will generate a basic chart structure with some sample templates. You’ll then customize these templates and values to match your specific application.

Templating: The Power of Flexibility

Helm templates use the Go templating language to dynamically generate Kubernetes manifests based on your values. This allows you to:

  • Parameterize your deployments: Easily change configurations without modifying the templates themselves.
  • Use conditional logic: Create templates that adapt to different environments or scenarios.
  • Reuse templates: Create reusable building blocks for common Kubernetes patterns.

Helm Best Practices

  • Start simple: Begin with a basic chart and gradually add complexity as needed.
  • Use meaningful names: Choose clear and descriptive names for your templates and values.
  • Validate your charts: Use the helm lint command to check for errors and warnings.
  • Test your deployments: Always test your charts in a non-production environment before deploying to production.

Crafting a Helm chart might seem daunting at first, but it’s a skill that pays off immensely. By mastering Helm charts, you unlock the full potential of Kubernetes and EKS, making your deployments more efficient, scalable, and maintainable. Remember, a well-crafted Helm chart is your blueprint for Kubernetes success.

Defining Your Service

A Service is the key to making your application accessible within your cluster and potentially to the outside world. It acts as an internal load balancer, distributing traffic across a set of pods that are running your application. When you define a Service, you give it a stable IP address and DNS name, making it easy for other components to communicate with your application even if the underlying pods change.

Types of Kubernetes Services

Kubernetes offers several types of Services, each designed for different use cases:

  • ClusterIP: This is the default type. It exposes the Service on an internal IP address within the cluster. This is useful when you want your application to be accessible only within the cluster itself.
  • NodePort: This type exposes the Service on each Node’s IP at a static port (the NodePort). You can access the Service from outside the cluster by requesting <NodeIP>:<NodePort>.   1. www.kubecost.com www.kubecost.com
  • LoadBalancer: This type exposes the Service externally using a cloud provider’s load balancer. On AWS, this will provision an Elastic Load Balancer (ELB).
  • ExternalName: This type maps the Service to the contents of the externalName field (e.g., a DNS name).

Which Type Should You Choose?

The type of Service you choose depends on how you want to expose your application:

  • Internal Access Only: If your application needs to be accessible only within the cluster, use ClusterIP.
  • Simple External Access: If you need basic external access and don’t require advanced load balancing features, use NodePort.
  • Advanced Load Balancing: If you need advanced load balancing capabilities like SSL termination or sticky sessions, use LoadBalancer.
  • Mapping to External Names: If you want to map your Service to an external DNS name, use ExternalName.

Defining a Service in Your Helm Chart

To define a Service in your Helm chart, create a service.yaml file in the templates directory of your chart. Here’s a simple example:

YAML

apiVersion: v1
kind: Service
metadata:
  name: {{ .Release.Name }}-service
spec:
  type: {{ .Values.service.type }}
  selector:
    app: {{ .Release.Name }}
  ports:
    - protocol:    1.  github.com github.com TCP
      port: 80
      targetPort: 80

In this example:

  • {{ .Release.Name }} is a template variable that will be replaced with the name of your Helm release.
  • {{ .Values.service.type }} allows you to configure the type of Service from your values.yaml file.
  • selector defines which pods the Service should route traffic to.
  • ports specifies the port mappings between the Service and the pods.

Defining Services is a crucial part of deploying your applications on Kubernetes. By carefully choosing the right type of Service and configuring it correctly in your Helm chart, you can ensure that your application is accessible and scalable, meeting the needs of your users.

ALB Ingress for Load Balancing

The Application Load Balancer (ALB) Ingress Controller is your trusty gatekeeper, managing external traffic and ensuring your applications are highly available and scalable. Let’s delve into how ALBs and Ingress work together to create a seamless user experience.

The Role of the ALB Ingress Controller

The ALB Ingress Controller is a Kubernetes controller that allows you to use an AWS Application Load Balancer (ALB) to route external traffic to your applications running in your EKS cluster. It watches for Ingress resources in your cluster and automatically provisions and configures the ALB accordingly.

What is an Ingress Resource?

An Ingress is a Kubernetes object that defines rules for routing external HTTP and HTTPS traffic to Services within your cluster. It acts like a traffic cop, directing incoming requests to the appropriate Service based on the request’s host and path.

How ALB Ingress Works

  1. Ingress Creation: You create an Ingress resource in your cluster, specifying the rules for routing traffic.
  2. Controller Detection: The ALB Ingress Controller detects the new Ingress resource.
  3. ALB Provisioning: The controller automatically provisions an ALB in your AWS account.
  4. Listener Configuration: The controller configures listeners on the ALB to handle incoming traffic on the ports specified in your Ingress.
  5. Target Group Creation: The controller creates target groups for the Services referenced in your Ingress.
  6. Rule Configuration: The controller configures rules on the ALB to route traffic to the appropriate target group based on the host and path of the request.
  7. Health Checks: The controller configures health checks on the ALB to ensure that traffic is routed only to healthy pods.

Advantages of ALB Ingress

  • Advanced Load Balancing: ALBs offer features like path-based routing, weighted routing, and sticky sessions.
  • SSL Termination: ALBs can terminate SSL connections, offloading the encryption burden from your application pods.
  • Integration with AWS Services: ALBs integrate seamlessly with other AWS services like Route 53, AWS Certificate Manager, and AWS WAF.
  • High Availability and Scalability: ALBs are designed to be highly available and can automatically scale to handle increased traffic.

Defining an ALB Ingress in Your Helm Chart

To define an ALB Ingress in your Helm chart, create an ingress.yaml file in the templates directory. Here’s a simple example:

YAML

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: {{ .Release.Name }}-ingress
  annotations:
    kubernetes.io/ingress.class:    1.  github.com github.com alb
spec:
  rules:
    - http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: {{ .Release.Name }}-service
                port:
                  number: 80

In this example:

  • kubernetes.io/ingress.class: alb indicates that this Ingress should be handled by the ALB Ingress Controller.
  • rules define the routing rules for the Ingress.
  • backend specifies the Service to which traffic should be routed.

ALB Ingress is a powerful tool for managing external traffic to your applications running in EKS. By defining Ingress resources in your Helm charts, you can easily configure ALB load balancing, SSL termination, and other advanced features, ensuring that your applications are highly available, scalable, and secure.

Ingress Configuration

Ingress configuration is where the magic happens – it’s how you define the rules that govern how external traffic flows to your services within your Kubernetes cluster. Let’s explore the key components of Ingress configuration and how you can leverage them to optimize traffic management for your applications.

Ingress Rules: Your Traffic Control Center

Ingress rules are the heart of Ingress configuration. Each rule consists of:

  • Host: The hostname or IP address that the Ingress should match. You can use wildcards (*) to match multiple hosts.
  • Paths: A list of paths that the Ingress should match. Each path can have an associated backend service.
  • Backend Service: The Kubernetes Service to which traffic should be routed when the host and path match a rule.

Ingress Annotations: Extending Functionality

Ingress annotations allow you to add extra features and functionality to your Ingress resources. These annotations are specific to the Ingress Controller you are using. Here are some common annotations used with the ALB Ingress Controller:

  • alb.ingress.kubernetes.io/scheme: Specifies whether the ALB should be internet-facing or internal.
  • alb.ingress.kubernetes.io/target-type: Specifies whether the ALB should route traffic to the instance (NodePort) or the pod’s IP address directly (IP mode).
  • alb.ingress.kubernetes.io/healthcheck-path: Specifies the path to use for health checks on the target group.
  • alb.ingress.kubernetes.io/listen-ports: Configures the ports on which the ALB should listen.

Example Ingress Configuration with ALB Annotations:

YAML

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: myapp-ingress
  annotations:
    kubernetes.io/ingress.class:alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type:    1.  discuss.hashicorp.com discuss.hashicorp.com ip
spec:
  rules:
    - host:    1.  a6k.me a6k.me myapp.example.com
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: myapp-service
                port:
                  number: 80

Ingress Configuration Best Practices

  • Use Multiple Ingress Resources: If you have multiple applications, create separate Ingress resources for each to keep your configuration organized.
  • Leverage Annotations: Use annotations to configure advanced features specific to your Ingress Controller.
  • Validate Your Configuration: Use tools like kubectl describe ingress to validate your Ingress configuration and ensure it’s working as expected.

Ingress configuration is the key to controlling how external traffic reaches your Kubernetes services. By mastering Ingress rules and annotations, you can create sophisticated routing policies, optimize load balancing, and ensure that your applications are highly available and responsive to your users’ needs.

Chart Deployment

Once you’ve meticulously crafted your Helm chart, defining your application’s architecture and configurations, it’s time for the grand finale: deployment. This is where your application takes its first breath in the Kubernetes environment, ready to serve its purpose.

The Helm Deployment Process

Helm simplifies the deployment process into a few straightforward steps:

  1. Chart Preparation: Ensure your Helm chart is well-structured and validated using helm lint. Package your chart into a .tgz archive if necessary.
  2. Repository Configuration (Optional): If your chart is stored in a remote repository (e.g., ChartMuseum, Artifactory), add the repository to your Helm client using helm repo add.
  3. Deployment Command: Use the helm install command to deploy your chart to your Kubernetes cluster. Specify a release name, the chart name or path, and any desired configuration overrides.

Example Deployment Command:

Bash

helm install my-app ./my-chart --set image.tag=v1.0.0

In this example:

  • my-app is the release name.
  • ./my-chart is the path to the chart directory.
  • --set image.tag=v1.0.0 overrides the default image tag in the chart’s values.yaml.

Deployment Options and Strategies

Helm offers various options and strategies to customize your deployment process:

  • Namespace: Specify the namespace where you want to deploy your application.
  • Values Overrides: Use --set or --values flags to override default values in the chart.
  • Dry Run: Use --dry-run to simulate the deployment without actually creating resources.
  • Wait: Use --wait to wait for all resources to be ready before completing the deployment.
  • Upgrade: Use helm upgrade to update an existing release with a new chart version or configuration.
  • Rollback: Use helm rollback to revert a release to a previous revision.

Monitoring and Verification

After deploying your chart, use kubectl commands to monitor the status of your application’s pods, services, and other resources. Verify that everything is running as expected and that your application is accessible.

Troubleshooting Tips

  • Check Logs: Examine the logs of your pods for any errors or warnings.
  • Describe Resources: Use kubectl describe to get detailed information about your pods, services, and other resources.
  • Helm Status: Use helm status to check the status of your Helm release and view the rendered manifests.
  • Helm History: Use helm history to view the revision history of your release and identify any changes that might have caused issues.

Deploying your Helm chart is the culmination of your Kubernetes development efforts. By following best practices and utilizing Helm’s powerful deployment features, you can bring your application to life smoothly and efficiently. Remember to monitor and verify your deployment to ensure everything is running smoothly, and be prepared to troubleshoot any issues that may arise.

Scaling with Helm

Scalability is the cornerstone of cloud-native applications, allowing them to adapt to fluctuating demands and ensure optimal performance. With Helm, scaling your Kubernetes deployments on EKS becomes a breeze, enabling you to efficiently manage resources and maintain responsiveness even under heavy loads.

Horizontal Pod Autoscaling (HPA): Your Automatic Scaling Engine

Horizontal Pod Autoscaling (HPA) is the Kubernetes mechanism that automatically scales the number of pods in a deployment, replica set, or stateful set based on observed metrics like CPU utilization or custom metrics. Helm makes it easy to integrate HPA into your deployments.

Defining HPA in Your Helm Chart

To define HPA in your Helm chart, create an hpa.yaml file in the templates directory. Here’s an example:

YAML

apiVersion: autoscaling/v2beta2
kind: HorizontalPodAutoscaler
metadata:
  name: {{ .Release.Name }}-hpa
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: {{ .Release.Name    1.  medium.com medium.com }}-deployment
  minReplicas: {{ .Values.autoscaling.minReplicas }}
  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
  metrics:    1.  github.com github.com
    - type: Resource
      resource:
        name: cpu
        target:
          type: Utilization
          averageUtilization:    1.  github.com  MIT github.com 80

In this example:

  • scaleTargetRef specifies the deployment that HPA should manage.
  • minReplicas and maxReplicas define the minimum and maximum number of replicas.
  • metrics define the metrics that HPA should use to trigger scaling (in this case, CPU utilization).

Scaling Beyond Pods: Cluster Autoscaler

While HPA scales the number of pods, sometimes you need to scale the underlying infrastructure as well. This is where the Cluster Autoscaler comes in. It automatically adjusts the size of your EKS cluster based on pending pods that cannot be scheduled due to resource constraints.

Best Practices for Scaling with Helm

  • Start with HPA: For most applications, HPA is the simplest and most effective way to scale.
  • Monitor Your Metrics: Keep a close eye on the metrics that trigger scaling and adjust them as needed.
  • Use Resource Limits: Set resource limits for your pods to prevent them from consuming excessive resources and impacting other workloads.
  • Consider the Cluster Autoscaler: If you expect significant fluctuations in demand, consider using the Cluster Autoscaler to scale your cluster automatically.

Scaling with Helm is a powerful way to ensure your applications can handle any load. By combining HPA, resource limits, and potentially the Cluster Autoscaler, you can create a highly scalable and resilient Kubernetes environment on EKS.


Kubernetes EKS, when coupled with the power of Helm charts, transforms application deployment into a streamlined and scalable process. By crafting well-structured Helm charts, defining your services effectively, leveraging ALB Ingress for advanced load balancing, and fine-tuning Ingress configurations, you unlock the full potential of Kubernetes on AWS. Helm’s chart deployment mechanism simplifies the process of bringing your applications to life, while its scaling capabilities ensure that your applications can effortlessly adapt to evolving demands. By mastering these tools and techniques, you empower your organization to build robust, resilient, and highly available applications that thrive in the dynamic Kubernetes ecosystem. So, embrace the power of EKS and Helm, and elevate your Kubernetes deployments to new heights.


Discover more from DevOps Oasis

Subscribe to get the latest posts sent to your email.

Share