The network is too slow for download helm.

[willzhang]

why helm is at https://get.helm.sh? in china ,it's hard to download，The network is too slow。

[root@kmaster ~]# curl -LO https://get.helm.sh/helm-${version}-linux-amd64.tar.gz
 % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  5 11.5M    5  623k    0     0    982      0  3:25:04  0:10:50  3:14:14     0

and i can't get the latest version of helm from github

[root@localhost harbor]# curl -s https://api.github.com/repos/helm/helm/releases/latest | grep browser_download_url
      "browser_download_url": "https://github.com/helm/helm/releases/download/v3.0.0/helm-v3.0.0-darwin-amd64.tar.gz.asc"
      "browser_download_url": "https://github.com/helm/helm/releases/download/v3.0.0/helm-v3.0.0-darwin-amd64.tar.gz.sha256.asc"
      "browser_download_url": "https://github.com/helm/helm/releases/download/v3.0.0/helm-v3.0.0-linux-386.tar.gz.asc"
      "browser_download_url": "https://github.com/helm/helm/releases/download/v3.0.0/helm-v3.0.0-linux-386.tar.gz.sha256.asc"
      "browser_download_url": "https://github.com/helm/helm/releases/download/v3.0.0/helm-v3.0.0-linux-amd64.tar.gz.asc"
      "browser_download_url": "https://github.com/helm/helm/releases/download/v3.0.0/helm-v3.0.0-linux-amd64.tar.gz.sha256.asc"
      "browser_download_url": "https://github.com/helm/helm/releases/download/v3.0.0/helm-v3.0.0-linux-arm.tar.gz.asc"
      "browser_download_url": "https://github.com/helm/helm/releases/download/v3.0.0/helm-v3.0.0-linux-arm.tar.gz.sha256.asc"
      "browser_download_url": "https://github.com/helm/helm/releases/download/v3.0.0/helm-v3.0.0-linux-arm64.tar.gz.asc"
      "browser_download_url": "https://github.com/helm/helm/releases/download/v3.0.0/helm-v3.0.0-linux-arm64.tar.gz.sha256.asc"
      "browser_download_url": "https://github.com/helm/helm/releases/download/v3.0.0/helm-v3.0.0-linux-ppc64le.tar.gz.asc"
      "browser_download_url": "https://github.com/helm/helm/releases/download/v3.0.0/helm-v3.0.0-linux-ppc64le.tar.gz.sha256.asc"
      "browser_download_url": "https://github.com/helm/helm/releases/download/v3.0.0/helm-v3.0.0-linux-s390x.tar.gz.asc"
      "browser_download_url": "https://github.com/helm/helm/releases/download/v3.0.0/helm-v3.0.0-linux-s390x.tar.gz.sha256.asc"
      "browser_download_url": "https://github.com/helm/helm/releases/download/v3.0.0/helm-v3.0.0-windows-amd64.zip.asc"
      "browser_download_url": "https://github.com/helm/helm/releases/download/v3.0.0/helm-v3.0.0-windows-amd64.zip.sha256.asc"

can you put it at github,then i can awlays use a automatic command download the latest version and put it in my local network.

[bacongobbler]

Thanks for your feedback!

A bit of background context on the move to get.helm.sh can be found here: https://helm.sh/blog/get-helm-sh/

Our previous infrastructure was hosted on Google Cloud Storage, which is completely blocked in China.

One of the main goals with the migration was availability in China. Azure CDN can serve content to China users with point-of-presence (POP) locations near China. I believe the POP originates from Singapore, if I'm not mistaken.

If there's a large enough demand, we can consider hosting them from Azure CDN China which has POPs inside China.

[elonzh]

I think the download speed in China is totally unbearable. Most people in China are using some mirrors like https://mirror.azure.cn/kubernetes/helm/, but those mirrors are often outdated and unsafe.

I am sure there's a large enough demand but those people with a poor network condition may not know how to share their voice.

I'm thanksful the helm community had done something for China users.

But to be honest, something happened is not something worked. The problem is not resolved for now.

[willzhang]

I find the mirror of china ， it's huawei! so greate!

version=v3.1.2
#从华为开源镜像站下载
curl -LO https://repo.huaweicloud.com/helm/${version}/helm-${version}-linux-amd64.tar.gz
tar -zxvf helm-${version}-linux-amd64.tar.gz
mv linux-amd64/helm /usr/local/bin/helm
``

[tim-ebner]

Had the same issue that the download speed is to slow using https://get.helm.sh in China and often the download just collapses.
Using the Huawai mirror works great, but we would prefer having an official China mirror recommended by Helm.

[bacongobbler]

The problem is that most CDN services serve content globally except for China. To have an "official" CDN, we would need another CDN service specifically within China such as Azure CDN China:

https://docs.microsoft.com/en-us/azure/cdn/cdn-china-delivery

For the time being, I would recommend checking and verifying the PGP signatures of any release assets. That way you can ensure that the release assets have not been tampered with.

Every release's PGP signatures are attached to the official release page. You can fetch them from there, then you can verify the signature against the release tarball fetched from Huawei's mirror. If the verification succeeds, then you know it has not been tampered with.

For example:

https://github.com/helm/helm/releases/tag/v3.5.4

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

Hope that helps.

[bacongobbler]

I’ll pose the same question I asked in another ticket:

What CDN services are available within China? Which ones work best, and why?

[bacongobbler]

Re-opening for further discussion/visibility.

[sathieu]

Appart from the slowness of the download, the IP behind https://get.helm.sh (152.199.21.175) is also blacklisted by some corporate security tools.

More precisely, it was identified as a "Command and Control" server for ransomware attack using Emotet.

Can't you simply add github release assets and keep https://get.helm.sh in current CDN too?

[github-actions]

This issue has been marked as stale because it has been open for 90 days with no activity. This thread will be automatically closed in 30 days if no further activity occurs.