-
-
Notifications
You must be signed in to change notification settings - Fork 257
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WIP: To provide a gist of moving the deployment to kustomize. #108
Conversation
Thank you! However, I don't think this is taking a good direction, because:
Additionally, this PR appears to be an output of What would make sense (in my head) instead would be a guide of how to use these helm templates together with kustomize, so for example (again please be aware that I have limited knowledge of kustomize):
|
I am from helm background and used it for close to 4 years for managing k8 workloads. Things are changing now, the base of helm is a templating engine, i.e. for any structural changes you want to introduce, you are introducing changes in your helm chart. An init-container, you need to rollout new template etc...
Rollback isn't something which we can skip, but as per our observation there are tools which are better suited for this purpose. Spinnaker, flux etc... . The important part is more on the release with confidence, with simple strategies of canary/Red black release, we are more focus of rolling out the correct release. By the way kustomize support a versioning of base on top of git tag/commit/branch. So a rollback with kustomize is to provide the version with base and revert it manually in your own ovveride kustomization.
This can work, but it would be something like maintaining my own chart. For every new release you do, I have to kind of update from upstream and validate my fork. |
This is exactly the point in using helm for a package like this! The scope of this chart is very limited - it uses and introduces only features supported by each project. We do not use helm as a way to orchestrate our istio deployment - we use helm to distribute our open source stack in the most consumable way. That is what helm is for! If we need an init container, we will add one (as we did with auto-migrate). There wont be other init containers because they are not in the scope of this package!
Not if this process is automated, which could also be part of the documentation around this process. I'd also be happy to offer a versioned, base kustomize template in this repo if its generation is fully automated and its scope is more than just rendered output of helm with its base config.
sounds to me like you need to have a git repo anyways :) I think I can say that we wont switch to Kustomize because even though your arguments come from experience in dealing with helm / kustomize, I fear that helm is the closest "all-in-one" solution that most people use at the moment for packaged upstream depemdencies. Deprecating our helm charts is something where the community would run haywire as several (probably more) prod deployments depend on this. Again, I think adding support for more toolchains is good, but in this case I want to keep the system as is and add another tool in the mix, preferably fully automated so we don't have a lot of maintenance work. |
Related issue
#107
Proposed changes
Start of migrating from helm to kustomize.
Checklist
vulnerability, I confirm that I got green light (please contact security@ory.sh) from the maintainers to push the changes.