The Helm chart feature of Container Registry Enterprise Edition helps you effectively manage and distribute various Kubernetes resources. You can push and pull charts only after you install and configure Helm and configure a Container Registry Enterprise Edition instance.

Background information

Kubernetes provides a unified API, which allows you to define Kubernetes resources in YAML files. Kubernetes has various types of resources, such as deployments, StatefulSets, and ConfigMaps.

As the YAML-based software delivery system is continuously improved, the Cloud Native Computing Foundation (CNCF) community has developed charts and its implementation tool Helm to manage resources at a higher level.

  • A chart is a collection of files that describe a related set of Kubernetes resources. For example, a chart can be a collection of files that describe WordPress and MySQL resources or a collection of resource description files for an etcd cluster.
  • Helm is a command-line program used to manage charts and their releases.

Container Registry Enterprise Edition allows you to manage Helm charts of V2 and V3. The Helm chart feature helps you manage your cloud-native assets with ease. You can enable the charts component on the Overview page of your Container Registry Enterprise Edition instance. When the component is running, you can start to manage Helm chart repositories.

Turn on Charts

Install and configure Helm

  1. Download Helm of the required version from the official website.
    Note Make sure that the Helm version is V2 or V3. You can run the helm version -c command to check the version. The following command uses V2.14.2 as an example:
    # Decompress the downloaded package.
    tar -zxvf helm-v2.14.2-linux-amd64.tgz
    # Move the decompressed file to the specified directory.
    mv linux-amd64/helm /usr/local/bin/helm                    
  2. Install the Helm plug-in of Alibaba Cloud.
    Note Before you install the Helm plug-in, make sure that Git is installed.
    • If your server resides outside China or can access GitHub, run the following command to install the Helm plug-in.
      helm plugin install https://github.com/AliyunContainerService/helm-acr
    • If your server resides in China and runs the Linux operating system, run the following command to install the Helm plug-in:
      git clone https://github.com/AliyunContainerService/helm-acr.git
      sed -i 's/github.com/helm-acr-releases.oss-cn-hangzhou.aliyuncs.com/g' helm-acr/scripts/install_plugin.sh
      helm plugin install helm-acr
    • If your server resides in China and runs the Mac operating system, run the following command to install the Helm plug-in:
      git clone https://github.com/AliyunContainerService/helm-acr.git
      sed -i '' 's/github.com/helm-acr-releases.oss-cn-hangzhou.aliyuncs.com/g' helm-acr/scripts/install_plugin.sh
      helm plugin install helm-acr
  3. Initialize Helm.
    • If Helm is installed on a node of a Container Service for Kubernetes cluster, the tiller has been initialized by default. You only need to initialize the client. If you also do not want to avoid access Google charts, run the following command to initialize Helm:
      helm init --client-only --skip-refresh
    • If Helm is installed on a node of a self-managed Kubernetes cluster and you do not want to access Google charts, run the following command:
      helm init --skip-refresh

Configure a Container Registry Enterprise Edition instance

  1. Configure an access credential

    On the Access Credential page of the Container Registry Enterprise Edition instance, set a password or temporary token, and obtain the logon account by moving the pointer over the profile picture in the upper-right corner. The account and password or temporary token are used as the access credential used to access Helm charts.

    Obtain the access credential
  2. Configure access control policies.

    On the Access Control page of the Container Registry Enterprise Edition instance, you can enable access over the Internet or specified virtual private clouds (VPCs). This ensures that Helm charts can be uploaded and downloaded.

    Add a VPCEnable access over the Internet
  3. Create a chart repository.
    Create a chart repository named repository in the namespace named namespace, as shown in the following figure.Create a chart repository

    When Automatically Create Repository is selected for the namespace, you can use Helm to push charts to a chart repository without the need to create the chart repository in advance in the console.

    In Container Registry Enterprise Edition, you can access a chart repository in the following format: <Instance name>-chart.<Region ID>.cr.aliyuncs.com/<Namespace>/<Chart repository name>. The version of a chart repository is in the format of <Chart name>-<Version number>. You can use a VPC to access a chart repository in the format of <Instance name>-chart-vpc.<Region ID>.cr.aliyuncs.com/<Namespace>/<Chart repository name>.

  4. Configure on-premises repository mapping

    You must specify an on-premises repository and map it to a chart repository in a namespace in Container Registry.

    export HELM_REPO_USERNAME='<The account in the access credential of the Container Registry Enterprise Edition instance>';
    export HELM_REPO_PASSWORD='<The password in the access credential of the Container Registry Enterprise Edition instance>';
    helm repo add <On-premises repository name> acr://<Instance name>-chart. <Region ID>.cr.aliyuncs.com/<Namespace>/<Chart repository> --username ${HELM_REPO_USERNAME} --password ${HELM_REPO_PASSWORD}            
    Configure on-premises repository mapping

Push charts

# Create an on-premises chart.
helm create <Chart name>

# Push the chart directory.
helm push <Chart name> <On-premises repository name>

# Push the compressed chart package.
helm push <Chart name>-<Chart version>.tgz <On-premises repository name>            
Push charts

In the Container Registry console, a version is added to the chart repository, as shown in the following figure.

Version list

Pull charts

# Update the on-premises chart index from the chart repository in Container Registry.
helm repo update

# Pull a chart.
helm fetch <On-premises repository name>/<Chart name> --version <Chart version>

# Install a chart directly.
helm install -f values.yaml <On-premises repository name>/<Chart name> --version <Chart version>