Helm: discovering Helm chart releases installed into Kubernetes cluster


Categories: DevOps, Kubernetes

If you are administering a Kubernetes cluster that you have inherited or perhaps not visited in a while, then you may need to reacquaint yourself with: which Helm charts are installed into what namespaces, if there are chart updates available, and then what values were used for chart installation.

Below are commands that can assist you in getting a better understanding of the Helm charts installed unto a Kubernetes cluster, and candidate upgrade paths.

Local Helm repositories

# shows local helm repo (~/.config/helm/repositories.yaml)
helm repo list

# fetch updates to charts locally
helm repo update

# manually shows local versions available for each repo (~/.cache/helm/repository)
repo_name=<repoName>
helm search repo -l $repo_name

# show all charts available from specific repo
helm search repo -l $repo_name | tail -n+2 | cut -f1 | uniq

# shows local versions available for specific chart, descending order
full_chart_name=<repoName>/<chartName>
helm search repo -l $repo_name | grep "^$full_chart_name" | awk -F'\t' '{print $2 $1}' | sort -nr

Chart releases installed into Kubernetes

# show helm charts installed into Kubernetes cluster, all namespaces
helm list -A

# assign values from table output above
release_name=<releaseName-1stColumn>
release_ns=<releaseNS-2ndColumn>
chart_name_without_version=<chartName-6thColumnWithoutVersionSuffix>

# show values used for latest release
helm get values $release_name -n $release_ns

# get current status and latest revision number
helm status $release_name -n $release_ns

# get full revision history
helm history $release_name -n $release_ns

# get values for specific revision
revision=1
helm get values $release_name -n $release_ns --revision=$revision

# extract release metadata from secret for specific revision (helm3)
kubectl get secret sh.helm.release.v1.$release_name.v$revision -n $release_ns -o json | jq .data.release | tr -d '"' | base64 -d | base64 -d | gzip -d | jq -r '.chart.metadata'

Upgrade release to newer chart

To upgrade a release in Kubernetes cluster to a newer version of the chart, use the commands below.

# show local repo list
helm repo list
# fetch updates to charts locally to fetch newer candidate versions
helm repo update

# pick repo and chart for upgrade
repo_name=<repoName> 
helm search repo -l $repo_name | tail -n+2 | cut -f1 | uniq
full_chart_name=<repoName>/<chartName-without-version>

# show chart metadata
helm show chart $full_chart_name

# pick the release of our chart
# currently installed chart version is suffixed on CHART column
helm list -A
release_name=<releaseName-1stColumn>
release_ns=<releaseNamespace-2ndColumn>

# pick the new version
helm search repo -l $repo_name | grep "^$full_chart_name" | awk -F'\t' '{print $2 $1}' | sort -nr
new_version=<version>

# upgrade charts, using same values as original release
helm upgrade $release_name $full_chart_name --version $new_version --reuse-values -n $release_ns

# new release version will be reflected as suffix of CHART column, REVISION also incremented
helm list -n $release_ns
helm history $release_name -n $release_ns

# if rollback required
helm rollback -n $release_ns $release_name
helm history $release_name -n $release_ns

Helm diff plugin

In the section above we upgraded a release, but if we wanted to check exactly what would change beforehand, then the Helm ‘diff‘ plugin could assist.

# install plugin
helm plugin install https://github.com/databus23/helm-diff

# check diff on potential upgrade
helm diff $release_name $full_chart_name --version $new_version --reuse-values -n $release_ns

# use grep to show abbreviated report of diff
helm diff upgrade --normalize-manifests $release_name $full_chart_name --version $new_version --reuse-values -n $release_ns 2>/dev/null | grep -E "^\+|has been added:$|has changed:$"

# check diff on potential rollback
helm history $release_name -n $release_ns
old_revision=<whichRevision>
helm diff rollback  -n $release_ns $release_name $old_revision
# use grep for abbreviated report
helm diff rollback -n $release_ns $release_name $old_revision | grep -E "^\+|has been added:$|has changed:$"

Find local repo that contains Release

If you need to determine which local Helm repo your currently installed releases are sourced from, use my script helm_show_repo_for_releases.sh

# download script
wget https://raw.githubusercontent.com/fabianlee/blogcode/master/helm/helm_show_repo_for_releases.sh
chmod +x helm_show_repo_for_releases.sh

# for each installed Release, shows which local repo has chart
./helm_show_repo_for_releases.sh

Provenance is not guaranteed for the script above.

 

REFERENCES

shellhacks.com, upgrade helm chart with same values

helm.sh, helm upgrade reference

helm diff plugin

helm diff plugin install

helm ‘search repo’ is local (not remote call like ‘helm search hub’)

stackoverflow, locations of local Helm repo and cache

github issue, request to add repo source to chart, has command for decoding helm secret

dbafromthecold.com, decode helm secret

github issue, ‘helm dependency list’ meant for local charts that are pulled down, not remote

lzone.de, helm cheat sheet

stackoverflow, explanation of where helm3 versus helm2 store revision information in cluster (secret vs configmap)

 

NOTES

show structured version of installed charts and versions

# notice chart version is suffixed to 'chart'
sudo snap install
yq helm list -A -o=yaml | yq '.[] | [{"ns": .namespace, "name": .name, "chart": .chart}]'