Introduction

In the realm of Kubernetes, developers often find themselves creating container images using Docker, managing configurations, and orchestrating deployments. Despite the robust capabilities of these tools, the application deployment process can still be quite daunting.

Helm has established itself as a prominent packaging tool that simplifies Kubernetes deployments; however, it has its drawbacks. The absence of a dry-run feature, sophisticated error management, and other functionalities makes it challenging to foresee deployment outcomes. Consequently, teams may face unexpected problems, only realizing potential failures when it’s already too late.

A Brief Overview of Helm's Journey

Helm originated from Deis Labs, which was subsequently acquired by Microsoft. Some of the team members from Deis Labs have transitioned to other innovative projects, including work with WebAssembly. So, who is currently steering the Helm project?

Initially launched in 2015, Helm was handed over to the CNCF in 2018 and achieved graduation by 2020.

The Good, the Bad, and the Ugly

Many developers, myself included, share a complex relationship with Helm. While it offers a straightforward solution for simple scenarios, crafting Helm charts can become intricate. Despite its advantages, Helm has its limitations and recognized issues. Statistics from its GitHub repository indicate a slowdown in development, with minimal significant features added as the cloud-native ecosystem continues to progress.

The Demand for an Alternative to Helm

Given these challenges, the Kubernetes community stands to gain from a viable, backward-compatible alternative to Helm. Such a tool could effectively address Helm’s weaknesses while offering improved functionality. Thankfully, an exciting option is emerging.

Introducing Werf

Werf is a project within the CNCF sandbox aimed at refining and enhancing the continuous integration and continuous deployment (CI/CD) pipeline for Kubernetes. It seamlessly integrates with existing CI systems and utilizes familiar technologies such as Git, Docker, Helm, and Buildah.

Nelm: The Helm Reimagined

Nelm, a component of the Werf project, is emerging as a promising substitute for Helm. It is a fully backward-compatible reimplementation of Helm, designed to enhance robustness and feature offerings.

Currently, Nelm is integrated within Werf and isn’t available as a standalone tool, but plans are in place to release a standalone CLI in the future for users who may not require the complete suite of Werf's features.

Top Features of Nelm

1. Server-Side Apply (SSA): Unlike Helm’s three-way merge, Nelm utilizes SSA for updating Kubernetes resources, ensuring enhanced consistency and stability.
2. Advanced Resource Status Tracking: Nelm offers live status updates, logs, and resource events, along with automatic rollback capabilities if deployment issues arise.
3. Enhanced Chart Management: While supporting Helm charts, Nelm improves the management and deployment processes.

Integrating Werf (and Nelm) into an Existing Project

To demonstrate the advancements, we will implement Werf (and Nelm) within an existing project: the source for my homepage.

Since Werf requires Helm, we'll start by creating a Helm chart, which can be easily accomplished using helmify.

> Helmify reads a list of supported Kubernetes objects from stdin or files and converts it into a Helm chart.

Executing helmify -f k8s/docs-manifest.yaml .helm generates the necessary directory structure:

Building with Werf

The build process in Werf resembles image caching, exporting each layer to a designated OCI registry.

? werf build --repo piotrzan/dcaguide

This command will store the build stage into the specified repository.

Real-Time Deployment Insights

One of Werf’s standout features is its real-time deployment progress tracking. Unlike Helm, which often leaves users uncertain about deployment statuses, Werf provides live updates on the operations within your Kubernetes cluster. The werf converge command delivers detailed feedback, including logs from active containers and resource events.

Additional Features

While we have only scratched the surface of improvements over Helm, numerous other enhancements are present:

• Improved Error Management: Deployments are retried once prior to failure, mitigating the effects of temporary glitches. Enhanced error detection actively monitors resource statuses and halts deployments early when issues are detected.
• Resource Deployment Order: The werf.io/weight annotation allows for specific sequential or parallel resource deployments, providing greater flexibility than Helm hooks or init containers.
• Server-Side Apply and Dry-Run Mode: Server-side apply has been part of Kubernetes core for several releases, enabling more reliable updates and avoiding the pitfalls associated with Helm’s three-way merge. The werf plan command previews proposed changes before implementation, akin to terraform plan.
• Deployment Consistency and Security: Deployments will cease early if any issues are detected, reducing the likelihood of failures. Secrets can be encrypted and decrypted within Helm charts, enhancing security.
• External Resource Management: Users can wait for external resources, like dynamically created secrets, ensuring all dependencies are ready before proceeding with deployments.
• Enhanced CRD Support: Custom Resource Definitions (CRDs) in the crd directory are updated during upgrades, ensuring they remain current and improving management and versioning.

Interactive Learning Opportunities

For those interested in exploring Werf, there is a fantastic interactive scenario available on Killercoda, provided by KTH Royal Institute of Technology as part of a DevOps course. Check it out!

Similar Projects & Ecosystem

Recently, I wrote about kluctl, which shares a similar focus but approaches the topic from a different angle.

Final Thoughts

Looking ahead, Nelm presents exciting possibilities for the Kubernetes community. Its compatibility with existing Dockerfile-based applications and Helm charts facilitates smooth transitions and adoption of new technologies. Nelm not only preserves backward compatibility with Helm but also introduces significant enhancements that can streamline Kubernetes deployment management.

I am eager to test Nelm as a standalone binary and API client to evaluate its impact on current Helm-based deployments.

The ongoing development and adoption of Nelm will be crucial, as it has the potential to either stimulate Helm's evolution or replace it altogether.

Have you experimented with the workflow of Werf and Nelm in your projects? What have your experiences been?

Thank you for taking the time to read this article. I hope you found it engaging and informative.

• Connect with me on LinkedIn
• Visit my Website
• Subscribe to my YouTube Channel