Helm in Kubernetes - What It Is and Why You Need It
Hey, tech queens!
Today we’re talking about Helm — my go-to tool for working with Kubernetes. If you’ve ever suffered through manually crafting YAML files for every single service, you’re about to breathe a huge sigh of relief.
I used to drown in those manifests and think,
“Is it always going to be this painful?”
Nope. Because Helm exists.
🛠 Helm in Plain English
Imagine you buy a dresser from IKEA. Instead of guessing where each screw goes, you grab the instructions and have it assembled in 20 minutes - latte in hand.
Helm is that same kind of instruction manual - for Kubernetes.
Normally, deploying an app means creating a bunch of objects: Pods, Services, Ingresses, ConfigMaps — each with its own YAML file. It’s tedious.
Helm saves you:
- Bundles everything into one structure: a chart
- Spins up apps with a single command
- Simplifies upgrades, customization, and rollbacks
- Makes deployments predictable and repeatable
📦 What’s a Helm Chart (and Why It’s Not Scary)
The word “chart” might sound intimidating, but it’s really just a folder with organized files. No magic, just structure.
Think of it as your deployment organizer:
-
Chart.yaml— the chart’s business card: name, version, description -
values.yaml— default settings (ports, replicas, DB names, etc.) -
templates/— YAML blueprints Helm renders into actual Kubernetes objects -
_helpers.tpl— reusable functions to keep templates DRY -
charts/— dependencies like databases or message queues
💫 Why It’s Handy
A chart is like a capsule — it holds everything: instructions, configs, and dependencies.
Same chart, different environments:
-
Dev:
myblog-dev, 1 replica, test DB -
Prod:
myblog, 3 replicas, production DB
Just tweak values.yaml — no need to touch anything else.
It’s like one dress styled with different accessories.
🏃♀️ Why Helm Is My Must-Have
Reasons I love Helm:
- Scalability: no more 30+ YAML files
- Flexibility: same chart, different setups
-
Transparency: preview what’s actually going to be installed (
helm template) - Security: Helm 3 removed Tiller (and that’s a good thing)
-
Control: rollbacks are built-in (
helm rollbackis magic)
🔍 Helm 2 vs Helm 3 — Short & Sweet
Helm 2 relied on a separate component called Tiller, which had elevated cluster privileges — a big security headache.
Helm 3 fixed it:
- No Tiller
- Uses your existing
kubectlcredentials - Easier to install and great for CI/CD
👀 What’s Next? Helm v4 Is in the Works
Helm v4 is currently in planning (see HIP-0012) — with focus on a new API and architectural improvements.
No official release date yet — the devs meet weekly and are actively shaping the roadmap.
🚀 Installing Helm — Fast & Painless
You’ll Need:
- A Kubernetes cluster (Minikube, GKE, etc.)
-
kubectlinstalled
✅ Most Universal Way
curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
chmod 700 get_helm.sh
./get_helm.shAlways use the official script from GitHub. Trust but verify.
✅ Alternatives
macOS:
brew install helmHomebrew now provides the latest release — v3.18.0
Linux (Snap):
sudo snap install helm --classicSnap can sometimes lag behind — prefer the install script for CI.
Debian / Ubuntu (APT):
curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | \
sudo tee /usr/share/keyrings/helm.gpg > /dev/null
echo "deb [signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | \
sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
sudo apt-get update
sudo apt-get install helm🔍 Verify the Install
helm versionSample output:
version.BuildInfo{Version:"v3.18.0", GitCommit:"...", GoVersion:"go1.22.2", ...}As of May 20, 2025, this is the latest stable release.
v3.18.1 is expected on June 11, and v3.19.0 is coming in September.
🌈 First Helm Run — Let’s Go!
Install something fun — like Nginx:
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
helm install nginx bitnami/nginxCustomize settings:
helm install my-app ./my-chart \
--set image.tag=2.0.1 --set replicaCount=3Or use a YAML config:
helm install my-app ./my-chart -f values-prod.yamlSomething went wrong?
helm rollback my-app 1Uninstall it:
helm uninstall my-app🔐 Security & Best Practices
🔍 Always Inspect a Chart Before Installing
Think of it like trying on a dress before the party - just because it looks cute doesn’t mean it fits.
-
helm lint— checks the structure and versioning of the chart -
helm template— renders the final YAML (preview before install) -
helm test— runs built-in tests (if defined) -
helm diff— compares installed vs new version
Install the diff plugin:
helm plugin install https://github.com/databus23/helm-diff✍️ Sign and Verify Your Charts
- Use
helm package --signto digitally sign your charts - Run
helm verifyto confirm integrity - For advanced signing, try Cosign + the
helm-sigstoreplugin
📦 Store Charts Like Images (OCI FTW)
Helm now supports pushing/pulling from OCI registries:
helm push mychart.tgz oci://registry.example.com/charts
helm pull oci://registry.example.com/charts/mychart --version 1.2.3If you’re using older tools like ChartMuseum, clarify that separately.
⚠️ Mind Your Versions
- Watch for version skew between Helm and Kubernetes
- Don’t upgrade Helm right before a production deploy — stability first!
💬 Takeaway
Helm is my DevOps bestie. It brings:
- Organization
- Repeatable configuration
- And a lot less Kubernetes chaos
If you’re working with Kubernetes, get familiar with Helm.
It 100% deserves a spot in your toolkit.
Tools I Personally Trust
If you want to make your digital life a little calmer — here are two tools I use every day:
🛸 Proton VPN – A trusted VPN that secures your Wi-Fi, hides your IP, and blocks trackers. Even in that no-password café Wi-Fi, you’re safe.
🔑 Proton Pass – A password manager with on-device encryption. Passwords, logins, 2FA — always with you, and only for you.
These are partner links — you won’t pay a cent more, but you’ll be supporting DevOps.Pink. Thank you — it really means a lot 💖
Refill My Coffee Supplies
💖 PayPal
🏆 Patreon
💎 GitHub
🥤 BuyMeaCoffee
🍪 Ko-fi
Follow Me
🎬 YouTube
🐦 X / Twitter
🎨 Instagram
🐘 Mastodon
🧵 Threads
🎸 Facebook
🧊 Bluesky
🎥 TikTok
💻 LinkedIn
🐈 GitHub
Is this content AI-generated?
Absolutely not! Every article is written by me, driven by a genuine passion for Docker and backed by decades of experience in IT. I do use AI tools to polish grammar and enhance clarity, but the ideas, strategies, and technical insights are entirely my own. While this might occasionally trigger AI detection tools, rest assured—the knowledge and experience behind the content are 100% real and personal.
