Building services with Helm charts¶
Omnistrate supports deploying Helm Charts as part of your service topology. Helm is a package manager for Kubernetes that allows you to define, install, and manage Kubernetes applications. This gives you more control over the Kubernetes manifests that are deployed as part of your service topology. In addition, you can bring your existing Helm charts and deploy them on Omnistrate without any modifications.
As part of the deployment, Omnistrate takes care of the following:
- Deploying a VPC / Subnets in the chosen region and chosen account (customer's or yours)
- Deploying a Kubernetes cluster in the chosen region
- Deploying NLBs w/ Nginx Ingress Controllers
- Deploying a Kubernetes Dashboard for you to monitor your deployments
- Deploying a Route53 Hosted Zone for your workload endpoints that you can configure through Kubernetes Service annotations
- Deploying an IAM role / Google Service Account for your workload to invoke Cloud Provider APIs / Services like S3
- Deploying a Kubernetes Role / RoleBinding for your workload to manage Kubernetes resources within the namespace of the deployment
- Configuring ACME TLS certificates that are auto-rotated
- Deploying your Helm charts with any customer specific configurations
Omnistrate fully supports these deployments as long as they are in a remote artifactory accessible to your deployment Kubernetes environment.
Anatomy of a Helm Chart¶
Helm chart registration on Omnistrate requires the following:
- Chart Name: The name of the Helm chart.
- Chart Version: The version of the Helm chart.
- Chart Repository: The Helm chart repository URL.
- Chart Values: The values file for the Helm chart if you want to override the default values.
- Endpoint Configuration: The endpoint configuration for the Helm chart if you want to expose the service connectivity details to your customers.
Registering a Helm Chart¶
Helm charts are managed through a specification file that defines your overall service topology on Omnistrate. A complete description of the service plan specification can be found on Getting started / Service Plan Spec
Here is an example of a SaaS service that deploys Redis Clusters using a Helm chart.
name: Redis Server # Service Plan Name
deployment:
hostedDeployment:
AwsAccountId: "<AWS_ID>"
AwsBootstrapRoleAccountArn: arn:aws:iam::<AWS_ID>:role/omnistrate-bootstrap-role
services:
- name: Redis Cluster
network:
ports:
- 6379
endpointConfiguration:
cluster:
host: "$sys.network.externalClusterEndpoint"
ports:
- 6379
primary: true
networkingType: PUBLIC
admin:
host: admin-{{ $sys.network.internalClusterEndpoint }}
ports:
- 8888
primary: false
networkingType: PRIVATE
helmChartConfiguration:
runtimeConfiguration:
disableHooks: false
wait: true
waitForJobs: true
recreate: false
resetThenReuseValues: false
resetValues: true
reuseValues: false
skipCRDs: false
upgradeCRDs: true
timeoutNanos: 180000000000
chartName: redis
chartVersion: 19.6.2
chartRepoName: bitnami
chartRepoURL: https://charts.bitnami.com/bitnami
chartValues:
master:
persistence:
enabled: false
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 150m
memory: 256Mi
replica:
persistence:
enabled: false
replicaCount: 1
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 150m
memory: 256Mi
A quick breakdown of the above specification:
- name: Omnistrate allows you to define "plans" for your services that your customers subscribe to for different pricing / deployment models (e.g. "Basic", "Pro", "Enterprise"). This is the name of the service plan.
- deployment: This is the deployment configuration for the service. In this case, it is a hosted deployment on AWS which hosts all your customer's Redis clusters in the specified AWS account.
- services: This is the list of services that are part of the service plan. In this case, we have a single service called "Redis Cluster".
- network: This is the network configuration for the service. In this case, we are exposing port 6379 for the Redis Cluster. Omnistrate fully manages your infrastructure and this specification defines what firewall / security group rules to apply.
- helmChartConfiguration: This is the Helm chart configuration for the service. In this case, we are deploying the Redis Helm chart version 19.6.2 from the Bitnami Helm chart repository. We also override the default values for the Redis Helm chart to disable persistence and set resource limits for the master and replica pods.
- endpointConfiguration: This is the endpoint configuration for the service. In this case, we are exposing the Redis Cluster on a public endpoint and the admin interface on a private endpoint. These are parameters that are exposed to your customers to connect to the service. Depending on the configuration of the Kubernetes service / ingress in your Helm chart, you can expose these endpoints to your customers.
- runtimeConfiguration: This is the runtime configuration for the Helm chart. This is how Omnistrate manages the deployment of the Helm chart. With this, you can customize the runtime behavior of the Helm chart client. For more information, see: https://helm.sh/docs/helm/helm_install/#options
Info
You can use system parameters to customize Helm Chart values. A detailed list of system parameters be found on Build Guides / System Parameters.
And that's all it takes to setup:
- A self-service REST API for your customers to deploy Redis Clusters.
- A hosted deployment on AWS to host all your customer's Redis Clusters.
You can register this spec using our CLI:
omnistrate-ctl build -f spec.yaml --name 'RedisHelm' --release-as-preferred --spec-type ServicePlanSpec
# Example output shown below
✓ Successfully built service
Check the service plan result at: https://omnistrate.cloud/product-tier?serviceId=s-dEhutaDa2X&environmentId=se-92smpU2YAm
Access your SaaS offer at: https://saasportal.instance-w6vidhd14.hc-pelsk80ph.us-east-2.aws.f2e0a955bb84.cloud/service-plans?serviceId=s-dEhutaDa2X&environmentId=se-92smpU2YAm
Deploying a Redis Cluster through your dedicated Customer Portal¶
Once you have registered the Helm chart, you can deploy a Redis Cluster using the API / UI we generate for your customers. We also setup a Dev environment for you to test your deployment before going live. In the above output, you can see the URL to access the SaaS portal for your Dev environment where you can deploy Redis Clusters just like your customers would.
Sign-in using your existing Omnistrate credentials (if you signed up using SSO, you can go to your profile in your Omnistrate portal and set a new password).
You will be presented with a screen that defines the default plan you setup in the specification and a dashboard for you to manage your deployments.
Let's deploy a cluster in AWS in us-east-1.
Once the deployment is complete, you will see the status of the deployment in the dashboard.
Let's take a peek at our kubernetes cluster that was automatically setup by Omnistrate in the chosen region.
This gives you a quick overview of the process to design your Helm chart-based SaaS service on Omnistrate. For more customizations please see Helm Chart Customizations.